Threat Intelligence Report: VPNFilter

We have been made aware of a new type of malware. The exploit, called VPNFilter, can be used to render an infected device inoperable by deleting the files necessary for normal operation. VPNFilter is a multi-platform and multi-phase exploit, it has a diverse range of capabilities which include credentials stealing and traffic injection. Read the … Continue reading Threat Intelligence Report: VPNFilter

Advertisements

Threat Intelligence Report: Vega Stealer

We have been made aware of a type of malware called ‘The Vega Stealer Malware’, which is a variant of the ‘August Stealer’ malware. This threat contains a credential stealing functionality which is targeting saved login credentials and credit card details which have been specifically stored in Chrome. The malware is spread via email attachments … Continue reading Threat Intelligence Report: Vega Stealer

Threat Intelligence Report: Syn/Ack

We have been made aware of the latest form of ransomware to threaten organisations. SynAck ransomware adopts a new technique to infect computers - the ‘Doppelgänger’ approach. With the aim of infecting systems and encrypting victims’ files, SynAck uses this approach to transform files in order to bypass and avoid detection from anti-virus software. A demand is then made for a fee in order to release the files.

Threat Intelligence Report: FacexWorm

The invinsec Threat Intelligence Analysts have discovered a new malware exploit that is being seen on the web (researchers first discovered the exploit in August 2017 and immediately after, it was removed from the Chrome Web Store). In April 2018, researchers discovered a repackaged version of the malware with a few tweaks which had the additional capability to steal Facebook, Google and Cryptocurrency credentials amongst others.