Casper: the newest member of the cartoon malware family

03/06/2015 - Casper is considered to be EvilBunny’s and Babar’s successor, believed to be originating from the same group of programmers – possibly connected to a French intelligence agency. Two very interesting changes the malware has undergone: it now has a modular structure which allows the attackers to download and install attack plug-ins at will and its anti AV strategies improved. This blog post is...

Author: Sabrina Berkenkopf

The power of trust: “Superfish” case turns into a worst case scenario

The power of trust: “Superfish” case turns into a worst case scenario

02/22/2015 - The case of the “Superfish” adware has caused quite a sensation through its association with computer technology company Lenovo. However, the following report shows that “Superfish” is just the tip of the iceberg. It explains the implications of and possibilities for misuse. By way of an example, experts at G DATA SecurityLabs have investigated a piece of update software involved in the case, to...

Author: G DATA SecurityLabs

Babar: espionage software finally found and put under the microscope

Babar: espionage software finally found and put under the microscope

02/18/2015 - Almost a year after Operation SNOWGLOBE was publicly mentioned for the first time by the famous French newspaper Le Monde, security experts have now laid hands on malware samples that match the descriptions made by the Communication Security Establishment Canada (CSEC). The following analysis is the first report about the espionage malware dubbed Babar, which the whole computer security community...

Author: Paul Rascagnères

Regin, an old but sophisticated cyber espionage toolkit platform

11/26/2014 - Regin is one of the latest cyber espionage toolkits targeting a range or organizations, companies and individuals around the world. This malware is very sophisticated and it can mentioned in the same breath with other cyberespionage campaigns like Duqu, Stuxnet, Flame, Uroburos (aka Snake/Turla). First reported about by Symantec[1], Regin kept itself under the radar for years.

Author: Paul Rascagnères and Eddy Willems
G DATA | SIMPLY SECURE