Malware – S3lab http://s3lab.deusto.es S3lab Security Blog Wed, 06 May 2020 12:51:35 +0000 en-US hourly 1 https://wordpress.org/?v=5.1.5 How hacking could change history http://s3lab.deusto.es/hacking-change-history/ Thu, 06 Sep 2018 09:57:06 +0000 http://s3lab.deusto.es/?p=10018 Although hacking began as simple entertainment for a group of enthusiastic young people, much has changed since then. Today, all countries have, to a greater or lesser extent, a response or attack group of this type. The clearest examples would

Read more ›

The post How hacking could change history appeared first on S3lab.

]]> Although hacking began as simple entertainment for a group of enthusiastic young people, much has changed since then. Today, all countries have, to a greater or lesser extent, a response or attack group of this type. The clearest examples would be the NSA and the CERT / CC (in which I had the luck to be able to work temporarily) of the United States. We are living what will be remembered as the beginning of digital wars, where soldiers use keyboards instead of automatic rifles.

The post How hacking could change history appeared first on S3lab.

]]> All that glitters is not cryptomining, but almost http://s3lab.deusto.es/all-cryptomining-almost/ Thu, 12 Apr 2018 11:21:28 +0000 http://s3lab.deusto.es/?p=9817 There is a new trend in the world of malware, called cryptojacking. In many wars they used enemy prisoners to mine minerals, this would be similar to this case but transferred to the 21st century. It consists in using the

Read more ›

The post All that glitters is not cryptomining, but almost appeared first on S3lab.

]]> There is a new trend in the world of malware, called cryptojacking. In many wars they used enemy prisoners to mine minerals, this would be similar to this case but transferred to the 21st century. It consists in using the equipment of the victims of the malware for mining  cryptocurrencies. In recent times, the ransomware has become one of the most common types of malware, but it seems that the cryptojacking is removing the post by leaps and bounds.

The post All that glitters is not cryptomining, but almost appeared first on S3lab.

]]> A simple click can generate a logic explosion http://s3lab.deusto.es/click-logic-explosion/ Thu, 15 Feb 2018 10:57:34 +0000 http://s3lab.deusto.es/?p=9728 Not all malware executes its malicious payload instantly as soon as they are downloaded and executed for the first time. Many times, these are kept in the shadow and are triggered only when a certain situation occurs (something like an

Read more ›

The post A simple click can generate a logic explosion appeared first on S3lab.

]]> Not all malware executes its malicious payload instantly as soon as they are downloaded and executed for the first time. Many times, these are kept in the shadow and are triggered only when a certain situation occurs (something like an intelligent wick). This type of malware is called “logic bomb”.

The post A simple click can generate a logic explosion appeared first on S3lab.

]]> Everything started with the USB of that hacker http://s3lab.deusto.es/everything-started-usb-hacker/ Sat, 09 Dec 2017 13:48:29 +0000 http://s3lab.deusto.es/?p=9584 When someone finds out that your computer is infected, a question automatically pops up in your mind, how has this happened? First you think about the recent files downloaded / installed, then in the visited pages, and if no answer

Read more ›

The post Everything started with the USB of that hacker appeared first on S3lab.

]]> When someone finds out that your computer is infected, a question automatically pops up in your mind, how has this happened? First you think about the recent files downloaded / installed, then in the visited pages, and if no answer appears in the preceding cases, you end up desisting and cursing the situation. Although I would not dare to say that the third possible option that I will explain is the most common, it is certainly one.

The post Everything started with the USB of that hacker appeared first on S3lab.

]]> Spear Phishing, adapting hooks to targets http://s3lab.deusto.es/spear-phishing-adapting-hooks/ Thu, 19 Oct 2017 09:57:25 +0000 http://s3lab.deusto.es/?p=9497 Although many of you may have heard of phising, even been victims of some in the worst case, you are not so familiar with the next evolutionary step: spear phishing. Starting from the ground up, phishing is based on fooling

Read more ›

The post Spear Phishing, adapting hooks to targets appeared first on S3lab.

]]> Although many of you may have heard of phising, even been victims of some in the worst case, you are not so familiar with the next evolutionary step: spear phishing. Starting from the ground up, phishing is based on fooling users into sharing sensitive information such as passwords, usernames or even credit card details. In some situations it is also often related to the distribution of malware.

The post Spear Phishing, adapting hooks to targets appeared first on S3lab.

]]> That malware knows that they are watching it http://s3lab.deusto.es/malware-knows-watching/ Thu, 27 Apr 2017 18:29:11 +0000 http://s3lab.deusto.es/?p=9020 It is extremely common for advanced malware not only to hide its code with different packers, but also to try to detect if it is being analyzed dynamically through a sandbox. If they realize that they are watching it, they

Read more ›

The post That malware knows that they are watching it appeared first on S3lab.

]]> It is extremely common for advanced malware not only to hide its code with different packers, but also to try to detect if it is being analyzed dynamically through a sandbox. If they realize that they are watching it, they will modify their behavior to hide their malicious functionality and show completely innocuous functions. In this way, the analysis system will classify the sample as benign and can infect the target system without any problems.

The post That malware knows that they are watching it appeared first on S3lab.

]]>