Iranian Chafer APT Targeted Air Transportation and Government in Kuwait and Saudi Arabia

Iranian Chafer APT Targeted Air Transportation and Government in Kuwait and Saudi Arabia

Bitdefender researchers have found attacks conducted by the Chafer APT threat group – known to have an apparent Iranian link – in the Middle East region, dating back to 2018. The campaigns ...
Mandrake – owning Android devices since 2016

Mandrake – owning Android devices since 2016

In early 2020 we identified a new, highly sophisticated Android espionage platform that had been active in the wild for at least 4 years. We named the threat Mandrake as the actor(s) ...
A Malware Researcher’s Guide to Reversing Maze Ransomware

A Malware Researcher’s Guide to Reversing Maze Ransomware

At the end of May 2019, a new family of ransomware called Maze emerged into the gaping void left by the demise of the GandCrab ransomware. Unlike run-of-the-mill commercial ransomware, Maze authors ...
New TrickBot Module Bruteforces RDP Connections, Targets Select Telecommunication Services in US and Hong Kong

New TrickBot Module Bruteforces RDP Connections, Targets Select Telecommunication Services in US and Hong Kong

Bitdefender researchers have discovered a new TrickBot module (rdpScanDll) built for RDP bruteforcing operations on select targets. The new module was discovered on January 30 and, based on the IP addresses it ...
RDP Abuse and Swiss Army Knife Tool Used to Pillage, Encrypt and Manipulate Data

RDP Abuse and Swiss Army Knife Tool Used to Pillage, Encrypt and Manipulate Data

Bitdefender researchers recently found threat actors abusing a legitimate feature in the RDP service to act as a fileless attack technique, dropping a multi-purpose off-the-shelf tool for device fingerprinting and for planting ...
Revisiting Glupteba: Still Relevant Five Years after Debut

Revisiting Glupteba: Still Relevant Five Years after Debut

In the fast-paced world of cybersecurity, malware normally gets a brief period in the spotlight before it falls into oblivion. This is not the case with Glupteba, a backdoor first spotted in ...
Multiple Vulnerabilities in Belkin WeMo Insight Switch

Multiple Vulnerabilities in Belkin WeMo Insight Switch

Internet of Things devices have become commonplace in modern homes. Relatively inexpensive and easy to control remotely, they promise a world at your fingertips. Security vulnerabilities in connected devices can not only ...
Ring Video Doorbell Pro Under the Scope

Ring Video Doorbell Pro Under the Scope

This article – part of a series developed in partnership with PCMag – aims to shed some light about the security of world’s best-sellers in the IoT space. PCMag contacted the research ...
Dozens of Apps Still Dodging Google’s Vetting System

Dozens of Apps Still Dodging Google’s Vetting System

Bitdefender researchers recently analyzed 25 apps that made it into Google Play, at least for a time, packing aggressive adware SDKs that bombarded users with ads and avoided removal by hiding their ...
A close look at Fallout Exploit Kit and Raccoon Stealer

A close look at Fallout Exploit Kit and Raccoon Stealer

Over the last few months, we have seen increased Exploit Kit activity. One example is the Fallout Exploit Kit, which we will describe in depth in this article. Since its emergence in ...