Anti-Malware Research Whitepapers

Who IsErIk: A Resurface of an Advanced Persistent Adware?

As the malware industry expands, new tricks added to the cyber-criminal arsenal show up on a daily basis. Our Advanced Threat Control team has identified a massive expansion of the malicious repertoire meant to resurface old, but not-forgotten threats.

The main focus of this analysis is an adware loader, first discovered in 2016, which has kept such a low profile that researchers still haven’t agreed to a common denomination, generically identifying it as APA – Advanced Persistent Adware.

Bitdefender researchers have discovered a new large scale malware campaign dubbed IsErik – a family of Advanced Persistent Adware that features advanced evasion mechanisms, as well as the ability to execute remote code received from the command and control server.

Download the whitepaper

Bitdefender has compiled an extended IoC list and made it available for download.

About the author

Avatar

Bogdan BOTEZATU

Bogdan Botezatu is living his second childhood at Bitdefender as senior e-threat analyst. When he is not documenting sophisticated strains of malware or writing removal tools, he teaches extreme sports such as surfing the web without protection or rodeo with wild Trojan horses. He believes that most things in life can be beat with strong heuristics and that antimalware research is like working for a secret agency: you need to stay focused at all times, but you get all the glory when you catch the bad guys.

About the author

Ștefana GAL

Ștefana GAL

Stefana Gal - Software Engineer with a strong focus on malware behavior analysis. She has spent the past three years searching for the roots of human malice that branches in the virtual world through a mere set of computer operations. She believes that a low trust policy does not shield victims from the unpredictability of malware attacks, but rather from their effects. Let the unforeseeable wreak havoc in a secure environment.