Latest News

We came across a new version of a cryptocurrency-mining RETADUP worm (detected by Trend Micro as WORM_RETADUP.G) through feedback from our managed detection and response-related monitoring. This new variant is coded in AutoHotKey, an open-source scripting language used in Windows for creating hotkeys (i.e., keyboard shortcuts, macros, software automation). AutoHotKey is relatively similar to the script automation utility AutoIt, from which RETADUP’s earlier variants were based on and used for both cybercrime and cyberespionage.

We identified this threat via an endpoint — from an organization in the public sector — that had related malware artifacts (as RETADUP was promptly blocked). Further analyzing and correlating them based on their C&C protocol and our own RETADUP detections, we found that they were similar to other samples we sourced. These indicate that, at least for now, RETADUP’s operators — despite their history in deploying their malware in targeted attacks — are focusing on cybercriminal cryptocurrency mining.

The post Monero-Mining RETADUP Worm Goes Polymorphic, Gets an AutoHotKey Variant appeared first on .

SecurityWeek RSS Feed

Latest IT Security News and Expert Insights Via RSS Feed

Apple this week released patches to address a handful of security vulnerabilities in macOS, iOS, and Safari.

read more

List of Latest threats - PANDA SECURITY

Collective Intelligence Monitor Virus activity recorded by Panda Security’s Collective Intelligence servers.

It is a critical vulnerability in the Windows Print Spooler service on Windows 2008/7/Vista/2003/XP computers, which allows hackers to gain remote control of the affected computer with the same...

Thanks to Collective Intelligence, Panda's exclusive cloud-computing technology, the company's 2010 solutions leverage the knowledge gathered from the community of millions of Panda users around the world. Each new file received is automatically classified within six minutes and the Collective Intelligence servers classify more than 50,000 new malware samples every day. These technologies correlate information on malware received from each computer to continuously improve the protection level for the worldwide community of users.

Malware News ≈ Packet Storm

Packet Storm - Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers