Threat Insight

Cybersecurity research and commentary on malware, user actions, and other threats to information security
May 15, 2017

Adylkuzz Cryptocurrency Mining Malware Spreading for Weeks Via EternalBlue/DoublePulsar


Proofpoint researchers have discovered another massive ongoing attack using EternalBlue/DoublePulsar to spread the cryptocurrency miner Adylkuzz.

May 11, 2017

Jaff - New Ransomware From the Actors Behind the Distribution of Dridex, Locky, and Bart

Proofpoint Staff

Proofpoint researchers analyze new ransomware from the actors who brought us Dridex, Locky, and Bart.

May 10, 2017

Introducing Loda Malware

Proofpoint Staff

Proofpoint researchers describe a previously undocumented keylogger and remote access Trojan called Loda.

April 27, 2017

APT Targets Financial Analysts with CVE-2017-0199

Axel F

Proofpoint researchers track a China-based APT actor and their attacks on financial services analysts covering the telecommunications industry.

April 26, 2017

Facebook Spam Botnet Trades Account Access for Likes

Proofpoint Staff

Proofpoint researchers analyze a Facebook spam botnet that uses a legitimate app and the human factor to spam a major media company.

April 25, 2017

Philadelphia Ransomware Brings Customization to Commodity Malware

Proofpoint Staff

Proofpoint researchers track the changing ransomware landscape and examine the use of commodity ransomware in targeted attacks on healthcare organizations.

April 21, 2017

A Quiet Quarter Ends With a Bang: Proofpoint Q1 Threat Report

Proofpoint Staff

Proofpoint researchers track the latest trends in malware and online threats for the first quarter of the year.

April 10, 2017

Dridex Campaigns Hitting Millions of Recipients Using Unpatched Microsoft Zero-Day

Proofpoint Staff

Proofpoint researchers have discovered that Dridex actors are already using CVE-2017-0199, a Microsoft Word zero-day first publicly revealed this weekend and patched April 11.

April 04, 2017

High-Volume Dridex Banking Trojan Campaigns Return

Proofpoint Staff

Proofpoint researchers track several new high-volume Dridex campaigns - the first to hit millions of recipients since May 2016.

March 13, 2017

Mobile Malware Masquerades as POS Management App

Proofpoint Staff

Proofpoint researchers examine a new piece of mobile malware that purports to be a point-of-sale management app but is actually a powerful information stealer.