Mains Power Supply for ATtiny Project is Probably a Bad Idea

When designing a mains power supply for a small load DC circuit, there are plenty of considerations. Small size, efficiency, and cost of materials all spring to mind. Potential lethality seems like it would be a bad thing to design in, but that didn’t stop [Great Scott!] from exploring capacitive …read more

Continue reading Mains Power Supply for ATtiny Project is Probably a Bad Idea

Mobile malware evolution 2018

Users of mobile devices in 2018 faced what could be the strongest cybercriminal onslaught ever seen. Over the course of the year, we observed both new mobile device infection techniques and a step-up in the use of tried-and-tested distribution schemes (for example, SMS spam). Continue reading Mobile malware evolution 2018

A Zebrocy Go Downloader

The Sofacy subset we identify as “Zebrocy” continues to target Central Asian government related organizations, both in-country and remote locations, along with a new middle eastern diplomatic target. And, as predicted, they continue to build out their malware set with a variety of scripts and managed code. Continue reading A Zebrocy Go Downloader

Octopus-infested seas of Central Asia

For the last two years we have been monitoring a Russian-language cyberespionage actor that focuses on Central Asian users. We named the actor DustSquad and have provided reports on four of their campaigns. In this blogpost we cover a malicious program for Windows called Octopus that mostly targets diplomatic entities. Continue reading Octopus-infested seas of Central Asia

Osiris dropper found using process doppelgänging

Process doppleganging, a rare technique of impersonating a process, was discovered last year, but hasn’t been seen much in the wild since. It was an interesting surprise, then, to discover its use in a dropper of the Osiris banking Trojan. We unpa… Continue reading Osiris dropper found using process doppelgänging

A simple example of a complex cyberattack

We’re already used to the fact that complex cyberattacks use 0-day vulnerabilities, bypassing digital signature checks, virtual file systems, non-standard encryption algorithms and other tricks. Sometimes, however, all of this may be done in much simpler ways, as was the case in the malicious campaign that we detected a while ago – we named it ‘Microcin’ after microini, one of the malicious components used in it. Continue reading A simple example of a complex cyberattack