• This is the detection for the latest variant of Tinba that hit certain countries in Europe. Tinba is dubbed as smallest banker Trojan due to its file size.
    Read more   

  • This sample is noteworthy as a variant has been used in the recent Bundestag compromise. It is a 64-bit executable that can read commands issued by an attacker.
    Read more   

  • This backdoor is implicated in the 2015 compromise of the German parliament, also known as Bundestag. This malware connects to a specific C&C server that we believe was controlled by Operation Pawn Storm during extended periods from February 2014 - February 2015.
    Read more   

  • This is one of the Trend Micro detections on the recent Stegoloader malware that affected healthcare organizations in North America. Steganography is a technique where malicious codes are embedded in image files to avoid detection.
    Read more   

  • This backdoor is implicated in the 2015 compromise of the German parliament, also known as Bundestag. This malware connects to a specific C&C server that we believe was controlled by Operation Pawn Storm during extended periods from February 2014 - February 2015.
    Read more   

  • This exploit was included in the Magnitude Exploit Kit, which allowed attackers to spread crypto-ransomware into their target systems in the US, Canada, and the UK.To get a one-glance comprehensive view of the behavior of this Trojan, refer to the Threat Diagram shown below.
    Read more   

  • This malware component is related to the Punkey point-of-sale (PoS) malware, which was uncovered in April 2015. To get a one-glance comprehensive view of the behavior of this Spyware, refer to the Threat Diagram shown below.
    Read more   

  • This malware component is related to the Punkey point-of-sale (PoS) malware, which was uncovered in April 2015. To get a one-glance comprehensive view of the behavior of this Spyware, refer to the Threat Diagram shown below.
    Read more   

  • This DYRE variant is downloaded by an upgraded version of UPATRE that has the capability to disable detection. Other notable routines of the said UPATRE variant include disabling of firewall/network related security via modifying registry entries and stopping of related services.
    Read more   

  • This malware poses as a Chrome browser plugin required to play videos. Users receive a message with a link in the social networking site, Facebook.
    Read more