Terdot: Zeus-based malware strikes back with a blast from the past

Terdot: Zeus-based malware strikes back with a blast from the past

by Bogdan BOTEZATU, from Bitdefender Labs , on 16.11.2017

Malware authors are surely known for their ability to fly under the radar. But every once in a while, details about their operations surface on the web. This is the case of a handful of malware operations that managed to gain unwanted attention by having their source code leaked. Mirai, KINS, Carberp and Zeus are […] read more

Ethereum OS miners targeted by SSH-based hijacker

Ethereum OS miners targeted by SSH-based hijacker

by Bogdan BOTEZATU, from Bitdefender Labs , on 01.11.2017

The increased popularity of emerging crypto-currencies such as Monero and Ethereum has put miners once again in the bad guys’ crosshairs. Illicit digital currency mining, either directly in the browser or via maliciously-delivered miners, is nothing new, but our honeypot systems have started flagging a different type of attack against Ethereum-mining farms. We detected the […] read more

Bad Rabbit Ransomware Strikes Ukraine, Likely related to GoldenEye

Bad Rabbit Ransomware Strikes Ukraine, Likely related to GoldenEye

by Bogdan BOTEZATU, from Bitdefender Labs , on 24.10.2017

A new strain of ransomware that has emerged today has hit a number of high profile institutions in Russia and Ukraine, such as the Kiev metro system, the Odessa airport, as well as the Russian news agency Interfax. The new family of ransomware is dubbed Bad Rabbit and appears to target critical infrastructure and high […] read more

BTCWare decryption tool now available for free

BTCWare decryption tool now available for free

by Bogdan BOTEZATU, from Bitdefender Labs , on 26.09.2017

If your computer has been hit by BTCWare, fear not; you now have a free and safe way to recover your data without paying the ransom. The Bitdefender Labs team has released the BTCWare decryption tool, available either as a standalone free tool or as part of the Bitdefender Ransomware Recognition tool, which is available […] read more

Bitdefender Ransomware Recognition Tool

Bitdefender Ransomware Recognition Tool

by Bogdan BOTEZATU, from Bitdefender Labs , on 26.09.2017

A tool to help ransomware victims find which family and sub-version of ransomware has encrypted their data and then get the appropriate decryption tool, if it exists. Ransomware has grabbed the headlines ever since 2014. While most ransomware attacks can’t be defeated, Bitdefender constantly creates and updates ransomware decryption tools for families that have either […] read more

EHDevel – The story of a continuously improving advanced threat creation toolkit

EHDevel – The story of a continuously improving advanced threat creation toolkit

by Alexandru MAXIMCIUC, from Bitdefender Labs , on 01.09.2017

More than a year ago, on July 26th 2016, the Bitdefender Threat Intelligence Team came across a suspicious document called News.doc.  However, unlike most potentially malicious documents that get processed in our labs, this file displayed similarities with a set of files known to have been used in separate attacks targeted at different institutions. Our […] read more

Three New Pacifier APT Components Point to Russian-Linked Turla Group

Three New Pacifier APT Components Point to Russian-Linked Turla Group

by Liviu ARSENE, from Bitdefender Labs , on 01.09.2017

In 2016, Bitdefender uncovered a new advanced persistent threat dubbed Pacifier, targeting government institutions starting in 2014. Using malicious .doc documents and .zip files distributed via spear phishing e-mails, attackers would lure victims with invitations to social functions or conferences into executing the attachments. Our previous analysis of the Pacifier components revealed that it’s capable of dropping multi-stage backdoors […] read more

Remote ownage of 100k+ Camera and Gateway devices demonstrated at Defcon

Remote ownage of 100k+ Camera and Gateway devices demonstrated at Defcon

by Bogdan BOTEZATU, from Bitdefender Labs , on 02.08.2017

It’s now anno domini 2017 and the number of Internet-connected devices surpass the living population by an order of magnitude. And while most of these devices help us reinvent the way we interact with our homes, our offices or with our own bodies, some “smart things” can lend hackers a helping hand in digital burglary. […] read more

Remote Exploitation of the NeoCoolcam IP Cameras and Gateway

Remote Exploitation of the NeoCoolcam IP Cameras and Gateway

by Bogdan BOTEZATU, from Bitdefender Labs , on 02.08.2017

The Internet of connected things has changed the way we interact with our homes, offices or even with our own bodies. But although connected devices are sold mostly everywhere, some manufacturers don’t dwell on the security aspects, but rather focus on features and time to market. In 2016, security researchers from Bitdefender detected multiple vulnerabilities […] read more

Inexsmar: An unusual DarkHotel campaign

Inexsmar: An unusual DarkHotel campaign

by Bogdan BOTEZATU, from Bitdefender Labs , on 18.07.2017

The DarkHotel threat actors have been known to operate for a decade now, targeting thousands of businesses across the world via Wi-Fi infrastructure in hotels. Blending whaling (high-level spear phishing) techniques with advanced malware and other complex attack avenues (such as digital certificate factoring), the threat actors have been able to run their business undisturbed […] read more

<< Prev Next >>