Internet of (Things) Trouble ... the continuing story

Is the IoT industry making the same mistakes again?


Author: Eddy Willems

A half year ago we wrote about the expected problems related to IoT. And guess what? Unfortunately we were right. It even became worse in the past 6 months. Nearly everything what was described back then became exploited. And that’s not a good thing.  ... read more

Vulnerability in Android media engine Stagefright

Why panic is uncalled for and what you should do


Author: Sabrina Berkenkopf

Current media reports talk of a vulnerability that should be taken seriously and that allegedly affects 95% of all Android mobile devices. For this reason the problem has huge implications; nevertheless, it is important to react to this information with a level head. G DATA is providing tips to defuse the situation – although only the device manufacturers can solve the problem. ... read more
In October 2010 the discovery of Android.Trojan.FakePlayer.A, the first known malware for the Android operating system, struck us at G DATA SecurityLabs like a bombshell. Once the initial commotion had died down, a number of questions arose ... read more

Author: Sabrina Berkenkopf

There are two statements G DATA’s security experts hear and read time and again: “I do not surf on porn websites, my computer can’t get infected” as well as “my computer does not hold anything valuable and I have nothing to hide – why should I be a target?” It would be a pleasure to confirm this, but, unfortunately, we do not live in an ideal world. The company’s latest Malware Report underlines why such sentences should be regarded as myths and IT-Security is important for everyone. ... read more

New Dridex infection vector identified

Banking Trojan’s authors use Microsoft Office trick and a legitimate service to infect systems


Author: Paul Rascagnères

Malware authors can sometimes be creative in order to manipulate their human targets on the one hand and to circumvent security products, too. The experts of G DATA’s SecurityLabs analyzed a specially crafted Microsoft Word document the attackers used to install a rather famous banking Trojan called Dridex. This malicious document connects to a perfectly legitimate website to download the final payload. We assume that these two elements were chosen to trick security products. This scam is used more and more often to attack businesses, especially SMBs, in various countries. ... read more

Author: Ralf Benzmüller, Robert Michel, Anton Wendel

After the initial reports on the attacks on the Bundestag (German Federal Parliament), variants of the Swatbanker family are now putting the Bundestag's intranet on a watch list. The operators of the botnet are apparently trying to steal access data and server responses associated with this site. It is not clear whether this is a new attack or whether the same attackers who were active in May have expanded their pattern of attack.  ... read more