Who IsErIk: A Resurface of an Advanced Persistent Adware?

As the malware industry expands, new tricks added to the cyber-criminal arsenal show up on a daily basis. Our Advanced Threat Control team has identified a massive expansion of the malicious repertoire meant to resurface old, but not-forgotten threats…. Continue reading Who IsErIk: A Resurface of an Advanced Persistent Adware?

Worm-Cryptominer Combo Lets You Game While Using NSA Exploits to Move Laterally

Bitdefender researchers recently found and analyzed a worm-cryptominer combo that uses a series of exploits to move laterally and compromise victims. What makes it interest is that it pauses the resource-intensive cryptomining process if it finds popul… Continue reading Worm-Cryptominer Combo Lets You Game While Using NSA Exploits to Move Laterally

Astaroth Trojan Resurfaces, Targets Brazil through Fileless Campaign

During routine detection monitoring from our Advanced Threat Control technology, Bitdefender researchers found an interesting spike in malware activity that involved using Microsoft binaries in the infection process, as well as GitHub and Google Drive … Continue reading Astaroth Trojan Resurfaces, Targets Brazil through Fileless Campaign

Surveys Show Enterprises Slow to Adopt Zero Trust

The Zero Trust approach to cybersecurity is beginning to make inroads in IT departments of all shapes and sizes. Nevertheless, a recent survey shows that while cybersecurity professionals are aware of the growing risks posed by technological change, i… Continue reading Surveys Show Enterprises Slow to Adopt Zero Trust

Scranos Revisited – Rethinking persistence to keep established network alive

In April, Bitdefender broke the news of an emerging botnet dubbed Scranos. Originating from China, it has spread across Europe and the United States, snaring Windows and Android devices with advertising fraud and social network manipulation. Our origin… Continue reading Scranos Revisited – Rethinking persistence to keep established network alive

Good riddance, GandCrab! We’re still fixing the mess you left behind.

On January 28th 2018, our analysts on watch saw a small blip pop up on the Bitdefender Threat Map. It was one of millions of blips we see daily here at Bitdefender, but that blip marked the birth of a new family of ransomware that would cause great pai… Continue reading Good riddance, GandCrab! We’re still fixing the mess you left behind.

An APT Blueprint: Gaining New Visibility into Financial Threats

This new Bitdefender forensic investigation reveals a complete attack timeline and behavior of a notorious financial cybercriminal group, known as Carbanak. In mid-2018, Bitdefender researchers investigated a targeted attack on an Eastern European fina… Continue reading An APT Blueprint: Gaining New Visibility into Financial Threats

Yet Another Meltdown – A Microarchitectural Fill Buffer Data Sampling Vulnerability (CVE-2018-12130)

More than one year ago, security researchers at Google Project Zero have disclosed a series of hardware vulnerabilities affecting Intel® x86 microprocessors. Leveraging a feature of modern processors called speculative execution, as well as timing… Continue reading Yet Another Meltdown – A Microarchitectural Fill Buffer Data Sampling Vulnerability (CVE-2018-12130)

Inside Scranos – A Cross Platform, Rootkit-Enabled Spyware Operation

Last year, the Bitdefender Cyber Threat Intelligence Lab started analysis of a new password- and data-stealing operation based around a rootkit driver digitally signed with a possibly stolen certificate. The operation, partially described in a recent a… Continue reading Inside Scranos – A Cross Platform, Rootkit-Enabled Spyware Operation

New GandCrab v5.1 Decryptor Available Now

Today we’re happy to announce that our collaboration with the Romanian Police, Europol and other law enforcement agencies has yielded another new decryptor for all GandCrab ransomware versions released since October 2018. If you need to decrypt v… Continue reading New GandCrab v5.1 Decryptor Available Now