
SectopRAT: New version adds encrypted communication
SectopRAT, also known as 1xxbot or Asatafar, had been an unknown, in-development threat when we discovered it a year ago. Now it infects systems in Germany. What is the new version capable of?
SectopRAT: New version adds encrypted communication
SectopRAT, also known as 1xxbot or Asatafar, had been an unknown, in-development threat when we discovered it a year ago. Now it infects systems in Germany. What is the new version capable of?
Reverse Engineering and observing an IoT botnet
IoT devices are everywhere around us and some of them are not up to date with todays security standard. A single light bulb exposed to the internet can offer an attacker a variety of possibilities to attack companies or households. The possibilities are endless.
New Java STRRAT ships with .crimson ransomware module
This Java based malware installs RDPWrap, steals credentials, logs keystrokes and remote controls Windows systems. It may soon be capable to infect without Java installed.
Pekraut - German RAT starts gnawing
Feature-rich remote access malware Pekraut emerges. The rodent seems to be of German origin and is ready to be released. We analyzed the malware in-depth.
New SectopRAT: Remote access malware utilizes second desktop to control browsers
This new remote access malware creates a second desktop that is invisible to the system's user. The threat actor can surf the Internet using the infected machine.
Book Recommendation: Cyberdanger
Famous German publisher Springer launched ‘Cyberdanger’ worldwide, a book written by Eddy Willems, G DATA’s Security Evangelist.
Panning for virtual gold - using other people's equipment
For quite some time, criminal actors have been using mobile devices for mining, without the knowledge or consent of the user.
Fighting Botnets - A never-ending story
Many media outlets focus on trends such as ransomware. While this is undoubtedly an important topic, it overshadows another equally important threat: botnets. For more than 15 years, botnets have been playing a role in the international cybercrime scene. The “Botconf.eu” conference, which is…
Warning: Massive "WannaCry" Ransomware campaign launched
An outbreak of the latest version of "WannaCry" has been claiming victims in several countries. The speed and ferocity of the outbreak has taken many by surprise. Researchers are as yet puzzled as to the origin of the outbreak which hit 11 countries within just three hours. So far Spain and Russia…
Twitter hack: thousands of accounts hijacked
Many Twitter users in Europe woke up to some unexpected Tweets: many Twitter accounts suddenly posted messages which attacked the Dutch and German governments. Unknown attackers were able to gain access to the millions of accounts through an app which provides statistics.