Collaborate Disseminate
We’re happy to announce the availability of a new decryptor for MaMoCrypt, a strain of ransomware that appeared in December last year. MaMoCrypt is an unusual piece of ransomware, a variant of MZRevenge written in Delphi and packed using mpress. If you… Continue reading MaMoCrypt Ransomware Decryption Tool
While botnets have been used for anything from performing Distributed Denial-of-Service (DDoS) attacks to stealing data and even sending spam, Bitdefender researchers have found signs that the Interplanetary Storm botnet could be used for something els… Continue reading Interplanetary Storm Botnet Shows Signs of Anonymization-Purpose Proxy-for-Hire Infrastructure
Security researchers at Bitdefender have discovered a new Golang-written RAT that targets devices by using the CVE-2019-2725 (Oracle WebLogic RCE) vulnerability identified last year. Unlike other bots that have exploited this vulnerability, it doesn’t … Continue reading There’s a New a Golang-written RAT in Town
Crypto-miners have been around for several years, in all forms and shapes, and distributed via various attack avenues. Increased competition from other cyber-criminal groups and various defenses set in place at the browser or security solution level ha… Continue reading LemonDuck Crypto-Miner – a KingMiner Successor
The official Android app market has traditionally been regarded as a safe place to install applications from. Every once in a while, remarkably malicious apps slip right through and start wreaking havoc before they’re spotted and retired. Today’s blog … Continue reading Apps on Google Play Tainted with Cerberus Banker Malware
The e-currency boom in late 2017 sparked a new type of “gold rush”, as cyber-criminals started racing to infect home computers and data centers with crypto-miners. While digital currencies have fluctuated wildly since late 2017, cyber-crimi… Continue reading Kingminer Botnet Keeps up with the Times
Bitdefender researchers have recently found the APT group StrongPity has been targeting victims in Turkey and Syria. Using watering hole tactics to selectively infect victims and deploying a three-tier C&C infrastructure to thwart forensic investig… Continue reading StrongPity APT – Revealing Trojanized Tools, Working Hours and Infrastructure
Bitdefender researchers have recently found an increasing number of SSH-targeting bots written in Golang. Traditionally, popular malware is written in C, C++ and Perl, and it’s rare that we see attackers creating new malware or bots from scratch,… Continue reading SSH-Targeting Golang Bots Becoming the New Norm
In 2016, a sophisticated malware campaign targeting Pakistani nationals made headlines. Dubbed Bitter, the Advanced Persistent Threat group (also known as APT-C-08) has been active both in desktop and mobile malware campaigns for quite a long time, as … Continue reading BitterAPT Revisited: the Untold Evolution of an Android Espionage Tool
Bitdefender researchers Janos Gergo SZELES and Ruben Andrei CONDOR have documented a new Metamorfo campaign that uses legitimate software components to compromise computers. Metamorfo is a family of banker Trojans that has been active since mid-2018. I… Continue reading Banking Trojan Metamorfo Hijacks Trusted Apps to Run Malware