Analysis: ZeuS Panda
08/09/2017 - In our first article on the intricacies of this malware, we already hinted at some of its complex inner workings. Now a full analysis is available. ZeuS has been a staple of online banking malware for many years now. Neither ZeuS nor its variant "Panda" are your average, run-of-the-mill Trojans.Author: Tim Berghoff
Anonymity as a crime?
08/04/2017 - Legislation regarding the use of technologies such as VPN and TOR are a hot topic at the moment. One of the main arguments fielded against those technologies is the fight against terrorism and the "removal of terrorist content" from the web. Some experts, however, openly question the usefulness and effectiveness of those measures.Author: Tim Berghoff
Malware numbers of the first half of 2017
07/24/2017 - In this article we publish numbers about malware based on two ways of counting. The number of newly appeared malware specimen, and the number of prevented attacks on computers. During the first half of 2017 there were on average 47,4 attempted attacks per computer.Author: Ralf Benzmüller
Rurktar - Spyware under Construction
07/20/2017 - The development of any kind of software takes time. Not every function that is planned for the final product is implemented right from the start. It does not come as a surprise that this is also true for the development of malware. At the G DATA Security Labs, a file has sparked the interest of our researchers - this file is interesting for a number of reasons.Author: Tim Berghoff
Error 404: Online gamers at risk!
07/19/2017 - For a long time, gaming was just considered “a bit of a laugh” or “something for the kids”. Unsurprisingly, the security aspect did not receive a lot of attention – it just wasn’t seen as a problem or particularly relevant. But today’s gamers are not just two players sitting side by side as a dot pongs back and forth across the home computer screen. The opposite is true: with the advent of the...Author: Dominik Neugebauer
Scammers ask people to call - and we are happy to oblige.
07/13/2017 - For the past few weeks, headlines have been awash with reports about ransomware and other disruptive malware. Since malware in a worry for many people, scammers naturally try to profit off this trend. We had our own Tim Berghoff pose as a victim. Read his full report here.Author: Tim Berghoff
Who is behind Petna?
07/03/2017 - The news talk about a cyber attack when reporting about Petna and WannaCry. This implies purposeful activities aiming at causing damage. On the other hand, cyber-criminals who are in the blackmailing business with ransomware are mainly interested in making easy money. They failed both with WannaCry and even more with Petna. This leaves some open questions.Author: Ralf Benzmüller
Petya is back - again
06/27/2017 [UPDATE: 06/30/2017] - The Petya ransomware, about which the first reports were published in the G DATA blog, occasionally rears its head with some new features (last time as "GoldenEye"). This time is no different - except that this is the first time that Petya uses an exploit from the arsenal of an intelligence agency. We take a look at the current development and keep you updated.Author: Tim Berghoff
WannaCry - it's not over
06/13/2017 - WannaCry's encryptor was deactivated by a kill switch. But the worm component is still active. It crawls the internet for vulnerable systems and captures them where possible. It has recently been hitting US hospitals. In addition, the case WannaCry shows that it could have been worse. Time to prepare for the next wave.Author: Ralf Benzmüller
Warning: Massive "WannaCry" Ransomware campaign launched
05/12/2017 [UPDATE: 06/08/2017] - An outbreak of the latest version of "WannaCry" has been claiming victims in several countries. The speed and ferocity of the outbreak has taken many by surprise. Researchers are as yet puzzled as to the origin of the outbreak which hit 11 countries within just three hours. So far Spain and Russia were are among those who were hit hardest.Author: Tim Berghoff