Every day is zero-day when it comes to malware. New malware designed to evade traditional cyber defenses is being developed every day. The key is to know your enemy. Stay ahead of the threat landscape with these malware security alerts from Radware.
To receive an email notification when malware and threat alerts are posted, click here.
On May 3, 2018, Radware’s malware protection service detected a zero-day malware threat at one of its customers, a global manufacturing firm, by using machine-learning algorithms. This malware campaign is propagating via socially-engineered links on Facebook and is infecting users by abusing a Google Chrome extension (the ‘Nigelify’ application) that performs credential theft, cryptomining, click fraud and more.
On April 12, 2018, Radware’s threat research group detected malicious activity via internal feeds of a group collecting user credentials and payment methods from Facebook users across the globe.
Radware Cloud Malware Protection Service has detected and blocked a new evasive zero-day malware: a new variant of the FormBook malware family.
Radware’s Threat Research has recently discovered a new botnet, dubbed DarkSky. DarkSky botnet features several evasion mechanisms, a malware downloader and a variety of network- and application-layer DDoS attack vectors. This bot is now available for sale for less than $20 over the Darknet.
Since 2015, the Radware Malware Research Team has been following CodeFork - a group of hackers who recently launched a new campaign with updated malware tools and infection techniques. This group distributes malware to be utilized across a number of use cases. The new campaign features advanced file-less evasion and persistence techniques, as well as a new module that mines Monero cryptocurrency.