Trojan

Pierluigi Paganini March 07, 2014
Dendroid – A new Android RAT available on the underground

Symantec discovered a new HTTP Android Remote administration tool, named Dendroid, available on the underground market for only $300. Symantec researchers have discovered a new android malware toolkit dubbed Dendroid, early 2014 the company also detected AndroRAT, an Android Remote admin tool which is believed to be the first malware APK binder. Thanks to the diffusion of the Google […]

Pierluigi Paganini December 07, 2013
Microsoft,Europol,FBI and partners decapitated ZeroAccess botnet

Microsoft Digital Crimes Unit, FBI, Europol and industry partners decapitated the feared ZeroAccess botnet that hijacks search results Microsoft this week has announced that thanks to a joint operation of its Digital Crimes Unit and the Federal Bureau of Investigation (FBI), Europol’s European Cybercrime Centre (EC3) and technology companies has decapitated ZeroAccess botnet.     […]

Pierluigi Paganini November 17, 2013
Linux backdoor Fokirtor implements covert communication protocol

In May sophisticated attackers breached a large Internet hosting provider and gained access to internal administrative systems using a singular Linux backdoor. Symantec security researchers have discovered a Linux backdoor, dubbed Fokirtor, that implements a covert communication protocol to hide its presence. The experts revealed that the malicious code was used to compromise a large […]

Pierluigi Paganini October 24, 2013
Android Wroba banking trojan targeted Korean users

The Antivirus vendor Malwarebytes revealed that the Wroba banking trojan distributed via file sharing sites and alternative markets targeted Korean users. Today I presented at Cyber Threat Summit 2013 the topic “Modern online-banking cybercrime” and just a few hours after it is appeared the new Android banking Trojan targeting Korean banks. The number of malware […]

Pierluigi Paganini August 25, 2013
Poison Ivy still alive, old malware new cyber threats – FireEye report

Security vendor FireEye has published a detailed analysis on the popular Poison Ivy RAT, releasing also a set of tools to analyze infections. Security firm FireEye published an interesting analysis on the popular malware Poison Ivy, a remote access trojan (RAT) used in RSA SecurID attack. Poison IVY was also used in the 2011 Nitro […]

Pierluigi Paganini August 16, 2013
Android malware uses Google Cloud Messaging Service as C&C Server

Security experts at Kaspersky have detected numerous Android malicious applications that uses Google Cloud Messaging Service as C&C. Android malware exploits the Google Cloud Messaging Service (GCM) as Command and Control server. The Google service allows Android app developers to send messages using JSON format to installed apps, but hackers exploited it for malicious purposes. The discovery has been made […]

Pierluigi Paganini August 12, 2013
AndroRAT drives the rise for DIY Android hacking tools

AndroRAT is just one of the numerous open-source tools that was created and published on the undergroud forums to allow the hack of Android mobile devices. AndroRAT is an open-source tool that was created and published on the Internet in November 2012, it is a RAT (Remote Access Tool)  for Android OS and exactly as any other […]

Pierluigi Paganini July 25, 2013
KINS trojan is threatening banking sector

KINS trojan is the name of the new banking malware that RSA researchers discovered thanks to an announcement on the Russian black market. Early 2013 RSA discovered traces of a news banking trojan named KINS, security experts have followed the evolution of the malware in the underground community. RSA researchers discovered an announcement on the Russian […]

Pierluigi Paganini June 30, 2013
Self-propagating ZeuS source code offered for sale in the underground

A new variant of Zeus trojan is offered for sale in the underground. It is a Self-propagating version that exploits Facebook, the RDP and the email. The criminal history taught us that after the diffusion of source code of malicious agent such as the popular Zeus it is possible to assist to a real explosion […]

Pierluigi Paganini June 11, 2013
Kaspersky Lab experts detected most sophisticated Android trojan

Security researchers at Kaspersky Lab detected a new instance of Android trojan, dubbed Obad, that they have judged as the most sophisticated malware found since now. Security experts at Kaspersky Lab detected a new instance of Android trojan that has been classified as the most sophisticated malware seen since now. The researcher Roman Unuchek described the Android […]