• This is the Trend Micro detection for the Encryptor RaaS (Ransomware as a Service) that has the capability to set deadlines as well as for the ransom amount to increase. This new platform allows attackers and cybercriminals to create their own ransomware for free.
    Read more   

  • This TorrentLocker variant has the capability to double the amount of decryption after its 5-day deadline. It arrives via spam message purporting as a business email that targeted an Australian company.
    Read more   

  • This malware is related to the campaign that targeted TV and government-related websites in Hong Kong and Taiwan. In the said campaign, attackers used Flash exploits that emerged from the Hacking Team leak to deliver this PoisonIvy variant.
    Read more   

  • This malware is related to the campaign that targeted TV and government-related websites in Hong Kong and Taiwan. In the said campaign, attackers used Flash exploits that emerged from the Hacking Team leak to deliver PoisonIvy.
    Read more   

  • This Point-of-Sales (PoS) reconnaissance malware checks if the infected system is part of a PoS network or if it is a PoS machine. An attack uses Angler Exploit Kit to spread this PoS malware.
    Read more   

  • This is the detection for the Android malware that exploits local privilege escalation vulnerability in Android devices (CVE-2014-3153). During our monitoring of Hacking Team dump, our researchers spotted a fake news application that has capability to circumvent the filtering of Google Play.
    Read more   

  • This is the detection for the Java zero-day exploit (designated with CVE-2015-2590) that was used in the targeted attack campaign, Operation Pawn Storm. Once successfully exploited, it downloads another malware detected as TROJ_DROPPR.
    Read more   

  • This is the detection for the second stage malware related to the new Java zero-day exploit which was used in the targeted attack campaign, Operation Pawn Storm. In the second stage of the attack, it downloads this malware, which serves as a dropper of .
    Read more   

  • The malicious files <i>flash32.exe</i> and <i>kbflashUpd.
    Read more   

  • The malicious files <i>flash32.exe</i> and <i>kbflashUpd.
    Read more