Collaborate Disseminate
Criminals are using an old certificate to sign a malware that takes advantage of the COVID-19 pandemic situation, preying on people’s need for information. The goal is to steal personal data, including SMS messages, call logs, contacts, and more…. Continue reading Android Malware in COVID-19 Clothes Steals SMS and Contacts
In early 2020 we identified a new, highly sophisticated Android espionage platform that had been active in the wild for at least 4 years. We named the threat Mandrake as the actor(s) behind it used names of toxic plants, or other botanical references, … Continue reading Mandrake – owning Android devices since 2016
With healthcare systems under constant strain amid the SARS-CoV-2 global pandemic, hospitals and healthcare facilities around the world have also been hit by a wave of cyberattacks, including ransomware attacks. While officials have already issued warn… Continue reading Global Ransomware and Cyberattacks on Healthcare Spike during Pandemic
We’re happy to announce the availability of a new decryptor for GoGoogle (aka BossiTossi) ransomware. This family of ransomware is written in Go and generates encrypted files with the .google extension. Spotted in April 2020, GoGoogle ransomware … Continue reading GoGoogle Decryption Tool
A group of sophisticated threat actors known as OceanLotus or PhantomLance has recently become known for disseminating advanced Android threats via official and third-party marketplaces since 2014. They have sought to remotely control infected devices,… Continue reading Android Campaign from Known OceanLotus APT Group Potentially Older than Estimated, Abused Legitimate Certificate
The coronavirus pandemic is an opportunity for criminals who try to take advantage of people’s thirst for information. Unfortunately, Android users can fall prey to malware attacks using the COVID-19 cover, especially if they sideload apps by cir… Continue reading Android SLocker Variant Uses Coronavirus Scare to Take Android Hostage
We have just released an updated decryption tool for Shade (Troldesh) Ransomware. As a long-established family of ransomware, Shade has been in operation since 2014, and has been operating consistently ever since. In late April 2020, its operators anno… Continue reading Shade / Troldesh Ransomware decryption tool
With the Coronavirus pandemic still going strong, cybercriminals have continued leveraging this crisis by pushing threats designed to compromise victims’ data and security. If during mid-March we’d already seen a five-fold increase in Coron… Continue reading Coronavirus-themed Threat Reports Haven’t Flattened The Curve
CVE-2019-17101 – Command execution due to unsanitized input Indoor video surveillance has become one of the most frequent applications for IoT devices. In public places, offices or private homes, video surveillance helps deter crime and detect ac… Continue reading Cracking the Netatmo Smart Indoor Security Camera
For more than two weeks, most of the world’s population has been placed under lockdown and forced to work from the safety of their own homes. In an attempt to stay connected, many have turned to video-conferencing software to keep businesses… Continue reading Infected Zoom Apps for Android Target Work-From-Home Users