Meet ‘Tox’: Ransomware for the Rest of Us
The packaging of malware and malware-construction kits for cybercrime “consumers” has been a long-running trend. Various turnkey kits that cover...
Update on the Beebone Botnet Takedown
On April 8, the takedown operation for the polymorphic botnet known as Beebone successfully concluded. This action redirected traffic from...
Taking a Close Look at Data-Stealing NionSpy File Infector
This blog was written by Sanchit Karve. W32/NionSpy is a family of malware that steals information from infected machines and...
VaultCrypt Ransomware Hides Its Traces While Stealing Web Credentials
Since the beginning of the year we have seen a spike in ransomware including the emergence of new ransomware families....
Takedown Stops Polymorphic Botnet
Several global law enforcement agencies—with assistance from McAfee —this week successfully dismantled the “Beebone” botnet behind a polymorphic worm known...
The Rise of Backdoor-FCKQ (CTB-Locker)
By Raj Samani (@Raj_Samani) and Christiaan Beek (@ChristiaanBeek) In the McAfee Labs Threats Report published in November 2014, Senior Vice...
InstallCube: How Russian Programmers Turn Adware Into Cash
We often observe applications bundled with ad-displaying programs to generate revenue for those products. These are not necessarily unethical, but...
At McAfee, Protecting Customers Takes Precedence Over Seeking Headlines
One question I often hear is “When will McAfee publish a report on the latest threat?” It seems to be...
Win32/Syndicasec Used In Targeted Attacks Against Indian Organizations
During the last couple of months, we’ve observed several RTF exploits that target Indian organizations. The first RTF exploit was...
Bypassing Microsoft’s Patch for the Sandworm Zero Day
This is the second part of our analysis of the Sandworm OLE zero-day vulnerability and the MS14-060 patch bypass. Check out...
