Targeted Attack
BitterAPT Revisited: the Untold Evolution of an Android Espionage Tool
In 2016, a sophisticated malware campaign targeting Pakistani nationals made headlines. Dubbed Bitter, the Advanced Persistent Threat group (also known as APT-C-08) has been active both in desktop and mobile malware campaigns ...
Iranian Chafer APT Targeted Air Transportation and Government in Kuwait and Saudi Arabia
Bitdefender researchers have found attacks conducted by the Chafer APT threat group – known to have an apparent Iranian link – in the Middle East region, dating back to 2018. The campaigns ...
Mandrake – owning Android devices since 2016
In early 2020 we identified a new, highly sophisticated Android espionage platform that had been active in the wild for at least 4 years. We named the threat Mandrake as the actor(s) ...
Malware Misuses Common Operating System Commands to Perform Targeted Attacks
We previously posted a blog about the Ursnif family of malware using language checks to determine the end user’s location as a means of bypassing sandbox-based endpoint protection during regionally targeted attacks ...
How Imperva’s New Attack Crowdsourcing Secures Your Business’s Applications
Attacks on applications can be divided into two types: targeted attacks and “spray and pray” attacks. Targeted attacks require planning and usually include a reconnaissance phase, where attackers learn all they can ...
Highly Targeted Ransomware SamSam Earned Its Creator $6 Million
A ransomware threat called SamSam that’s known for crippling IT systems in hospitals, schools and government organizations has made many more victims than previously believed. Security researchers from Sophos worked with cryptocurrency ...
RadRAT: An all-in-one toolkit for complex espionage ops
Around February this year, we came across a piece of malware that had previously gone unnoticed. Buried in the malware zoo, the threat seems to have been operational since at least 2015, ...
Update Your WordPress Website Now, Researcher Warns
WordPress version 4.8.3, released Oct. 31, fixes a serious security issue that could result in SQL injection attacks. Details about the vulnerability are now public, so attacks could soon follow. “If you ...
40 Enterprise Computers Infected with Second-Stage CCleaner Malware
The cyberespionage group that managed to inject malware into CCleaner installers used them to deploy specialized malware to 40 computers from 12 technology and telecommunications companies. The new information comes from researchers ...