Collaborate Disseminate
At the end of May 2019, a new family of ransomware called Maze emerged into the gaping void left by the demise of the GandCrab ransomware. Unlike run-of-the-mill commercial ransomware, Maze authors implemented a data theft mechanism to exfiltrate infor… Continue reading A Malware Researcher’s Guide to Reversing Maze Ransomware
With many of us stuck at home because of the pandemic, it’s only natural that streaming services will experience a surge in members and traffic. Netflix is clearly among them, and to make sure that there’s enough to go around for everyone w… Continue reading Netflix Phishing Campaign Spikes in Brazil with Account Update/Suspended Tricks
As new developments regarding the coronavirus outbreak emerge, Android developers (malware developers included) have started capitalizing the topic. Bitdefender researchers have recently analyzed Android telemetry from Google Play – and other thi… Continue reading Android Apps and Malware Capitalize on Coronavirus
Bitdefender researchers have discovered a new TrickBot module (rdpScanDll) built for RDP bruteforcing operations on select targets. The new module was discovered on January 30 and, based on the IP addresses it targets, victims seem to be US and Hong Ko… Continue reading New TrickBot Module Bruteforces RDP Connections, Targets Select Telecommunication Services in US and Hong Kong
We’re happy to announce a new decryptor for Paradise Ransomware. Paradise Ransomware, initially spotted in 2017, has been aggressively marketed as a service to interested affiliates. After infection, it checks whether the keyboard language is set… Continue reading Paradise Ransomware decryption tool
Bitdefender researchers recently found threat actors abusing a legitimate feature in the RDP service to act as a fileless attack technique, dropping a multi-purpose off-the-shelf tool for device fingerprinting and for planting malware payloads ranging … Continue reading RDP Abuse and Swiss Army Knife Tool Used to Pillage, Encrypt and Manipulate Data
In the fast-paced world of cybersecurity, malware normally gets a brief period in the spotlight before it falls into oblivion. This is not the case with Glupteba, a backdoor first spotted in 2014 that has undergone major changes to stay relevant. At th… Continue reading Revisiting Glupteba: Still Relevant Five Years after Debut
Internet of Things devices have become commonplace in modern homes. Relatively inexpensive and easy to control remotely, they promise a world at your fingertips. Security vulnerabilities in connected devices can not only affect the user experience but … Continue reading Multiple Vulnerabilities in Belkin WeMo Insight Switch
Bitdefender researchers recently analyzed 25 apps that made it into Google Play, at least for a time, packing aggressive adware SDKs that bombarded users with ads and avoided removal by hiding their presence. Cumulatively, the apps were apparently down… Continue reading Dozens of Apps Still Dodging Google’s Vetting System
Over the last few months, we have seen increased Exploit Kit activity. One example is the Fallout Exploit Kit, which we will describe in depth in this article. Since its emergence in August 2018, threat actors have intensively used the Fallout Exploit … Continue reading A close look at Fallout Exploit Kit and Raccoon Stealer