Archive for the Malware Category






Netgear Vulnerability Exploit Demonstration Video

Netgear Vulnerability Exploit Demonstration Video
Once you see this vulnerability in action, it's easy to imagine how easily devices can be exploited. Simple vulnerability hacks and tactics such as this can be used in coordination with home routers, smart speakers, video surveillance equipment, and much more to create havoc. If someone does take control of your router, they can easily infect or target other IoT (Internet of Things) devices on the same network. - Eric Watkins, Sr. Malicious Detection ResearcherRead more

Looking forward to the DEF CON 25 Hacking Conference

Looking forward to the DEF CON 25 Hacking Conference

Two large annual security conferences are taking place in Las Vegas this week and I will be attending the second one.

Read more

How to Use “Let’s Encrypt” to Protect Your IT Organization

How to Use “Let’s Encrypt” to Protect Your IT Organization

Security TechTrends | zvelo Series by Eric Watkins, Senior Malicious Detection Researcher at zvelo In today’s world of malware and ransomware created to steal credentials and lock end users out of their machines, it’s important that we safeguard our credentials and data-at-rest (stored on our machines) and in transit (passing over the network). One of the best ways to secure data-in-transit is by ensuring that the services we use are configured to enable the strongest […]

Read more

Top Four Tips to Mitigate Ransomware Attacks Like Petya

Top Four Tips to Mitigate Ransomware Attacks Like Petya

by Eric Watkins, Senior Malicious Detection Researcher at zvelo Ransomware and malware attacks are not going to go away anytime soon, rather they are becoming increasingly more common. Last month we wrote about the malware ransomware campaign, WannaCry and now we’ll discuss yesterday’s ransomware campaign Petya which exploits another one of the many vulnerabilities released as part of the NSA toolset. What is Petya? Petya is a ransomware campaign that has been updated to take […]

Read more

Full Path URL Categorization and Content Distribution Networks (CDNs)

Full Path URL Categorization and Content Distribution Networks (CDNs)

By Eric Watkins, Senior Malicious Detection Researcher at zvelo Earlier this  month, I came across a use case that capitalizes on the value of full path content categorization. Before discussing this use case in detail, let’s go over the definition of a content distribution network (CDN) and also highlight a few key strengths of full path URL categorization.   A content distribution network (CDN) is designed to optimize web usage by distributing the content from […]

Read more

Best Practices You Can Adopt to Help Protect Against Router Vulnerabilities

Best Practices You Can Adopt to Help Protect Against Router Vulnerabilities

About two months ago, I posted a video blog showing how easy it is to obtain unauthenticated root access on a very popular Netgear router. This Netgear vulnerability received overwhelming news coverage and the urgent call went out across the Internet to patch all of their routers ASAP. Users scrambled to get new firmware for their hardware before hackers could potentially exploit the weakness to break into their devices. As a reaction to this negative […]

Read more

IoT, Botnets and DDOS: Avoid Becoming Part of the Problem

IoT, Botnets and DDOS: Avoid Becoming Part of the Problem

IoT, Botnets and DDOS: Avoid Becoming Part of the Problem Recently, hackers successfully unleashed an absolutely massive Distributed Denial of Service (DDoS) attack that swiftly knocked some popular websites offline, including Twitter, Spotify, Amazon and even GitHub. DDoS attacks are of course nothing new, but the latest attack was unique. Primarily because of its scale, but also because it was carried out with a botnet utilizing Internet of Things (IoT) connected devices, as opposed to […]

Read more

Bot Fraud: Malware bots vs. Ad-fraud bots

Bot Fraud: Malware bots vs. Ad-fraud bots

Bot Fraud: Malware Bots vs. Ad-fraud Bots The size and magnitude of the Malware and Ad-fraud bot problem is immense and growing. And, as bots continue to proliferate, there’s important distinctions to point out between Malware bots and Ad-fraud bots.  At zvelo, we’re always looking for ways our data can detect and mitigate bad bots and equip the smart minds who are working on solutions to stay one step ahead of the bad guys. Let’s […]

Read more

Ad Fraud Q&A: Partner SpotX Talks Ad Fraud with zvelo

Ad Fraud Q&A: Partner SpotX Talks Ad Fraud with zvelo

Partner SpotX holds Q&A with zvelo Business Development Vice President, Cordell BaanHofman, on all things ad fraud related. SpotX recently sat down with Cordell BaanHofman, our VP Business Development here at zvelo to discuss the current state of fraud in the industry, including brand safety challenges and ways combat them. They were curious about how zvelo combines artificial intelligence with human-supervised machine learning methodologies to deliver the most extensive content categorization, malicious site detection, botnet […]

Read more

How Hackers Got Away with over $80 Million from Bangledesh Bank

Demonstrating the need for increased security against malware and malicious website, reports have emerged of a group of unknown hackers that broke into Bangladesh’s central bank. Once in, they obtained the credentials needed for payment transfers from Federal Reserve Bank of New York and then transferred large sums to fraudulent accounts based in the Philippines and Sri Lanka. Ultimately four requests to transfer a total of about $81 million to the Philippines had already gone […]

Read more

And Now There’s MaaS: “Malware as a Service!”

