Top Four Tips to Mitigate Ransomware Attacks Like Petya

by Eric Watkins, Senior Malicious Detection Researcher at zvelo Ransomware and malware attacks are not going to go away anytime soon, rather they are becoming increasingly more common. Last month we wrote about the malware ransomware campaign, WannaCry and now we’ll discuss yesterday’s ransomware campaign Petya which exploits another one of the many vulnerabilities released…

IoT, Botnets and DDOS: Avoid Becoming Part of the Problem

IoT, Botnets and DDOS: Avoid Becoming Part of the Problem Recently, hackers successfully unleashed an absolutely massive Distributed Denial of Service (DDoS) attack that swiftly knocked some popular websites offline, including Twitter, Spotify, Amazon and even GitHub. DDoS attacks are of course nothing new, but the latest attack was unique. Primarily because of its scale,…

Phishing Alert: Rejected Federal Tax Payment Scam

zveloLABS detected a suspicious-looking email purporting to come from the Electronic Federal Tax Payment System (EFTPS) of the U.S. Treasury Department. This email is fraudulent and claims that “Your Federal Tax Payment ID has been rejected.” The payment rejection is falsely attributed to the use of an invalid identification number. Here is an example of the actual phishing email (see image 01), followed by some observations that should raise red flags about its validity.

Malware Distribution Point Detection – a Case Study

The media consistently warns people that clicking on links within emails from unknown sources can be dangerous. What about links in seemingly harmless emails received from individuals of trust? More so, what if the URL of a said link points to a familiar website? In recent weeks, zveloLABS® has identified several websites that appear benign in nature at first glance, but after further analysis these sites have been categorized as malware distribution points. What made the following case study interesting is that none of the well-known Internet blacklists and malware analysis tools flagged these URLS as being malicious. The following analysis shows how these trusted control mechanisms were circumvented with nothing more than a guise and a fundamental understanding of how the Internet operates.