cryptojacking

Adwind: Malware-as-a-Service Platform

Java/Adwind is typically spread as an executable file attached to spam email messages. When the file attachment is launched, the archive file drops malicious components onto the system, then continues to run in the background. On a Windows machine, the components are dropped to the %AppData% folder. When running in the background, the Adwind archive […]

Adwind: Malware-as-a-Service Platform Read More »

Troldesh Ransomware

Troldesh Ransomware

Troldesh aka Encoder.858 or Shade is a Trojan and a crypto-ransomware variant created in Russia and spread all over the world. Troldesh is based on so-called encryptors that encrypt all of the user’s personal data and extort money to decrypt the files. Troldesh encrypts a user’s files with a “.xtbl” extension. Troldesh is spread initially

Troldesh Ransomware Read More »

MDS-Micro architectural Data Sampling

MDS is a family of vulnerabilities in different (related) components of the processor. Unlike Meltdown, MDS doesn’t allow an attacker to directly control the target memory address from which they would like to leak data. Instead, MDS is a form of “sampling” attack in which an attacker can leverage cache side-channel analysis to repeatedly measure

MDS-Micro architectural Data Sampling Read More »