Research by: Marc Salinas Fernandez Background & Key Findings The spring of 2022 saw a spike in activity of Bumblebee loader, a recent threat that has garnered a lot of attention due to... Click to Read More
Introduction Until last year, hacktivism has primarily been associated with groups like Anonymous – decentralized and unstructured collectives made up of private individuals with a variety of agendas. Anonymous has launched multiple campaigns... Click to Read More
Introduction In 2022, Check Point Research (CPR) observed a new wave of a long-standing campaign targeting the Uyghur community, a Turkic ethnic group originating from Central Asia, one of the largest minority ethnic... Click to Read More
Author: Jiri Vinopal Introduction For a reverse engineer, the ability to directly call a function from the analyzed binary can be a shortcut that bypasses a lot of grief. While in some cases... Click to Read More
Introduction Recent studies show that more than 85% of financial institutions in Central and Western Africa have repeatedly been victimized in multiple, damaging cyberattacks. In a quarter of these cases, intrusions into network... Click to Read More
Research by: Moshe Marelus Highlights: Check Point Research (CPR) detected a Turkish based crypto miner malware campaign, dubbed ‘Nitrokod’, which infected machines across 11 countries The malware is dropped from popular software available... Click to Read More
Research By: Slava Makkaveev Introduction Have you ever wondered if it is safe to make payments from a mobile device? Can a malicious app steal money from your digital wallet? According to the... Click to Read More
Highlights: CloudGuard Spectral detects 10 malicious packages on PyPI, the leading Python package index used by developers for the Python programming language Malicious packages install info-stealers that enable attackers to steal developer’s private... Click to Read More
Executive Summary In this article, Check Point Research shares findings on a group / activity cluster with ties to Tropic Trooper: The infection chain includes a previously undescribed loader (dubbed “Nimbda”) written in... Click to Read More
Introduction Check Point Research uncovers a recent Iranian-based spear-phishing operation aimed against former Israeli officials, high-ranking military personnel, research fellows in research institutions, think tanks, and against Israeli citizens. The attacks use a... Click to Read More
Research by: Slava Makkaveev Introduction Do you remember push-button telephones? Many of them were based on chips from Spreadtrum Communications Inc., a Chinese chip manufacturer founded in 2001. In 2011, over half of all... Click to Read More
Research by: Alexey Bukhteyev & Raman Ladutska Introduction In July 2021, CPR released a series of three publications covering different aspects of how the Formbook and XLoader malware families function. We described how... Click to Read More
Introduction In the past two months, we observed multiple APT groups attempting to leverage the Russia and Ukraine war as a lure for espionage operations. It comes as no surprise that Russian entities... Click to Read More
Research by: Slava Makkaveev, Netanel Ben Simon Introduction The Apple Lossless Audio Codec (ALAC) is an audio coding format developed by Apple Inc. in 2004 for lossless data compression of digital music. After... Click to Read More
Research By: Alexey Bukhteyev Highlights Check Point Research (CPR) discovered a vulnerability in the web version of Ever Surf wallet, part of the Everscale blockchain ecosystem By exploiting the vulnerability, an attacker could... Click to Read More
