SectopRAT: New version adds encrypted communication
SectopRAT, also known as 1xxbot or Asatafar, had been an unknown, in-development threat when we discovered it a year ago. Now it infects systems in Germany. What is the new version capable of?
SectopRAT: New version adds encrypted communication
SectopRAT, also known as 1xxbot or Asatafar, had been an unknown, in-development threat when we discovered it a year ago. Now it infects systems in Germany. What is the new version capable of?
How secure are smart contracts?
Smart contracts are related to cryptocurrencies and offer more efficiency than usual contracts in certain areas. Meanwhile, they are only as secure as the programmer's best knowledge. Due to bad programming practices, some contain exploitable flaws. So what kind of security risks are there? In this…
IceRat evades antivirus by running PHP on Java VM
IceRat keeps low detections rates for weeks by using an unusual language implementation: JPHP. But there are more reasons than the choice of the compiler. This article explores IceRat and explains a way to analyze JPHP malware.
Business as usual: Criminal Activities in Times of a Global Pandemic
The beginning of 2020 has been appalling for most parts of the world being affected by Coronavirus disease 2019 (COVID-19). This brought about a change in the everyday life of every individual in every country striving to sustain their daily tasks while simultaneously preventing further infection.…
Interview with Arnas Staude (Part 2): “The whole is more than the sum of its parts”
Unlike conventional behaviour analysis, BEAST records all system behaviour in a graph and thus provides a holistic view. The technology is based on a self-developed, lightweight graph database. In this interview, Arnas Staude explains the details of the development process to us.
Babax stealer rebrands to Osno, installs rootkit
Babax not only changes its name but also adds a Ring 3 rootkit and lateral spreading capabilities. Furthermore it has a ransomware component called OsnoLocker. Is this combination as dangerous as it sounds?
The TRUMP crypto derivative - An insight into crypto derivatives
Crypto derivatives offer unique advantages over traditional ones. But at what cost? In this article we look at what they are and what kind of security risks the users face.
Further awards from test institutes: “The investment in new technologies has paid off.” (Update)
G DATA Internet Security ensures that users are well protected against cyber attacks. This has been repeatedly confirmed in tests by two independent test institutes, AV-Test and AV-Comparatives. We spoke to Thomas Siebert, Head of Protection Technologies at G DATA Cyber Defense, about how the…
T-RAT 2.0: Malware control via smartphone
Malware sellers want to attract customers with convenience features. Now criminals can remote control malware during their bathroom routine by just using a smartphone and Telegram app.
A modern Sample Exchange System
We open sourced a system to exchange malware samples between partners in the AV industry. In the following post, we explain our motivation, technical details and usage of the system.