Threat Research

It’s what we do.

WhatsApp Spam Emails Making a Comeback

June 1, 2015By Daniel Slattery

In 2013 we shared a series of blog posts about several WhatsApp scams making the rounds redirecting people to pharmaceutical sites and malware. In recent weeks we have seen that these scams have made a…read more

Rombertik

May 6, 2015By Tyler Moffitt

Yesterday in the news we saw a huge spike in the interest of the Rombertik malware. Rombertik infiltrates the computer through email phishing attacks that drop as a .scr screen saver executable that contains the malware that…read more

AlphaCrypt

May 4, 2015By Tyler Moffitt

We’ve encountered yet another encrypting ransomware variant and at this point it’s expected since the scam has exploaded in popularity since it’s inception in late 2013. This one has a GUI that is almost…read more

Fake Security Scams – 2015 Edition

April 27, 2015By Roy Tobin

New Year, Similar Scams In 2013,  I wrote an article talking about the popular Fake Microsoft Security Scams that were doing the rounds. As expected, these type of scams have continued to grow…read more

Lenovo Support Page Hacked

February 25, 2015By Richard Melick

In possible retaliation to the Superfish MITM software installed on Lenovo consumer machines, hackers looking to be representing Lizard Squad have hacked Lenovo’s support page through DNS hijack.  Currently, if you head to http://support.lenovo.com/us/en/product_security/superfish,…read more

CoinVault

November 14, 2014By Tyler Moffitt

  Today we encountered a new type of encrypting ransomware that looks to be of the cryptographic locker family. It employs the same method of encryption and has a very similar GUI (kills VSS,…read more

We analyze Cryptobot, aka Paycrypt

November 7, 2014By Tyler Moffitt

Recently during some research on encrypting ransomware we came across a new variant that brings some new features to the table. It will encrypt by utilizing the following javascript from being opened as an attachment…read more

Cryptographic Locker

September 5, 2014By Tyler Moffitt

It seems as though every few weeks we see a new encrypting ransomware variant. It’s not surprising either since the business model of ransoming files for money is tried and true. Whether it’s important work…read more

true