New Threat Advisory Report: Nettitude finds malicious content embedded in image files

Nettitude’s security researchers are always on the lookout for attack trends and changes in the cyber threat landscape. Our team has recently found malicious content embedded in Graphics Interchange Format (GIF) image files, which when uploaded to a vulnerable server, can result in the complete or partial compromise of the host. The vulnerabilities targeted by […]

Nettitude’s new Cyber Threat Intelligence report reveals increase in targeted phishing emails

With the recent TalkTalk hack just the latest in a long line of high-profile data breaches that have taken place in recent years, our security researchers monitor changes in the global cyber threat landscape on an ongoing basis. Today, we have released a report into the activity that our research team has observed from our […]

Technical Analysis of ELF/Spylock.A Malware for GNU/Linux

Introduction Nettitude recently obtained a sample of some malware intended to run on GNU/Linux-based servers, with the purpose of turning its host into a cut-out for anonymous forwarding of messages between other machines. We have seen no evidence of it causing direct harm to the machine on which it runs (beyond the unauthorised use of […]

Pony malware two years later

Overview Two years after first gaining notoriety, the Pony Botnet remains very active. The malware is primarily targeted at the theft of user credentials from applications such as web browsers and email applications, for example, Outlook.  Pony is also capable of stealing a victim’s bitcoin wallet. A typical attack is executed through the use of […]

Dridex Malware Steals Millions from Online Bank Accounts

Warnings were issued yesterday by the US Computer Emergency Readiness Team (CERT) and the UK National Crime Agency about a piece of malware called Dridex, which is used for stealing money from online bank accounts. The malware itself is not new; it first emerged in July 2014, and is considered the successor to a previous […]

New Malware Targets Financial Data

File Name: cclub14.exe File Size: 1081833 byte Compile Time: 2015-06-17 08:36:37 Sections: 4 Hash MD5: 29cf881ca840424f2dba7c0952a94cfe Hash SHA-1: 85461a14c12a2e3f3f0f1f10a8d68d73e4e891b4 Imphash : 7ee226ca53c7ca1c7999e440384c5b89 Summary: New malware that is not yet detected by most antivirus products was identified and studied by Nettitude yesterday. It targets financial information (in this case Bitcoin’s wallets). The malware has been designed to perform three […]