Threat Post

Locky Ransomware, Kovter Click-Fraud Malware Spreading in Same Campaigns

Locky ransomware and Kovter click-fraud malware are being spread in the same email campaign for the first time, with malicious .lnk files being used to infect computers. Researchers at Microsoft’s ...
Bleeping Computer

Malicious Windows 'LNK' attacks made easy with new Quantum builder

Malware researchers have noticed a new tool that helps cybercriminals build malicious .LNK files to deliver payloads for the initial stages of an attack. LNKs are Windows shortcut files that can ...
CSOonline

Malware builder uses fresh tactics to hit victims with Agent Tesla RAT

A recently discovered malware builder sold on the dark web, Quantum Builder, is being used in a new campaign featuring fresh tactics to deliver the Agent Tesla .NET-based keylogger and remote access ...
Ars Technica

Can someone analyze this MALWARE string?

It's not particularly surprising, as that bit of code doesn't actually seem to contain the malware. It's shady as all fuck, but it depends on the existence of the .lnk file to actually do anything. If ...
PC World

Beware! Malware distributors are switching to less suspicious file types

After aggressively using JavaScript email attachments to distribute malware for the past year, attackers are now switching to less suspicious file types to trick users. Last week, researchers from the ...
Dark Reading

Up Close with Evilnum, the APT Group Behind the Malware

Researchers today published an analysis of advanced persistent threat (APT) group Evilnum, known for developing malware of the same name. A detailed look at its activity reveals an evolved toolset and ...
CSOonline

Malware distributors are switching to less suspicious file types

After aggressively using JavaScript email attachments to distribute malware for the past year, attackers are now switching to less suspicious file types to trick users. Last week, researchers from the ...