And Now There’s MaaS: “Malware as a Service!”

 And Now There’s MaaS: “Malware as a Service!” The cyber arms race just got crazier. You’ve heard of SaaS…DaaS… now there’s MaaS – “Malware as a Service.” This means cybercrooks are figuring out tricks to make the life of anti-virus heros much harder. The UK’s National Crime Agency recently announced the arrest of two people in England, a man and a woman, both 22 years old, on charges related to running a malware testing service. […]

Read more

IAB Report shows $8.2B a year being lost to online fraud and malware in the digital advertising industry.

IAB Report shows $8.2B a year being lost to online fraud and malware in the digital advertising industry.

IAB Report shows $8.2B a year being lost to online fraud and malware in the digital advertising industry. A new report* released  by the Interactive Advertising Bureau called, “What Is An Untrustworthy Supply Chain Costing the Digital Advertising Industry,” shows that $8.2 billion being lost to online fraud with the major problem areas being: malware – $1.1B, invalid traffic – $4.6B, and infringed content – $2.5B. According to IAB, fraudulent impressions, infringed content, and malvertising are […]

Read more

Obfuscated Mobile Malware Detection

I got my hands on a copy of a Northwestern University research paper titled “Evaluating Android Anti-malware against Transformation Attacks.” After digging into it, my zveloLABS colleagues and I decided to conduct an experiment of our own based on the information provided in the research paper.

Read more

IPv6 Malware Examples and Other Web Attacks

Malware authors are quickly exploiting the vulnerabilities of IPv6 as more and more websites support the new communications protocol. Nefarious IPv6 tools exist that can be used for malicious online activity, even if the tools are intended to facilitate communication between the IPv6 and IPv4 protocols. There is a common misconception that IPv6 is more secure than IPv4, which is not necessarily true. The threat of malware in IPv6 is real, regardless of native or tunneled implementations. zvelo pointed out some challenges in supporting IPv6 while upgrading its own infrastructure. As a follow up, here are some notable IPv6 malware examples that vendors should consider for their own web filtering, parental controls, anti-virus, network and other security software solutions.

Read more

Phishing Alert: Rejected Federal Tax Payment Scam

zveloLABS detected a suspicious-looking email purporting to come from the Electronic Federal Tax Payment System (EFTPS) of the U.S. Treasury Department. This email is fraudulent and claims that “Your Federal Tax Payment ID has been rejected.” The payment rejection is falsely attributed to the use of an invalid identification number. Here is an example of the actual phishing email (see image 01), followed by some observations that should raise red flags about its validity.

Read more

Malware Distribution Point Detection – a Case Study

The media consistently warns people that clicking on links within emails from unknown sources can be dangerous. What about links in seemingly harmless emails received from individuals of trust? More so, what if the URL of a said link points to a familiar website? In recent weeks, zveloLABS® has identified several websites that appear benign in nature at first glance, but after further analysis these sites have been categorized as malware distribution points. What made the following case study interesting is that none of the well-known Internet blacklists and malware analysis tools flagged these URLS as being malicious. The following analysis shows how these trusted control mechanisms were circumvented with nothing more than a guise and a fundamental understanding of how the Internet operates.

Read more

Hybrid Scam Abuses Social Media, e-Mail and SMS Text Messaging

It’s hard to imagine unsolicited spam getting any more annoying. One way would be to receive it from three different sources and at the same time, which is precisely the type of hybrid spam campaign zveloLABS™ recently unearthed. The scam abuses Facebook, e-mail and SMS text messaging simultaneously to bombard unsuspecting victims with various “offers.”

 

Read more

8 Easy Tips to Avoid Hackers & Scammers on Social Sites

The rapid growth and popularity of social networking sites like Facebook and Twitter has wrought a seismic and lasting change to the Internet. The Web has evolved from a source of static information to a proxy of real world interaction. These changes have evolved to make the virtual world of the Internet as dangerous as the real world in a number of ways.  A number of recent articles, studies and reports have been published regarding the safety, privacy and security of the Internet and the particular challenges posed by the dynamic, unmoderated world of social networking websites.

 

Read more

Red Button SEO Poisoning and Malware Campaign

zveloLABS™ have been tracking a new campaign by cybercrooks, compromising and creating websites for use in SEO poisoning and malware distribution. Thousands of these sites have been detected which use elaborate techniques to trick search engines and are ready to serve malware in an instant.

 

Read more

Introduction to Rogue Anti Virus

This post is for those users who are not already familiar with this widespread and common threat known as “Rogue AV,” or fake anti-virus software.

 

Read more