Smart Locks Not So Smart with Wi-Fi Security
The rise of online property rental in an increasingly competitive sharing economy has had a severe impact on the adoption of Internet-connected smart locks. Packed with features that allow landlords to issue and revoke access by electronically sharing a token or pin code during booking, intelligent locks have managed to ... Read More
Banking Trojan Metamorfo Hijacks Trusted Apps to Run Malware
Bitdefender researchers Janos Gergo SZELES and Ruben Andrei CONDOR have documented a new Metamorfo campaign that uses legitimate software components to compromise computers. Metamorfo is a family of banker Trojans that has been active since mid-2018. It primarily targets Brazilians and is delivered mostly through Office files rigged with macros ... Read More
Mandrake – owning Android devices since 2016
In early 2020 we identified a new, highly sophisticated Android espionage platform that had been active in the wild for at least 4 years. We named the threat Mandrake as the actor(s) behind it used names of toxic plants, or other botanical references, for major development branches: e.g. Briar, Ricinus ... Read More
Cracking the Netatmo Smart Indoor Security Camera
CVE-2019-17101 – Command execution due to unsanitized input Indoor video surveillance has become one of the most frequent applications for IoT devices. In public places, offices or private homes, video surveillance helps deter crime and detect accidents before they become uncontainable. Security cameras have become a necessity but, in the ... Read More
Bitdefender blocks CVE-2020-0796 ‘EternalDarkness Bug’ at Network Level
A new vulnerability in the SMB protocol allows an unauthenticated attacker to run arbitrary code on vulnerable computers. Bitdefender detects and blocks this type of exploitation at the network level as Exploit.SMB.CVE-2020-0796.EternalDarkness, via the Network Attack Defense module in Bitdefender GravityZone ... Read More
Revisiting Glupteba: Still Relevant Five Years after Debut
In the fast-paced world of cybersecurity, malware normally gets a brief period in the spotlight before it falls into oblivion. This is not the case with Glupteba, a backdoor first spotted in 2014 that has undergone major changes to stay relevant. At the end of 2018, our Advanced Threat Control ... Read More
A close look at Fallout Exploit Kit and Raccoon Stealer
Over the last few months, we have seen increased Exploit Kit activity. One example is the Fallout Exploit Kit, which we will describe in depth in this article. Since its emergence in August 2018, threat actors have intensively used the Fallout Exploit Kit to deliver ransomware (GandCrab, Kraken, Maze, Minotaur, ... Read More
Who IsErIk: A Resurface of an Advanced Persistent Adware?
As the malware industry expands, new tricks added to the cyber-criminal arsenal show up on a daily basis. Our Advanced Threat Control team has identified a massive expansion of the malicious repertoire meant to resurface old, but not-forgotten threats. The main focus of this analysis is an adware loader, first ... Read More
Scranos Revisited – Rethinking persistence to keep established network alive
In April, Bitdefender broke the news of an emerging botnet dubbed Scranos. Originating from China, it has spread across Europe and the United States, snaring Windows and Android devices with advertising fraud and social network manipulation. Our original report shone a spotlight on Scranos operators and exposed their illicit use ... Read More
Good riddance, GandCrab! We’re still fixing the mess you left behind.
On January 28th 2018, our analysts on watch saw a small blip pop up on the Bitdefender Threat Map. It was one of millions of blips we see daily here at Bitdefender, but that blip marked the birth of a new family of ransomware that would cause great pain to ... Read More
