Diwakar Dinkar

Diwakar Dinkar is a Research Scientist with McAfee Labs. He has worked in this field for five years and specializes in reverse engineering. He enjoys working on latest threats and figuring out ways to protect customers from them. His hobbies include playing cricket and reading newspapers.
The Adwind remote administration tool (RAT) is a Java-based backdoor Trojan that targets various platforms supporting Java files. For an infection to occur, the user must typically execute the malware by double-clicking on the .jar file that usually arrives as an email attachment. Generally, infection begins if the user has the Java Runtime Environment installed. ...
Read Blog
McAfee Labs has recently observed a new variant of ransomware that relies on the open-source program GNU Privacy Guard (GnuPG) to encrypt data. GnuPG is a hybrid-encryption software program that uses a combination of conventional symmetric-key cryptography for speed and public-key cryptography to ease the secure key exchange. Although ransomware using GnuPG to encrypt files ...
Read Blog
Attacks by macro malware carrying ransomware are growing, as we have recently reported. Since early March we have seen macro malware using high-obfuscation algorithms to hide itself from static and traditional antimalware detection techniques. Macro malware continues to evolve and use new tricks to evade detection. In addition to these evasion techniques, McAfee Labs researchers have ...
Read Blog
McAfee Labs has seen a huge increase in Locky ransomware in recent months (discussed in an earlier blog). Locky is aggressively distributed via a JavaScript-based downloader sent as an attachment in spam emails. Since its first variant Locky has taken advantage of compromised domains to download its malicious executable. Recently it has downloaded a malicious dynamic link ...
Read Blog
The ransomware Nemucod has been very prevalent in the last few months. Nemucod's habit of frequently changing its delivery mechanism and infection vector to evade detection makes this threat very challenging to security researchers. Recently, we observed in the wild a new variant of Nemucod that shows another change. This variant downloads a PHP file along ...
Read Blog
During the past couple of weeks, McAfee Labs has observed a huge increase in spam related to Nivdort, a malicious file that usually arrives as a .zip attachment and tries to download other malware. This malware can steal a victim’s credentials, including personal details related to online shopping, banking, and other social networking websites. Nivdort’s spam ...
Read Blog