P@55w0rd5 – Blessing or curse?
08/08/2016 - By now, everybody has passwords for something, just like keys to different doors. The more doors you have to unlock, the bigger your keychain is going to be. This in turn pokes holes in pockets and every now and then one of those keys may just slip away. The same applies to passwords. Though they may not take up as much space in your pocket, they take up a lot of real estate in your memory.Author: Tim Berghoff
World of Warcraft: one simple line of code can cost you dearly
07/22/2016 - A few days ago, a new type of gold/item scam made the rounds. Usually scamming in MMORPGs is done using social engineering techniques, e.g. an attacker sells a fake item code for alleged in-game items like mounts to a potential victim for in-game currency. But this most recent kind of attack does not only involve social engineering but also relies on the misuse of a previously undocumented feature...Author: Sascha Curylo & Sabrina Berkenkopf
Pokémon Go: Catch 'em all – but not at any cost
07/12/2016 - Some may still know the adorable little pocket critters that were all the rage in the late 90s. Now they’re back as an Augmented Reality game for smartphones. Attackers try to use the popularity of this brand new game for themselves and prey on impatient gamers who cannot wait for the game to be released: at least one malicious version of the app has been discovered.Author: Tim Berghoff
“HummingBad“ – Money-making Malware, Made in Asia
07/08/2016 - During the past few days and weeks reports surfaced according to which a new type of malware has infected millions of smartphones and tablet PCs worldwide. The malware in question is highly lucrative for its makers – each month they can rake in up to 300.000 Euros in revenue. The makers of this malware work for an advertising company called “Yingmob” which is based out of China, say researchers of...Author: Tim Berghoff
New "Blue Screen of Death": Genuine Help or Security Risk?
06/22/2016 - There is hardly anything more annoying than error messages and the associated trouble with programs that crash, work that has been lost and the like. Microsoft appears to be trying to improve the user experience with its blue screen errors. However, they have not got rid of the infamous “BSOD”, but are allegedly providing a QR code with a link to a matching help page. This technology offers a...Author: Sabrina Berkenkopf
Sunglasses Spam: 85% Discount? That has to be 100% fake!
05/30/2016 - The experts at G DATA SecurityLabs deal with cyber criminals on a daily basis but there are always seasonal particularities. Especially now in spring, the questionable offers of popular sunglasses entering the market are springing up again via spam mails, social media platforms and even short messages on mobiles. The analysts have followed the tracks, explain background information and provide...Author: Sabrina Berkenkopf
Panama Papers: the result of neglected IT security
05/13/2016 - The financial, legal and political world have been turned upside down by the Panama Papers. But how on earth was it possible to steal 2.6 terabytes of data from Mossack Fonseca?Author: Eddy Willems
Dangerous Websites, Adware, Banking Trojans and Surprises
04/13/2016 - G DATA’s SecurityLabs experts are constantly analyzing the threat landscape computer users are facing. Our Malware Report for the second half-year 2015 has now been published. Check out the most important findings:Author: Sabrina Berkenkopf
Manamecrypt – a ransomware that takes a different route
04/11/2016 - Hardly a week passes these days without a new family of ransomware making the headlines. This week our analysts are taking apart Manamecrypt, also referred to as CryptoHost. Basically, Manamecrypt is a ransomware Trojan horse, but it differs from other ransomware families in a number of aspects. For instance, it not only encrypts files, but also prevents certain applications from running which...Author: Sabrina Berkenkopf
Ransomware Petya - a technical review
03/31/2016 - In March 24, researchers at G DATA received a sample of a new type of ransomware which was dubbed “Petya”. Unlike other types of ransomware, Petya prevents the operating system from starting by manipulating the MBR and installing its own bootloader as well as encrypting the file partition tables. This report outlines the current status of the analysis which is still ongoing.Author: Tim Berghoff