VB Migration

Tag: malware

  • VB2018 paper: Inside Formbook infostealer

    The Formbook information-stealing trojan has been spread by a number of recent spam campaigns . The malware was advertised in hacking forums as long ago as January 2016, but wasn’t written about until an Arbor Networks blog post in September 2017. The malware is a ‘form-grabber’, which means it intercepts data entered in website forms,…

  • VB2018 paper: From Hacking Team to hacked team to…?

    It is good practice not to mock or laugh at hacking victims. But when the victim is a company that itself is in the business of hacking and has a habit of selling its products and services to governments with dubious human rights records, few could help but smile at the irony. This was the…

  • VB2018 paper: From Hacking Team to hacked team to…?

    It is good practice not to mock or laugh at hacking victims. But when the victim is a company that itself is in the business of hacking and has a habit of selling its products and services to governments with dubious human rights records, few could help but smile at the irony. This was the…

  • The spam that is hardest to block is often the most damaging

    This blog post was put together in collaboration with VB test engineers Adrian Luca and Ionuţ Răileanu. In a talk I gave at IRISSCON last year (the video of which you will find at the bottom of this post), I discussed how spam is a problem that has almost been solved (and certainly has been well…

  • The spam that is hardest to block is often the most damaging

    This blog post was put together in collaboration with VB test engineers Adrian Luca and Ionuţ Răileanu. In a talk I gave at IRISSCON last year (the video of which you will find at the bottom of this post), I discussed how spam is a problem that has almost been solved (and certainly has been well…

  • VB2018 paper: Unpacking the packed unpacker: reversing an Android anti-analysis library

    Though still relatively new (the first VB conference paper on Android malware was presented in 2011), malware targeting the Android mobile operating system has evolved quickly, in terms of both quantity and quality. Many of the characteristics of desktop malware are now also seen in Android malware – for example, the use of anti-analysis techniques, and…

  • VB2018 paper: Unpacking the packed unpacker: reversing an Android anti-analysis library

    Though still relatively new (the first VB conference paper on Android malware was presented in 2011), malware targeting the Android mobile operating system has evolved quickly, in terms of both quantity and quality. Many of the characteristics of desktop malware are now also seen in Android malware – for example, the use of anti-analysis techniques, and…

  • VB2018 preview: Anatomy of an attack: detecting and defeating CRASHOVERRIDE

    One of the many highlights of last year’s Virus Bulletin Conference was a last-minute paper by ESET researchers Anton Cherepanov and Robert Lipovsky on Industroyer, ‘the first ever malware specifically designed to attack power grids’ and which was behind a December 2016 blackout in Ukraine. This year, the VB2018 conference programme includes a paper by…

  • VB2018 preview: Anatomy of an attack: detecting and defeating CRASHOVERRIDE

    One of the many highlights of last year’s Virus Bulletin Conference was a last-minute paper by ESET researchers Anton Cherepanov and Robert Lipovsky on Industroyer, ‘the first ever malware specifically designed to attack power grids’ and which was behind a December 2016 blackout in Ukraine. This year, the VB2018 conference programme includes a paper by…

  • VB2017 video: Client Maximus raises the bar

    Brazil has long been known as a hotbed of cybercrime, but what makes the country especially unique is that a lot of this cybercrime is inwards-focused. Thus there are many malware strains written explicitly to target the country. One of them is Client Maximus, a banking trojan discovered in 2017 by researchers from IBM Trusteer…