Cryptowall

October 15, 2015

SECURITY

Angler for Beginners in 34 Seconds

Post authored by Martin Rehak, Veronica Valeros, Martin Grill and Ivan Nikolaev. In order to complement the comprehensive information about the Angler exploit kit from our Talos colleagues [

June 5, 2015

THREAT RESEARCH

My Resume Protects All Your Files

This post was authored by Nick Biasini Talos has found a new SPAM campaign that is using multiple layers of obfuscation to attempt to evade detection.  Spammers are always evolving to get their messages to the end users by bypassing SPAM filters while still appearing convincing enough to get a user to complete the actions required […]

June 5, 2015

THREAT RESEARCH

Angler EK: More Obfuscation, Fake Extensions, and Other Nonsense

This post was authored by Nick Biasini Late last week Talos researchers noticed a drastic uptick in Angler Exploit Kit activity. We have covered Angler previously, such as the discussion of domain shadowing. This exploit kit evolves on an almost constant basis. However, the recent activity caught our attention due to  a change to the URL […]

February 9, 2015

THREAT RESEARCH

Cryptowall 3.0: Back to the Basics

This post was authored by Andrea Allievi  & Earl Carter Ransomware continues to impact a large number of organizations and the malware continues to evolve. In January, we examined Cryptowall 2.0 and highlighted new features incorporated into the dropper and Cryptowall binary. When Cryptowall 3.0 appeared, we were interested in seeing what new functionality was […]

January 6, 2015

THREAT RESEARCH

Ransomware on Steroids: Cryptowall 2.0

This post was authored by Andrea Allievi and Earl Carter. Ransomware holds a user’s data hostage. The latest ransomware variants encrypt the user’s data, thus making it unusable until a ransom is paid to retrieve the decryption key. The latest Cryptowall 2.0, utilizes TOR to obfuscate the command and control channel. The dropper utilizes multiple […]