G Data Malware Report
The G Data SecurityLabs published the Malware Report for the first half of 2015. Here are the most important findings.
G Data Malware Report
The G Data SecurityLabs published the Malware Report for the first half of 2015. Here are the most important findings.
New Dridex infection vector identified
Malware authors can sometimes be creative in order to manipulate their human targets on the one hand and to circumvent security products, too. The experts of G DATA’s SecurityLabs analyzed a specially crafted Microsoft Word document the attackers used to install a rather famous banking Trojan called…
Banking Trojan has targeted Bundestag
After the initial reports on the attacks on the Bundestag (German Federal Parliament), variants of the Swatbanker family are now putting the Bundestag's intranet on a watch list. The operators of the botnet are apparently trying to steal access data and server responses associated with this site. It…
Staying alert when buying banners: Google's advertising service misused for distributing malware
The recent case of malware distribution via Google AdSense advertising banners is an arresting example of how quickly a huge number of websites across the world can become embroiled in cyber attacks. A supplier of the advertising network has apparently been compromised. The attackers deployed the…
The Andromeda/Gamarue botnet is on the rise again
Attacks carried out with documents pepped up with macros seem to become in vogue again. G DATA’s security experts have analyzed several cases within the last weeks, in which active content in documents triggers an infection. The experts want to explain two different approaches for the same current…
Casper: the newest member of the cartoon malware family
Casper is considered to be EvilBunny’s and Babar’s successor, believed to be originating from the same group of programmers – possibly connected to a French intelligence agency. Two very interesting changes the malware has undergone: it now has a modular structure which allows the attackers to…
The power of trust: “Superfish” case turns into a worst case scenario
The case of the “Superfish” adware has caused quite a sensation through its association with computer technology company Lenovo. However, the following report shows that “Superfish” is just the tip of the iceberg. It explains the implications of and possibilities for misuse. By way of an example,…
Babar: espionage software finally found and put under the microscope
Almost a year after Operation SNOWGLOBE was publicly mentioned for the first time by the famous French newspaper Le Monde, security experts have now laid hands on malware samples that match the descriptions made by the Communication Security Establishment Canada (CSEC). The following analysis is the…
Analysis of Project Cobra
Project Cobra and the Carbon System were mentioned by Kaspersky in the article called “The Epic Turla Operation” . This malware is used by the same actors as Uroburos (aka Snake/Turla) and Agent.BTZ. We estimate that Carbon System was developed after Agent.BTZ and before Uroburos. The Carbon System…
Regin, an old but sophisticated cyber espionage toolkit platform
Regin is one of the latest cyber espionage toolkits targeting a range or organizations, companies and individuals around the world. This malware is very sophisticated and it can mentioned in the same breath with other cyberespionage campaigns like Duqu, Stuxnet, Flame, Uroburos (aka Snake/Turla).…