Whitepapers
Iranian Chafer APT Targeted Air Transportation and Government in Kuwait and Saudi Arabia
Bitdefender researchers have found attacks conducted by the Chafer APT threat group – known to have an apparent Iranian link – in the Middle East region, dating back to 2018. The campaigns ...
Mandrake – owning Android devices since 2016
In early 2020 we identified a new, highly sophisticated Android espionage platform that had been active in the wild for at least 4 years. We named the threat Mandrake as the actor(s) ...
A Malware Researcher’s Guide to Reversing Maze Ransomware
At the end of May 2019, a new family of ransomware called Maze emerged into the gaping void left by the demise of the GandCrab ransomware. Unlike run-of-the-mill commercial ransomware, Maze authors ...
New TrickBot Module Bruteforces RDP Connections, Targets Select Telecommunication Services in US and Hong Kong
Bitdefender researchers have discovered a new TrickBot module (rdpScanDll) built for RDP bruteforcing operations on select targets. The new module was discovered on January 30 and, based on the IP addresses it ...
RDP Abuse and Swiss Army Knife Tool Used to Pillage, Encrypt and Manipulate Data
Bitdefender researchers recently found threat actors abusing a legitimate feature in the RDP service to act as a fileless attack technique, dropping a multi-purpose off-the-shelf tool for device fingerprinting and for planting ...
Revisiting Glupteba: Still Relevant Five Years after Debut
In the fast-paced world of cybersecurity, malware normally gets a brief period in the spotlight before it falls into oblivion. This is not the case with Glupteba, a backdoor first spotted in ...
Multiple Vulnerabilities in Belkin WeMo Insight Switch
Internet of Things devices have become commonplace in modern homes. Relatively inexpensive and easy to control remotely, they promise a world at your fingertips. Security vulnerabilities in connected devices can not only ...
Ring Video Doorbell Pro Under the Scope
This article – part of a series developed in partnership with PCMag – aims to shed some light about the security of world’s best-sellers in the IoT space. PCMag contacted the research ...
Dozens of Apps Still Dodging Google’s Vetting System
Bitdefender researchers recently analyzed 25 apps that made it into Google Play, at least for a time, packing aggressive adware SDKs that bombarded users with ads and avoided removal by hiding their ...
A close look at Fallout Exploit Kit and Raccoon Stealer
Over the last few months, we have seen increased Exploit Kit activity. One example is the Fallout Exploit Kit, which we will describe in depth in this article. Since its emergence in ...