Gozi goes 64-bit

64-bit browsers are now also exposed to MITB attacks


Author: TS

For some time, banking Trojan Gozi has been using interesting technologies to implement its man-in-the-browser functionality, or MITB for short. Banking Trojans use the MITB form of attack to manipulate the network traffic between a customer and their bank in order to steal the customer's money. On the one hand, Gozi is the first banking Trojan that uses man-in-the-browser functionality in a 64-bit browser, namely Internet Explorer. On the other hand, Gozi's use of a method called "function table hooking", which Gozi uses for the Google Chrome browser, is also remarkable. ... read more

Do you want to know a secret?

What you should know about not so secret secret questions


Author: SB

February 5th was Safer Internet Day. Just like many companies in the IT security field, G Data also contributed with some easy but useful security tips, that were linked to this year’s general topics ‘Connect with Respect’ and ‘Online Rights and Responsibilities'. ... read more

Bochum! You are safe here!

And in this case, this also applies e.g. in Helsinki, San Diego, Reykjavík, …


Author: SB

There is no doubt that there is sophisticated malware. And then there is malware where the malware writer thinks it's clever. But the analysts at G Data Security Labs track it down! ... read more

Happy New Malware Year

A turbulent beginning of 2013


Author: Eddy Willems

Every holiday season, almost nothing feels better than giving someone you care about the one gift he or she truly wanted. We all are more than happy to enjoy a couple of days off but it seems as if the bad guys were using these days to dig up exploit possibilities and other bugs inside the software we use and to presented the world with their ‘special’ New Year gifts. Let us have a look at how the year started and sum up a couple of threats we saw during the past weeks. ... read more

The Virus Bulletin Conference 2012 in Dallas, US

A full week of interesting papers, fruitful meetings and loads of events


Author: Eddy Willems

IE 0-Day (CVE-2012-4969) – JavaScript only

Attack found, exploiting in the wild and being capable of infecting the masses


Author: KT, BB, RM, SB, TS