Collaborate Disseminate
Bitdefender researchers Janos Gergo SZELES and Ruben Andrei CONDOR have documented a new Metamorfo campaign that uses legitimate software components to compromise computers. Metamorfo is a family of banker Trojans that has been active since mid-2018. I… Continue reading Banking Trojan Metamorfo Hijacks Trusted Apps to Run Malware
In early 2020 we identified a new, highly sophisticated Android espionage platform that had been active in the wild for at least 4 years. We named the threat Mandrake as the actor(s) behind it used names of toxic plants, or other botanical references, … Continue reading Mandrake – owning Android devices since 2016
CVE-2019-17101 – Command execution due to unsanitized input Indoor video surveillance has become one of the most frequent applications for IoT devices. In public places, offices or private homes, video surveillance helps deter crime and detect ac… Continue reading Cracking the Netatmo Smart Indoor Security Camera
A new vulnerability in the SMB protocol allows an unauthenticated attacker to run arbitrary code on vulnerable computers. Bitdefender detects and blocks this type of exploitation at the network level as Exploit.SMB.CVE-2020-0796.EternalDarkness, v… Continue reading Bitdefender blocks CVE-2020-0796 ‘EternalDarkness Bug’ at Network Level
In the fast-paced world of cybersecurity, malware normally gets a brief period in the spotlight before it falls into oblivion. This is not the case with Glupteba, a backdoor first spotted in 2014 that has undergone major changes to stay relevant. At th… Continue reading Revisiting Glupteba: Still Relevant Five Years after Debut
Over the last few months, we have seen increased Exploit Kit activity. One example is the Fallout Exploit Kit, which we will describe in depth in this article. Since its emergence in August 2018, threat actors have intensively used the Fallout Exploit … Continue reading A close look at Fallout Exploit Kit and Raccoon Stealer
As the malware industry expands, new tricks added to the cyber-criminal arsenal show up on a daily basis. Our Advanced Threat Control team has identified a massive expansion of the malicious repertoire meant to resurface old, but not-forgotten threats…. Continue reading Who IsErIk: A Resurface of an Advanced Persistent Adware?
In April, Bitdefender broke the news of an emerging botnet dubbed Scranos. Originating from China, it has spread across Europe and the United States, snaring Windows and Android devices with advertising fraud and social network manipulation. Our origin… Continue reading Scranos Revisited – Rethinking persistence to keep established network alive
On January 28th 2018, our analysts on watch saw a small blip pop up on the Bitdefender Threat Map. It was one of millions of blips we see daily here at Bitdefender, but that blip marked the birth of a new family of ransomware that would cause great pai… Continue reading Good riddance, GandCrab! We’re still fixing the mess you left behind.
More than one year ago, security researchers at Google Project Zero have disclosed a series of hardware vulnerabilities affecting Intel® x86 microprocessors. Leveraging a feature of modern processors called speculative execution, as well as timing… Continue reading Yet Another Meltdown – A Microarchitectural Fill Buffer Data Sampling Vulnerability (CVE-2018-12130)