Updated July 17, 2019
The same cybercrime company ShadowGate is slowly launching a malware campaign around the world
The bug in Greenflash indicates the use of packages to save SEON, CryptoMiner and Pony Ransom
ShadowGate members, also known as VoiceJS, are concentrated in Asia, especially in South Korea.
For two years he worked for the same reasons and worked innovations with new classes around the world
This is a fantastic phenomenon. Malwarebytes and Trend Micro experts commented on the document with several questions.
Look at this week.
This is the biggest project we have seen in this group since 2016 in a blog post by Trend Micro
Its author is Joseph Chen.
Based on information posted on Microsoft’s website
The group, which began on June 7, grew significantly on June 21.
Passed aponia passed on June 24, 54.36
Percentage, Italy (26.68%), Germany (4.54%)
It’s the same competition as ShiGGate works there
Officials replaced the post with a needle and criticized it
Advertise your malware on popular pages. Taupale
Jerome Segura, Director of Information Solutions, told CBC Media
In this case, for example, virtual servers
Advertising in foreign stores is not like that.
Based on MalwareBeat blog
One of the sites involved was video videoconverter.com
The site receives 200 million visitors every month.
It is based on the decision of how to calculate the direction.
Mistakes bring another life
Greenfax Sunday Inc. After that, the skin begins to shine
Change this setting to search for the desired number in Adobe Flash Player
Payments are sent to PowerShell.
Using PowerShell is a new addition to GreenFlash Sundown.
Apparently, he’s still struggling to fix it.
Shade gates are too small to resist access.
Collection of fingers
The appropriate site contains information about the operating system, user name, video card.
Install hard drive and antivirus
Using PowerShell is fun because it helps
Look ahead to lose weight or not. For example, inside
In this case, make sure the area is not a newly developed machine.
Segura writes that a mediator is available if accepted.
One of the information we see in SEON Reda, if not on the server
Users of this site receive a blank reply.
SEON uses hidden rock files to delete shadow copy.
This makes it difficult to recover from attacks.
Malwarebytes knows the green light
At sunset E.K. Horses and money fall to the ground with the help of a weaver.
Choose the best download process.
See Seguras blog post.
The GreenFlash Sundown program found it closed the door.
Consumer trends in East Asia