Ransomware Race (Part 4): Adult Content, Browlock's Staying Power
Lately, our eyes have been caught by the rise of Ransomware families. It is very evident that the bad guys are constantly developing this type of malware family as seen in our previous posts about...
View ArticleData vs. Metadata
Google uses HTTPS for all search queries. That's good, because it means that all of the questions you ask (a.k.a. your data) will be encrypted. However… regardless of HTTPS, inferences about your...
View ArticleRansomware Race (part 5): SynoLocker's unkept promises
We believe you should never pay a ransom to online criminals. The reason is quite simple. File-encrypting ransomware holds the victim's personal files "at ransom" until a payment is made. For the...
View ArticlePitou Q&A
What is Pitou?A recently spotted spambot malware that shares many similarities from the notorious kernel-mode spambot Srizbi. After further analysis, we confirmed it is a revival of Srizbi. We named...
View ArticleWi-Fi Sense?
Windows Phone 8.1 (Lumia Cyan) updates are currently rolling-out to various Lumia devices. One of the new features is Microsoft's "Wi-Fi Sense" which will automatically connect to Wi-Fi networks and...
View ArticleSecurity. Privacy. Identity.
Key components of digital freedom:This is F-Secure Labs. On 05/09/14 At 12:07 PM
View ArticleH1 2014 Threat Report
Our latest Threat Report is now available.The report includes our statistics, incidents calendar and threatscape summaries for H1(Q1+Q2) 2014.Download: H1 2014 Threat Report [PDF]Additional case...
View ArticleA Twitch of Fate: Gamers Shamelessly Wiped Clean
Twitch.tv is a video gaming focused live streaming platform. It has more than 50 million viewers and was acquired by Amazon.com in August for nearly a billion dollars.We recently received a report from...
View ArticleWhy do Apple's security questions still suck?
It's been two weeks, so why do Apple's security questions still suck?Here's an example of questions you'll be asked when you create an Apple ID:And here's the full list…Security Question 1: • What...
View ArticlePaying For Content
I remember setting up our first website. That was 20 years ago, in 1994. When the Web was very young and there were only a handful of websites, it was easy to forecast that the Web was going to grow....
View ArticleCosmicDuke and the latest political news
After we had published the CosmicDuke report in July 2014, we continued to actively follow the malware. Today, we discovered two new samples that both leverage timely, political topics to deceive the...
View ArticleNotice: Freedome v2.0.1 Issue on iOS 8
If you (like me) have an Apple device running iOS 8 and use F-Secure Freedome, please avoid updating to version 2.0.1.If you (like me) have already updated, you may see this after opening the app:Do...
View ArticleBlackEnergy 3: An Intermediate Persistent Threat
We have a new white paper available.BlackEnergy & Quedagh: The convergence of crimeware and APT attacksThe paper's author, Broderick Aquilino, first wrote about BlackEnergy in June: •...
View ArticleAre malware authors targeting people via marketing services?
We spotted an interesting case of a person complaining about e-mail malware with social engineering content which hits home almost too well, and decided to investigate a bit.The person had been...
View ArticleTerms of Service
We recently published a report called "Tainted Love — How Wi-Fi Betrays Us" as part of a public Wi-Fi experiment.The project required a "terms of service" and so for a bit of fun we added something…...
View ArticleCryptoWall updated to 2.0
One of this summer's most followed ransomware families is CryptoWall. Over time CryptoWall has seen minor updates and changes but its core functionality has stayed pretty much the same. Once a machine...
View ArticleNCR ATM API Documentation Available on Baidu
A recent ATM breach in Malaysia has caused havoc for several local banks. According to reports, approximately 3 million Malaysian Ringgit (almost 1 million USD) was stolen from 18 ATMs. There is no...
View ArticleBob and Alice Discover a Mac OPSEC Issue
The following is a true story. The names have been changed because the identity of those involved is none of your business.Bob uses Linux. Alice uses Mac. Bob gave Alice a file via FAT32 formatted USB...
View ArticleOne Doesn't Simply Analyze Moudoor
Today we are pleased to see an important milestone reached in a coordinated campaign against a sophisticated and well-resourced cyber espionage group. We have recently been participating in a...
View ArticleRATs threatening democracy activists in Hong Kong
Hong Kong has been in the headlines lately thanks to the Occupy central campaign (#occupycentral, #OccupyHK) and the umbrella revolution (#umbrellarevolution, #UmbrellaMovement). DPHK, Democratic...
View Article