PREVIOUS
PREVIOUS
  • BKDR_LISUIFE.A

    This backdoor is implicated in the 2015 compromise of the German parliament, also known as Bundestag. This malware connects to a specific C&C server that we believe was controlled by Operation Pawn Storm during extended periods from February 2014 - February 2015.
    Read more   

  • SWF_EXPLOIT.MJTE

    This exploit was included in the Magnitude Exploit Kit, which allowed attackers to spread crypto-ransomware into their target systems in the US, Canada, and the UK.To get a one-glance comprehensive view of the behavior of this Trojan, refer to the Threat Diagram shown below.
    Read more   

  • TSPY_POSPUNK.A

    This malware component is related to the Punkey point-of-sale (PoS) malware, which was uncovered in April 2015. To get a one-glance comprehensive view of the behavior of this Spyware, refer to the Threat Diagram shown below.
    Read more   

  • TSPY_POSPUNK.B

    This malware component is related to the Punkey point-of-sale (PoS) malware, which was uncovered in April 2015. To get a one-glance comprehensive view of the behavior of this Spyware, refer to the Threat Diagram shown below.
    Read more   

  • TSPY_DYRE.IK

    This DYRE variant is downloaded by an upgraded version of UPATRE that has the capability to disable detection. Other notable routines of the said UPATRE variant include disabling of firewall/network related security via modifying registry entries and stopping of related services.
    Read more   

  • TROJ_KILIM.EFLD

    This malware poses as a Chrome browser plugin required to play videos. Users receive a message with a link in the social networking site, Facebook.
    Read more   

  • BKDR_ROMBERTIK.A

    This malware hooks itself onto certain browsers in the affected system for purposes of information theft. It also wipes the affected system's Master Boot Record(MBR) if it detects security detection efforts, which can cause loss of sensitive data/critical documents.
    Read more   

  • TROJ_WERDLOD.D

    This online banking Trojan modifies an affected system's proxy settings and adds a malicious root certificate to allow information theft at the network level. These behaviors are seen in malware used in Operation Emmental.
    Read more   

  • W2KM_BARTALEX.SMA

    BARTALEX is a macro malware responsible to a spam outbreak affecting enterprises. It uses Microsoft document and social engineering lures, which in this case, it leverages Automated Clearing House.
    Read more   

  • TROJ_CRYPTESLA.CAG

    This crypto-ransomware is one of the malware payloads of Fiesta exploit kit. Typically, exploit kits are used to deliver or spread threats.
    Read more   

PREVIOUS
PREVIOUS