We, as malware analysts, are always in need of new samples to analyze in order to learn, train or develop new techniques and defenses. One of the most common questions I get is “Where to find malware to analyze?” so I’m sharing here my private collection of repositories, databases and lists which I use onadaily… Read More

A new form of cryptominer has been discovered which crashes systems the moment antivirus products attempt to remove the malware. The malware, dubbed WinstarNssmMiner by 360 Total Security researchers, has been used in half a million attempted attacks leveraged at PCs in only three days. On Wednesday, the cybersecurity firm said the cryptomining malware aims… Read More

Most antivirus scanners play a classic cat and mouse game: They work by checking software against a frequently updated list of potential threats. In response, a whole industry has built up to help occlude and conceal hacking tools. That includes services that automate the process of checking all sorts of tools, from malware to malicious… Read More

Oh, snap! Just because some packages are available to install directly from the Ubuntu Software Center doesn’t make them safe. This is proved by a recent discovery of malware in some snap packages from the Ubuntu Snaps Store. At least two of the snap packages, 2048buntu and Hextris, uploaded to the Ubuntu Snaps Store by… Read More

The researchers found evidence that the threat has been around since at least late 2014.TreasureHunt was firstdiscoveredby researchers at theSANS Institute who noticed the malware generating mutex names to evade detection. TreasureHunt enumerates the processes running on the infected systemsand implement memory scraping functions to extractcredit and debit card information. Stolen payment card data are… Read More

Shamoon, Black Energy, Destover, ExPetr/Not Petya and Olympic Destroyer: All of these wiper malwares, and others like them, have a singular purpose of destroying systems and/or data, usually causing great financial and reputational damage to victim companies. However, the threat actors behind this kind of code, whether they’re bent on sending a political message or… Read More

It is now proven that Electrum Pro steals wallet seeds on creation. Meaning that any coins stored in a wallet created with this tool are accessible to anyone with access to electrum(dot)com. If you mistakenly used this wallet, you should move your coins to a secure wallet as soon as possible. The proof given is… Read More