Password protected does not necessarily mean secured

Old email spam trick returns after more than 10 years


Author: PaR

More than 10 years ago, email worms like Bagle started spreading themselves in password protected archives, e.g.ZIP archives. The password needed to unlock the archive was mentioned as part of the email. A scam that has rarely been seen since and that is considered being an old trick has now returned. ... read more

The Heartbleed Bug

More than just a vulnerability in a popular program


Author: Ralf Benzmüller

The current news about the OpenSSL vulnerability dubbed Heartbleed unsettles many PC users. The vulnerability is as severe as a vulnerability can be. But it is fixed and website admins and software providers have started updating their OpenSSL version. Nevertheless, the problem is bigger. ... read more

Uroburos – Deeper travel into kernel protection mitigation

Malware uses new technology to bypass Windows’ kernel protection


Author: MN

Uroburos was already described as a very sophisticated and highly complex malware in our G Data Red Paper, where we had a look at the malware’s behavior. This assumption is again supported, looking at its installation process. Uroburos uses a technique not previously known to the public to bypass Microsoft’s Driver Signature Enforcement, an essential part of Windows’ security. ... read more

Uroburos - highly complex espionage software with Russian roots

G Data discovers alleged intelligence agency software


Author: MN

G Data Security experts have analyzed a very complex and sophisticated piece of malware, designed to steal confidential data. G Data refers to it as Uroburos, in correspondence with a string found in the malware's code and following an ancient symbol depicting a serpent or dragon eating its own tail. ... read more

Android Malware goes "To The Moon!"

Mobile devices are being misused as cash collectors


Author: JS, AB

The latest case involves a manipulated copy of a popular radio application. The original app has already been downloaded millions of times from the Google Play Store. Attackers are aiming to exploit this popularity to distribute their own app as much as possible. They have begun circulating a trojanised copy of TuneIn Radio Pro and are misusing infected mobile phones as cash collectors for the cryptocurrency Dogecoin. One of the effects of this is that they physically damage the devices! ... read more

Worth looking again: fake Flash Player apps in Google Play store

Fraudsters demand money for app that is actually free and well out of date


Author: SB

At the weekend, a number of fraudulent apps pretending to be Adobe Flash Player appeared on the official Google Play store. Of the three apps we looked at, all demanded payment from the user before installation and one even spied on the user in the background. Google reacted fast and deleted the programs, which are detected as Android.Application.FakeApp.A by G Data’s mobile security solutions. ... read more