Malware authors are surely known for their ability to fly under the radar. But every once in a while, details about their operations surface on the web. This is the case of a handful of malware operations that managed to gain unwanted attention by...
More than a year ago, on July 26th 2016, the Bitdefender Threat Intelligence Team came across a suspicious document called News.doc. However, unlike most potentially malicious documents that get processed in our labs, this file displayed...
In 2016, Bitdefender uncovered a new advanced persistent threat dubbed Pacifier, targeting government institutions starting in 2014. Using malicious .doc documents and .zip files distributed via spear phishing e-mails, attackers would lure victims...
The Internet of connected things has changed the way we interact with our homes, offices or even with our own bodies. But although connected devices are sold mostly everywhere, some manufacturers don’t dwell on the security aspects, but rather...
The DarkHotel threat actors have been known to operate for a decade now, targeting thousands of businesses across the world via Wi-Fi infrastructure in hotels. Blending whaling (high-level spear phishing) techniques with advanced malware and other...
On June 27th, reports of a rapidly spreading ransomware attack started to emerge from Ukraine. The speed at which critical infrastructure networks were shutting down pointed to a ransomware application with a wormable component, whose virality...
In May 2016, the Bitdefender threat response team isolated several samples from the internal malware zoo while looking into a custom file-packing algorithm. A deeper look into our global telemetry revealed that this piece of malware was strictly...
Ever since the emergence in 2007 of the APT28 group, Bitdefender has become familiar with the backdoors used to compromise Windows and Linux targets, such as Coreshell, Jhuhugit and Azzy for the former OS or Fysbis for the latter.
Bitdefender researchers Marius Tivadar, Cristian Istrate, Iulian Muntean and Andrei Ardelean dissected some malware samples which had been used in the Pacifier APT spear phishing campaign over the past two years. These samples show clear evolution...
Bitdefender vulnerability researcher Radu Caragea presented today at the Hack In The Box Amsterdam conference a novel way to extract TLS keys from virtual machines, using an out-of-guest approach. The new technique works to detect the creation of...
