Charles McFarland is a Senior Research Scientist. He has been working in the security industry since 2006, focusing on technical training and specialized in encryption technologies before moving on to threat intelligence research. In past research, he has focused on underground markets, and actor behavior. Currently, he is focused on Ransomware campaigns and the actors behind them.
Twitter: @CGMcFarland
More from Charles McFarland
Jet Database Engine Flaw May Lead to Exploitation: Analyzing CVE-2018-8423
In September 2018, the Zero Day Initiative published a proof of concept for a vulnerability in Microsoft’s Jet Database Engine. Microsoft released a patch in October 2018. We investigated this flaw at that time to protect our customers. We were able to find some issues with the patch and reported ...
Demystifying Blockchain: Sifting Through Benefits, Examples and Choices
You have likely heard that blockchain will disrupt everything from banking to retail to identity management and more. You may have seen commercials for IBM touting the supply chain tracking benefits of blockchain.[i] It appears nearly every industry is investing in, adopting, or implementing blockchain. Someone has probably told you ...
Cyber Threat Alliance Releases Analysis of Illicit Cryptocurrency Mining
In response to the explosive increase in cryptomining campaigns in Q4 2017, the Cyber Threat Alliance has formed a cryptomining subcommittee to assess the threat.
Threat Report: Don’t Join Blockchain Revolution Without Ensuring Security
On May 19 researchers discovered a series of vulnerabilities in the blockchain-based EOS platform that can lead to remote control over participating nodes. Just four days prior, a mining pool server for the IOT platform HDAC was compromised, impacting the vast majority of miners. In January the largest-ever theft of ...
It’s a Zoo Out There! Data Analysis of Alleged ZooPark Dump
In early May, researchers disclosed a Mobile malware campaign by a group focused on Middle Eastern targets. This actor was found to be an evolving and sophisticated group using fake Android apps, namely Telegram, to trick users into installing malicious software. They have been active since 2015 and evolved over ...
Syn/Ack Unique Proactive Protection Technique
McAfee’s Advanced Threat Research team has performed analysis on samples of Syn/Ack ransomware implementing Process Doppelgänging. For those who are concerned about the potential impact of this ransomware but are currently unable to implement McAfee product protections, we have found a simple but interesting alternative method. Prior to encryption and ...
The Ripple Effect of the Hansa Takedown
For nearly a decade we have witnessed the systemic rise and fall “dark net” markets. Each time a site is taken down by law enforcement, we see other, opportunistic ones capitalize on buyers looking for new places to purchase illegal goods. Last year we explored the takedowns of the popular ...
McAfee Researchers Analyze Dark Side of Cryptocurrency Craze
In December 2017 Bitcoin values skyrocketed, peaking at the unprecedented amount of roughly US$19,000 per coin. Unsurprisingly, the market for cryptocurrencies exploded in response. Investors, companies, and even the public found a fresh interest in digital currencies. However, the exciting change in Bitcoin value did not just influence your average ...
Exploring the Correlation Between Bitcoin’s Boom and Evrial’s Capabilities
Many of the stealthiest cyberthreats out there spawn on underground forums, as malware authors leverage the space to sell unique variants to fellow criminals. And now there’s a new addition to the underground scene. Meet Evrial: a powerful, information-stealing Trojan which is currently for sale for 1,500 Rubles or $27 ...
Code Execution Technique Takes Advantage of Dynamic Data Exchange
Email phishing campaigns are a popular social engineering technique among hackers. The idea is simple: Craft an email that looks enticing to users and convince them to click on a malicious link or open a malicious attachment. Weight-loss and other health-related phishing emails are common. Package deliveries, bank notices and, ...
- 1
- 2
