Well-disguised attacks: Malware samples threaten PCs and networks every few seconds
Cyber criminals’ targets have not changed in the past year. They are after passwords and confidential data and try to encrypt data and systems. The current Malware Top 10 showing the ten most active malware families indicate how active the attackers have been in 2019.
40,000 CryptBot Downloads per Day: Bitbucket Abused as Malware Slinger
Public source code repository at Bitbucket.org was as abused to host CryptBot, Buer loader with NuclearBot and Cryptominer.
New SectopRAT: Remote access malware utilizes second desktop to control browsers
This new remote access malware creates a second desktop that is invisible to the system's user. The threat actor can surf the Internet using the infected machine.
Learning from the best: Attending AllStars 2019
This year's AllStars took place in Amsterdam in September, alongside the two-day Global AppSec conference. The event offers a full day of the best hand-picked lectures from top speakers and researchers in the field of information security. G DATA virus analyst Karsten Hahn was there and presented…
Emotet: How an Emotet infection occurs in companies
The Emotet malware is still considered one of the most dangerous threats to corporate IT worldwide. Analysts at G DATA Advanced Analytics have tracked down how an Emotet infection starts gradually infiltrating corporate networks and then takes them out of operation bit by bit.
Interview with Carl-Benedikt Bender “Machine learning in general is very complex and has a lot of surprises in store”
With its DeepRay AI technology, G DATA is leading the way against rapidly changing malware. Carl-Benedikt Bender, leader of the development team behind DeepRay, explains how the technology works and what specific challenges arose during development.
Ordinypt: Resurgence
Recently, the Ordinypt malware has seen a resurgence in the wild, disguised as fake job applications sent via email to human resource departments in German companies. The malware uses social engineering to corrupt the user’s files and trick them into paying cryptocurrency to restore the corrupted…
Virus Bulletin Conference 2019: The Place-to-be
The annual Virus Bulletin conference (called „VB“ for short) is one oft he most important events of the year when it comes to threat intelligence for researchers and analysts as well as product managers and CISOs from all over the world. As usual, G DATA sent several members of their team. When they…
Malware Naming Hell Part 1: Taming the mess of AV detection names
Everyone who deals with malware will know this: Malware names are a convoluted mess. AV scanners will show different detection names for the same file. This confusion is also reflected in media coverage. Is there a way out of this mess?
Code-Signed malware: What's all the buzz about? Looking at the "Ryuk" ransomware as an example.
Certificates are an established method for verifying the legitimacy of an application. If malicious actors succeed in undermining a certificate authority (CA) by either stealing a valid certificate or compromising the CA, the entire model unravels. We have taken a look at a case where this has…
Hauke Gierow
Teamlead PR & Public Affairs
Vera Haake
Spokesperson Events & Location Communication