article thumbnail

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack

Security Affairs

Chinese hackers have exploited a zero-day vulnerability the Trend Micro OfficeScan antivirus in the recently disclosed hack of Mitsubishi Electric. Now ZDNet has learned from sources close to the investigation that the Chinese hackers have used a zero-day flaw in the Trend Micro OfficeScan antivirus in the attack on Mitsubishi Electric.

Antivirus 145
article thumbnail

Spam Kingpin Peter Levashov Gets Time Served

Krebs on Security

Severa ran several affiliate programs that paid cybercriminals to trick people into installing fake antivirus software. In 2011, KrebsOnSecurity dissected “SevAntivir” — Severa’s eponymous fake antivirus affiliate program — showing it was used to deploy new copies of the Kelihos spam botnet.

Antivirus 332
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Why Malware Crypting Services Deserve More Scrutiny

Krebs on Security

If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or “crypt” your malware so that it appears benign to antivirus and security products. ” Meanwhile, the Jabber address masscrypt@exploit.im

Malware 251
article thumbnail

Windows Defender identified Chromium, Electron apps as Hive Ransomware

Security Affairs

Microsoft released a Windows Defender update to fix a problem that caused Defender antivirus to identify Chromium, Electron, as malware. Microsoft released a Windows Defender update to fix a problem that caused Defender antivirus software to identify the app based on the Chromium browser engine or the Electron JavaScript framework as malware.

article thumbnail

How Did Authorities Identify the Alleged Lockbit Boss?

Krebs on Security

NEROWOLFE A search on the ICQ number 669316 at Intel 471 shows that in April 2011, a user by the name NeroWolfe joined the Russian cybercrime forum Zloy using the email address d.horoshev@gmail.com , and from an Internet address in Voronezh, RU. 2011 said he was a system administrator and C++ coder.

article thumbnail

Mariposa Botnet Author, Darkcode Crime Forum Admin Arrested in Germany

Krebs on Security

Å korjanc and his hacker handle Iserdo were initially named in a Justice Department indictment from 2011 (PDF) along with two other men who allegedly wrote and sold the Mariposa botnet code. An advertisement for the ButterFly Bot. “TM passed this information on to Brian Krebs.”

article thumbnail

John McAfee found dead in prison cell ahead of extradition to US

Security Affairs

One of the fathers of antivirus software, the entrepreneur John McAfee has been found dead in a Barcelona prison cell while he was waiting for extradition to the US. The company was purchased by Intel in 2011 for more than $7.6bn.