Casper is considered to be EvilBunny’s and Babar’s successor, believed to be originating from the same group of programmers – possibly connected to a French intelligence agency. Two very interesting changes the malware has undergone: it now has a modular structure which allows the attackers to download and install attack plug-ins at will and its anti AV strategies improved. This blog post is supposed to give a brief overview about the main differences between Casper and the other two we wish to mention. A thorough analysis of the Casper can be read in Joan Calvet’s (ESET) blog post, published today. Calvet has worked together again with Marion Marschalek and Paul Rascagnères to dissect this newly discovered threat.