McAfee Labs

McAfee Labs Advanced Threat Research Aids Arrest of Suspected Cybercrime Gang Linked to Top Malware CTB Locker

In our recent research, we interviewed the actors behind ransomware campaigns. One of the interesting findings was cybercriminals seemed to have a sense of absolute safety when conducting criminal operations. Cybercrime is an area of crime like no other, perceived as low-risk with high returns, which contributes greatly to its rapid growth.

McAfee Labs

Emotet Downloader Trojan Returns in Force

During the past couple of days, we have seen an increase in activity from Emotet. This Trojan downloader spreads by emails that lure victims into downloading a Word document, which contains macros that after executing employ PowerShell to download a malicious payload. We have observed Emotet downloading a variety of payloads, including ransomware, Dridex, Trickbot, …


Securing IoT, Not a Mission Impossible

At the McAfee MPOWER Cybersecurity Summit in Las Vegas on Oct. 18, I had the privilege of sharing the stage with Dr. Alissa Johnson, Xerox VP & Chief Information Security Officer (CISO) to discuss how those responsible for cybersecurity must consider threats to the IoT landscape as mission-critical components to their security strategy. I asked …

McAfee Labs

‘BadRabbit’ Ransomware Burrows Into Russia, Ukraine

This post was researched and written by Christiaan Beek, Tim Hux, David Marcus, Charles McFarland, Douglas McKee, and Raj Samani. McAfee is currently investigating a ransomware campaign known as BadRabbit, which initially infected targets in Russia and the Ukraine. We are also investigating reports of infected systems in Germany, Turkey, and Bulgaria and will provide updates …

Business, Consumer, Executive Perspectives, McAfee Labs

NoMoreRansom – One year on!

One year on. It is fair to say that the No More Ransom project not only exceeded our expectations, but simply blew these initial expectations out of the water. A collaboration between six partners (McAfee, EC3, Dutch Police, Kaspersky Lab, AWS and Barracuda) has now grown to include more than 100 partners across the public and private sector. We often hear people talk about Public-Private Partnerships, but here is a true example of that commitment in action.

Executive Perspectives, McAfee Labs, Neutralize Threats, Technical How To

An Analysis of the WannaCry Ransomware Outbreak

Charles McFarland was a coauthor of this blog. Over the course of Friday, May 12 we received multiple reports of organizations across multiple verticals being victim to a ransomware attack. By Friday afternoon, McAfee’s Global Threat Intelligence system was updated to identify all known WannaCry samples and the company had delivered DAT signature updates to …

McAfee Labs

Mirai Botnet Creates Army of IoT Orcs

This post was based on analysis by Yashashree Gund and RaviKant Tiwari. There is a lot of speculation in the news about surveillance from home appliances, personal electronics, or other Internet of Things (IoT) devices. Although some statements may be hyperbole, we know that these devices, in homes and offices, are being compromised and used …


Are Printers Becoming Yet Another IoT-Based Threat?

Over the past couple of months, a lot has been written about the Mirai botnet that was targeting vulnerable devices connected to the Internet. And based on the embedded password list, we can determine that the targets were diverse– from IP-camera’s, DVR’s, TV receivers, routers to printers. Printers? Yes, printers. Over the years, these devices …

Business, McAfee Labs

CHIPSEC Support Against Vault 7 Disclosure Scanning

Following recent WikiLeaks Vault 7 disclosures, including details regarding firmware vulnerabilities, there has been significant concern regarding the integrity of devices and operating systems used within society. As part of our commitment to provide technology that can preserve the integrity of devices we rely upon, we have developed a simple module for the CHIPSEC framework …


UPDATE: Over 1000 InterContinental Hotels Become the Subject of Major Credit Card Breach

Update 4/25: The InterContinental Hotels Group has recently released data stating that now point-of-sale servers at more than 1,000 of its properties were compromised with the malware used to steal customer debit and credit card data. The article has been updated to reflect these new numbers. Original Story The InterContinental Hotels Group has found themselves dealing …

McAfee Labs

Spotlight on Shamoon

Our analysis this month has pointed to Shamoon emerging in the Middle East. We have recently seen a number of similarities that we had highlighted in our earlier blogs (on The campaign continues to target organizations in the Middle East from a variety of verticals. Reports suggest that a further 15 disk-wiping Shamoon incidents …