GarrantyDecrypt Ransomware poses as EnigmaSoft's SpyHunter
A new ransomware variant discredits EnigmaSoft by pretending to be SpyHunter. The ransom message reads like mockery. Some of the encrypted files might be recoverable.
Paliz, the PowerShell downloader in a ZIP and beyond
Threat actors regularly come up with new techniques for malware downloaders to hide and execute their code with the expectation that they can fool antivirus solutions for some time. Paliz is an archive that carries malicious code in an unusual location.
Distributing Malware - one "Word" at a Time
Using Microsoft Word to distribute malware is a common tactic used by criminals. Given the popularity of Word, criminals can often "live off the land" and use mechanisms that are already in place to do their dirty work.
Unpacking 101: Writing a static Unpacker for Ldpinch
Packers are commonly used by malware authors to thwart analysis. In our latest TechBlog article we will take a look at how packers work and how to unpack malware without running it.
Emotet: G DATA explains cybercrime's all-purpose weapon
No other malware-family is as penetrating and has been in development as long as Emotet. The malware has already caused millions in damage in companies around the world. We explain what Emotet can do and why it is so dangerous.
One Graph To Find Them All
Within this follow up post, we dive more thoroughly into one particular problem our Virus Analysts are commonly faced with, namely finding a large quantity of either similar or identical samples. We lay out how we use our graph database to tackle this problem and support our analysts.
Predictions 2019: "The era of simple Android malware is over"
Whether on smartphones, desktop computers, crypto currencies or websites - IT security is becoming increasingly important for end-users. We give an outlook on the most important trends for the year 2019.
Security tip for this holiday season: Uninstall Flash
During the holiday season, users can do themselves a big favor by ditching Adobe Flash, a software notorious for its frequent security flaws. The reason: A zero-day-exploit, which has been spotted at Hacking Team.
G DATA Techblog: Malware Analysis with a Graph Database
Graph databases are growing in popularity because their connection-oriented data model is a natural fit for many domains where the connections between entities are of central importance. We discuss in this post whether a graph database can help us to analyse malware, both manually and for machine…
Emotet: G DATA cautions against Word documents from the Internet
In a current malware campaign, users are lured with the promise of an invoice credit. But the infected Word documents are not a real treat - they install malware in the background.
Karsten Hahn
Virus Analyst
Tim Berghoff
Security Evangelist
