Marap Malware

45f6ca06-eec3-4ffc-9a71-7659da5cd9f7

 

A new malware strain that named Marap and is currently being distributed via massive waves of spam emails carrying malicious attachments (malspam).

The malware is neither a banking trojan, a remote access trojan (RAT), or ransomware, but a malware download (also referred to as malware loader or malware dropper).

Marap is a slim malware strain that infects victims, fingerprints their systems, and sends this information back to a central command & control (C&C) server.

Based on the victim’s profile, Marap will later download specific modules based on the instructions it receives from the C&C server and the malware’s authors.

Source: BleepingComputer

How do you protect yourself?

Proper security measures must be in place to defend against Marap malware and similar threats. Having proper up-to-date endpoint security provides a cross-generational blend of threat defense techniques to protect systems from cryptomining malware.

 

 

CVE-2017-13106

Threat Meter

 

Cheetahmobile CM Launcher 3D – Theme, wallpaper, Secure, Efficient, 5.0.3, 2017-09-19, Android application uses a hard-coded key for encryption. Data stored using this key can be decrypted by anyone able to access this key.

Source: CVE

How do you protect yourself?

If available, update your device’s system version of Android and apply any available Google Play / Apple Store updates to installed apps.

Dharma Ransomware

Threat Meter

 

A new variant of the Dharma Ransomware was discovered that appends the .cmb extension to encrypted files.

The Dharma Ransomware family, including this Cmb variant, is installed manually by attackers hacking into computers over Remote Desktop Protocol Services (RDP). The attackers will scan the Internet for computers running RDP, usually on TCP port 3389, and then attempt to brute force the password for the computer.

Once they gain access to the computer they will install the ransomware and let it encrypt the computer. If the attackers are able to encrypt other computers on the network, they will attempt to do so as well.

Source: BleepingComputer

How do you protect yourself?

Proper security measures must be in place to defend against Dharma Ransomware and similar threats. Having proper up-to-date endpoint and firewall security provides a cross-generational blend of threat defense techniques to protect systems from malware.