Threat Reports

Silobreaker’s Daily Cyber Digest – 26 Feb 2016

Trun Ransomware
Security and malware bloggers have noticed a new and highly encrypted ransomware that is beginning to circulate the internet. Labelled Trun, this malware uses the traditional ransomware methodology of encrypting files and demanding payment for a decryption key. To do this, Trun makes use of the open source GnuPGP encryption tool, coupled with 1024-bit RSA.

Trun is currently utilising a varied range of delivery methods and has been spotted in spam email attachments, P2P sharing platforms, malicious websites and compromised 3rd party programmes. At present it is circulating primarily in Europe and its ransom demands are in the range of €500.

KeyBase Keylogger
A software based KeyLogger that was believed to be redundant has begun to resurface after its build was leaked online and a variety of actors began to utilise its potential. The KeyBase Keylogger has the capacity to record and copy keystrokes, steal data from a user’s clipboard and take screenshots of desktops and websites.

KeyBase was developed and popularised in the summer of 2015 when its creator was selling it online for €50. He was quickly arrested and promised to halt production, which reduced its usage.

However, a report by Palo Alto has demonstrated that after the software’s build was leaked, its usage has skyrocketed, with thousands of unique samples being recorded each month.

The software is currently most active in India, China and South Korea, but usage is thought to still be on the rise as more and more criminals begin to adopt the software.

The Silobreaker Team

More News

  • Silobreaker Daily Cyber Digest – 14 June 2019

      Ongoing Campaigns Trend Micro discover new campaign using NSA leaked tools to deliver cryptominers Trend Micro researchers discovered an ongoing cryptojacking campaign infecting...
  • Silobreaker Daily Cyber Digest – 13 June 2019

    Malware Palo Alto’s Unit 42 report on evolving Hide ‘N Seek botnet Unit 42 have discovered a variant of the Hide ‘N Seek botnet...
  • Silobreaker Daily Cyber Digest – 11 June 2019

      Ongoing Campaigns MuddyWater uses multi-stage backdoor POWERSTATS V3 and new post-exploitation tools Trend Micro researchers detected new campaigns that appear to be operated...
View all News

Request a demo

Get in touch