Anti-Malware Research

MaMoCrypt Ransomware Decryption Tool
We’re happy to announce the availability of a new decryptor for MaMoCrypt, a strain of ransomware that appeared in December last year. MaMoCrypt is an unusual piece of ransomware, a variant of ...

Interplanetary Storm Botnet Shows Signs of Anonymization-Purpose Proxy-for-Hire Infrastructure
While botnets have been used for anything from performing Distributed Denial-of-Service (DDoS) attacks to stealing data and even sending spam, Bitdefender researchers have found signs that the Interplanetary Storm botnet could be ...

There’s a New a Golang-written RAT in Town
Security researchers at Bitdefender have discovered a new Golang-written RAT that targets devices by using the CVE-2019-2725 (Oracle WebLogic RCE) vulnerability identified last year. Unlike other bots that have exploited this vulnerability, ...

Fake Users Rave but Real Users Rant as Apps on Google Play Deal Aggressive Adware
Bitdefender researchers recently stumbled across 13 Google Play applications packing aggressive ads and potentially using over 1,000 fake reviews to gain a cumulative download count of over half of million. While fake ...

LemonDuck Crypto-Miner – a KingMiner Successor
Crypto-miners have been around for several years, in all forms and shapes, and distributed via various attack avenues. Increased competition from other cyber-criminal groups and various defenses set in place at the ...

Apps on Google Play Tainted with Cerberus Banker Malware
The official Android app market has traditionally been regarded as a safe place to install applications from. Every once in a while, remarkably malicious apps slip right through and start wreaking havoc ...

APT Hackers for Hire Used for Industrial Espionage
Bitdefender recently investigated an APT-style cyberespionage attack targeting an international architectural and video production company, pointing to an advanced threat actor and South Korean-based C&C infrastructure. The targeted company is known to ...

WannaRen Decryption Tool
A decryptor for the WannaRen ransomware is now available for download. Initially spotted in April 2020, WannaRen is mostly spreading through websites offering “cracked” software. This new decryptor works on all known ...

Smart Locks Not So Smart with Wi-Fi Security
The rise of online property rental in an increasingly competitive sharing economy has had a severe impact on the adoption of Internet-connected smart locks. Packed with features that allow landlords to issue ...

Kingminer Botnet Keeps up with the Times
The e-currency boom in late 2017 sparked a new type of “gold rush”, as cyber-criminals started racing to infect home computers and data centers with crypto-miners. While digital currencies have fluctuated wildly ...