Diwakar Dinkar

Diwakar Dinkar is a Research Scientist with McAfee Labs. He has worked in this field for five years and specializes in reverse engineering. He enjoys working on latest threats and figuring out ways to protect customers from them. His hobbies include playing cricket and reading newspapers.
McAfee Labs has recently observed a new variant of ransomware that relies on the open-source program GNU Privacy Guard (GnuPG) to encrypt data. GnuPG is a hybrid-encryption software program that uses a combination of conventional symmetric-key cryptography for speed and public-key cryptography to ease the secure key exchange. Although ransomware using GnuPG to encrypt files ...
Read Blog
Attacks by macro malware carrying ransomware are growing, as we have recently reported. Since early March we have seen macro malware using high-obfuscation algorithms to hide itself from static and traditional antimalware detection techniques. Macro malware continues to evolve and use new tricks to evade detection. In addition to these evasion techniques, McAfee Labs researchers have ...
Read Blog
McAfee Labs has seen a huge increase in Locky ransomware in recent months (discussed in an earlier blog). Locky is aggressively distributed via a JavaScript-based downloader sent as an attachment in spam emails. Since its first variant Locky has taken advantage of compromised domains to download its malicious executable. Recently it has downloaded a malicious dynamic link ...
Read Blog
The ransomware Nemucod has been very prevalent in the last few months. Nemucod's habit of frequently changing its delivery mechanism and infection vector to evade detection makes this threat very challenging to security researchers. Recently, we observed in the wild a new variant of Nemucod that shows another change. This variant downloads a PHP file along ...
Read Blog
During the past couple of weeks, McAfee Labs has observed a huge increase in spam related to Nivdort, a malicious file that usually arrives as a .zip attachment and tries to download other malware. This malware can steal a victim’s credentials, including personal details related to online shopping, banking, and other social networking websites. Nivdort’s spam ...
Read Blog
In recent weeks, McAfee Labs has analyzed a recently discovered banking Trojan that combines elements from multiple malware tools. Shifu has circulated since April, and attacks primarily Japanese banks. Installation This malware arrives as a file dropped by other malware or as a file downloaded unknowingly by users when visiting compromised sites. Upon installation the malware ...
Read Blog