Worm-Cryptominer Combo Lets You Game While Using NSA Exploits to Move Laterally

Worm-Cryptominer Combo Lets You Game While Using NSA Exploits to Move Laterally

by Liviu ARSENE, from Bitdefender Labs , on 20.08.2019

Bitdefender researchers recently found and analyzed a worm-cryptominer combo that uses a series of exploits to move laterally and compromise victims. What makes it interesting is that it pauses the resource-intensive cryptomining process if it finds popular games running on the victim’s machine. The investigation revealed that the worm-cryptominer has been constantly updated by its […] read more

20 month prison sentence for British hacker who made fortune helping SIM-swap fraudsters

20 month prison sentence for British hacker who made fortune helping SIM-swap fraudsters

by Graham CLULEY, from HotForSecurity , on 19.08.2019

A teenage British hacker has been sentenced to 20 months in prison after pleading guilty to selling hacking services and stolen personal data for cryptocurrency. 19-year-old Elliott Gunton was no stranger to the authorities, having previously been convicted in December 2016 for his role in the infamous hack of the telecoms firm TalkTalk. Gunton, 17 [and#8230;] read more

New Homograph Phishing Attack Impersonates Bank of Valletta, Leverages Valid TLS Certificate

New Homograph Phishing Attack Impersonates Bank of Valletta, Leverages Valid TLS Certificate

by Liviu ARSENE, from Bitdefender Labs , on 07.08.2019

Bitdefender researchers recently uncovered a new IDN (internationalized domain name) homograph phishing attack in which attackers impersonate the Bank of Valletta, Malta. Bitdefender’s Deep Learning technologies, trained specifically to spot this type of homograph attack, quickly flagged the website for phishing. They triggered an investigation from our teams to better understand the mechanics behind it. […] read more

Bypassing KPTI Using the Speculative Behavior of the SWAPGS Instruction

Bypassing KPTI Using the Speculative Behavior of the SWAPGS Instruction

by Bitdefender Team, from Bitdefender Labs , on 06.08.2019

Bitdefender senior researchers Dan Horea Luțaș and Andrei Vlad Luțaș recently uncovered a new speculative-execution vulnerability and demonstrated how it can be exploited via a side-channel style attack, dubbed SWAPGS Attack. The vulnerability has been publicly reported today as CVE-2019-1125. While side-channel attacks have been known for some time now, speculative execution-based attacks are new, […] read more

Adware-Packed Fake Apps Still Making Their Way to Google Play

Adware-Packed Fake Apps Still Making Their Way to Google Play

by Liviu ARSENE, from Bitdefender Labs , on 22.07.2019

Adware is nothing new, nor will it go away any time soon, especially since it’s a legitimate means for app developers to generate revenue. When it comes to Android, “borderline legitimate” is the tagline that developers commonly abuse to smuggle seemingly legitimate applications into official marketplaces, such as Google Play. While displaying ads is not […] read more

Astaroth Trojan Resurfaces, Targets Brazil through Fileless Campaign

Astaroth Trojan Resurfaces, Targets Brazil through Fileless Campaign

by Liviu ARSENE, from Bitdefender Labs , on 09.07.2019

During routine detection monitoring from our Advanced Threat Defense technology, Bitdefender researchers found an interesting spike in malware activity that involved using Microsoft binaries in the infection process, as well as GitHub and Google Drive for delivering payloads. After analyzing the detection details, we identified this activity as a resurgence of the Astaroth spyware, a […] read more

Scranos Revisited – Rethinking persistence to keep established network alive

Scranos Revisited – Rethinking persistence to keep established network alive

by Bogdan BOTEZATU, from Bitdefender Labs , on 25.06.2019

In April, Bitdefender broke the news of an emerging botnet dubbed Scranos. Originating from China, it has spread across Europe and the United States, snaring Windows and Android devices with advertising fraud and social network manipulation. Our original report shone a spotlight on Scranos operators and exposed their illicit use of Authenticode certificates, and other […] read more

Good riddance, GandCrab! We’re still fixing the mess you left behind.

Good riddance, GandCrab! We’re still fixing the mess you left behind.

by Bogdan BOTEZATU, from Bitdefender Labs , on 17.06.2019

On January 28th 2018, our analysts on watch saw a small blip pop up on the Bitdefender Threat Map. It was one of millions of blips we see daily here at Bitdefender, but that blip marked the birth of a new family of ransomware that would cause great pain to innocent victims around the world. […] read more

An APT Blueprint: Gaining New Visibility into Financial Threats

An APT Blueprint: Gaining New Visibility into Financial Threats

by Liviu ARSENE, from Bitdefender Labs , on 03.06.2019

This new Bitdefender forensic investigation reveals a complete attack timeline and behavior of a notorious financial cybercriminal group, known as Carbanak. In mid-2018, Bitdefender researchers investigated a targeted attack on an Eastern European financial institution, gaining new insights and creating a complete event timeline showing how the infamous group Carbanak infiltrates organizations, how it moves […] read more

Yet Another Meltdown – A Microarchitectural Fill Buffer Data Sampling Vulnerability (CVE-2018-12130)

Yet Another Meltdown – A Microarchitectural Fill Buffer Data Sampling Vulnerability (CVE-2018-12130)

by Bogdan BOTEZATU, from Bitdefender Labs , on 15.05.2019

More than one year ago, security researchers at Google Project Zero have disclosed a series of hardware vulnerabilities affecting Intel® x86 microprocessors. Leveraging a feature of modern processors called speculative execution, as well as timing responses, this family of flaws in hardware defeats the architectural safeguards of the processor and allows unprivileged user-mode applications to […] read more

<< Prev Next >>