Researchers are monitoring sales and infection rates of a new keylogger being sold on the dark web for $25 to $35.
Along with capturing keystrokes, iSpy grabs passwords stored in web browsers, records Skype chats, takes webcam screenshots and steals the license keys of software such as Adobe Photoshop and Microsoft Office.
An exponential rise in malware means employees are at the highest risk ever of accidentally installing malicious software onto the enterprise network - and it happens every four seconds within the average company, a new report has warned.
Cybersecurity researchers at Check Point analysed information on over 30,000 security events discovered by the company's ThreatCloud prevention software at more than 1,000 companies across the globe.
They found that employees in industry, finance, government and other sectors are very much taking a cavalier attitude to cybersecurity and downloading potentially harmful files to the company network.
It's unknown malware - malicious software which isn't yet recognised by security systems - which is most likely to be downloaded by employees and according to the report, it happens every four seconds on average across the organisations analysed in the report. The figure adds up to 971 unknown malware downloads per hour, representing nine times more downloads than the previous year, when the figure was 106 downloads per hour.
In the past, we’ve seen superuser rights exploit advertising applications such as Leech, Guerrilla, Ztorg. This use of root privileges is not typical, however, for banking malware attacks, because money can be stolen in numerous other ways that don’t require exclusive rights. However, in early February 2016, Kaspersky Lab discovered Trojan-Banker.AndroidOS.Tordow.a, whose creators decided that root privileges would come in handy. We had been watching the development of this malicious program closely and found that Tordow’s capabilities had significantly exceeded the functionality of most other banking malware, and this allowed cybercriminals to carry out new types of attacks.
Just when we thought ransomware’s evolution had peaked, a new strain has been discovered that forgoes the encryption of individual files, and instead encrypts a machine’s hard drive.
The malware, called Mamba, has been found on machines in Brazil, the United States and India, according to researchers at Morphus Labs in Brazil. It was discovered by the company in response to an infection at a customer in the energy sector in Brazil with subsidiaries in the U.S. and India.
Renato Marinho, a researcher with Morphus Labs, told Threatpost that the ransomware is likely being spread via phishing emails. Once it infects a machine, it overwrites the existing Master Boot Record with a custom MBR, and from there, encrypts the hard drive.