ICSA Labs Blog: Malware

Protecting Your Mobile Phone from Ransomware [PART 2]

As consumers increasingly turn to their mobile phones for shopping, banking, working and internet browsing, cybercriminals have similarly begun to evolve their tactics to keep up with the growth in mobile phone usage. 

Protecting your PC from Ransomware [PART 1]

Ransomware is a type of phishing attack that occurs when an attacker sends an email that looks as if it is from a legitimate organization but contains a link or attachment to malware or ransomware.

Once the ransomware is downloaded it restricts access to the computer system it infects and demands a ransom be paid to the creator(s) of the malware in order for the restriction to be removed.

Unfortunately, even when the ‘ransom’ is paid, most often the system remains infected and needs to be wiped clean.

ICSA Labs Highlights Key Security Trends Affecting Enterprises and Consumers in 2015

Security and privacy challenges are top of mind for everyone, as the Internet of Things and mobile device (and associated application) adoption continues to permeate every major industry. I sat down with our security experts at ICSA Labs to learn more about what major security technology trends they see impacting businesses and their customers in 2015. Here’s what they had to say:

ICSA Labs new certification option - Malicious URL testing module

When ICSA Labs first started testing and certifying Anti-Virus products more than 20 years ago, there were only “hundreds” of malware samples circulating monthly in the world. Since then, the malware landscape has changed dramatically and today there are over 100,000 new samples appearing every day.


One of my friends recently received an alert from her sheriff’s office, warning her about something called Cryptolocker. The language in the alert was quite alarming, and she wanted my opinion.

I told her that Cryptolocker was indeed real and is the criminal’s monetization scheme-du-jour. While it is a real pain if you got nailed by it, basic security practices would keep you perfectly safe.

The Age Of Enterprise Malware (A.k.a APT vs AFT)

In 2013, most people understand that the acronym APT stands for Advanced Persistent Threat, but I’m coining a new one … AFT, which stands for Another… uh … Freaking Trojan, and I suggest that all malware now falls into one of these two categories.

Assume You’re Breached

The Verizon DBIR came out today, and, as usual, it’s full of interesting data, and, as usual, it should be printed out, read thoroughly and marked liberally with your favorite highlighter, but for me, my favorite sentence was in the opening paragraph. It said, “A growing segment of the security community adopted an “assume you’re breached” mentality.”

Shamoon – a week later

Late last week, word surfaced about a new piece of malware that had apparently attacked an oil company by overwriting all or most files on a victim’s pc, and then overwriting the Master Boot Record. 

My initial reaction, upon looking at the code, was that it was:

DNS Changer Catch 22

In my last blog I talked about the DNS Changer and its impact on victims.  Today, the DNS Changer deadline has arrived, which means victims of DNS Changer are kicked off the Internet until they have their computer fixed. 

An obvious problem is this: Many people need software to fix their computers.

So you have a catch 22…
Those that need to fix their computer need software, but the software is on Internet sites they can’t get access.

Will Malware Knock Thousands Off the Internet?


DnsChanger deadline looming

The DnsChanger deadline is this coming Monday. In short, any personal computer infected by this DnsChanger malware will no longer be able to access the Internet until it is cleaned.