What is the Necurs downloader and the Necurs botnet?

Before we explain to you what the improvements made to this malware are, we must first take a moment to introduce you to the actual virus and what its main purposes are.

Necurs isn’t actually a virus that is supposed to directly harm your PC. Instead, it is a downloader type of virus which means that its main goal is to acquire boot persistence on the infected machine and to load other malware into the computer’s system. For instance, Necurs has oftentimes been reported to download the Locky Ransowmare on computers that have gotten infected by it.

The second main purpose of this malware is to gain telemetry data from the attacked PCs.

As far as the Necurs botnet is concerned, this is a network that consists of machines that have already been infected by the virus and that are now used to spread it to other users. Such malware behavior is reminiscent of some Trojan Horses, especially considering the ability of the virus to load other malware onto the targeted PC.

The improvements

Every software developer seeks to make their product better, more efficient and more effective. This also applies to malware creators as well. There are two main changes that the hackers behind Necurs have recently added to their virus program as reported by Symantec.

• The first main improvement is the addition of a screenshot function to Necurs . By adding a Powershell script to virus would now allow it to take a screenshot of the user’s screen and send it to the hacker’s server a few seconds later. The researchers at Symantec presume that the purpose of this feature is to provide the hackers behind the malware with more accurate information regarding the infected machine in order to determine of it represents a valuable environment for further infection with another virus. For instance, if the attacked PC is running a professional software for office use, then there’s high chance that the computer is connected to a network with other interconnected PCs which would all be vulnerable for further infection.
• The second addition to the Necurs downloader is an error-reporting utility. This function is supposed to detect errors and bugs coming from the malware and report them to the hacker. So far, though similar features have been seen on other malware viruses, this is presumably the first downloader type of malware to have an error-reporter. As for the purposes of this feature, it is actually pretty obvious why it must have been added. As we already mentioned, even malware developers want to improve their products and make them more effective and what better way to do that than having a built-in utility inside the program that would report any issues with it. After all, malware developers cannot count on user feedback, now can they?

Increasing activity

Symantec have also reported that throughout the past couple of months an increased activity by the Necurs virus has been detected. From June to October, the activity of this malware has increased four times! Currently, this virus seems to be predominantly used for the distribution of the Locky Ransomware and of a banking Trojan Horse known as TrickBot. In addition to that, as we already said above, Necurs also gathers telemetry data from infected PCs and sends the collected information to the hackers’ servers.

The post Necurs Malware Receives an Update appeared first on Malware Complaints.

In that regard, in the following article, we will go over the main changes that have been introduced to one of the top browser programs out there – Mozilla Firefox, with its latest version – 56.

Introduction

The overall focus of Firefox 56 is centered around interface changes to the settings panel as well as the addition of a couple of new features that we will talk about in a minute. In addition, version 56 is said to also add security fixes to Firefox which is always good to hear.

However, with this update, Firefox will not receive much internal optimization and modification. Changes in this department will be left for the next update of the program which is set for a release in the middle of the next month.

Screenshot feature

One of the more prominent changes that Firefox 56 will add is a utility that would allow the user to take screenshots of from the browser (the whole screen or cropped areas of it). A new button is added to Firefox’s toolbar through which the feature can be accessed.

The tool is reminiscent of Window’s own built-in Snipping tool but is better optimized for browser screenshots. A neat trait of the utility it that it can automatically detect different segments from a page that the user might want to take a screenshot of. For example, text paragraphs or images would get outlined so that a picture of them could be taken with a single click of the mouse.

As a matter of fact, this utility was available with Firefox 55 but the access to it was limited and few users were able to utilize it. Now, it will be publicly available and everyone with the latest stable version of Firefox will be able to use it.

One thing to note here is that such a feature isn’t unprecedented when it comes to web browsers. There are a number of browsing programs that have had a similar built-in screenshot tool before it got added to Chrome. For example, two less popular browsers like Maxthon and Slimjet both have a tool that offers the same functionality as a built-in feature.

Settings panel changes

The next significant alteration introduced with Firefox can be observed within its settings panel. The side panel which used to include eight different buttons now has only four: General, Search, Privacy and Security and Firefox Account. Also, the outlook is a bit different. However, as you might expect, all the settings that Firefox offers can still be accessed via those four buttons.

One neat addition which significantly eases-up navigation throughout the settings panel on Firefox is the addition of a search bar. Now, the user can type the name of the setting that they are looking for in the search bar and they will be displayed the needed setting. This allows for much easier and faster use of the settings panel as the customer wouldn’t need to manually go through all the different menus until they find what they have been looking for.

Here, we should note that once again, Firefox isn’t the first browser to introduce such a settings search feature. Chrome, Opera and a number of other browsers have had this for quite a while now and it was high time that Firefox too had it added to its arsenal of utilities.

Blocking auto-playing media

We have all encountered pages that starts playing video or sound as soon you open them and this can be quite annoying and frustrating, especially if the page has been opened in a background tab. This is likely the reason behind the decision to make new versions of Firefox block auto-playing media on background tabs. Google Chrome, too, is set to have such a change introduced to it but the update which will it happen will not be released before January, 2018.

The post Firefox 56 – what’s new? appeared first on Malware Complaints.