Looking for vulnerabilities in MediaTek audio DSP

November 24, 2021 1:55 pm

Research By: Slava Makkaveev Introduction Taiwan’s MediaTek has been the global smartphone chip leader since Q3 2020. MediaTek Systems on a chip (SoCs) are embedded in approximately 37% of all smartphones and IoT... Click to Read More

Uncovering MosesStaff techniques: Ideology over Money

November 15, 2021 1:17 pm

Introduction In September 2021, the hacker group MosesStaff began targeting Israeli organizations, joining a wave of attacks which was started about a year ago by the Pay2Key and BlackShadow attack groups. Those actors... Click to Read More

PixStealer: a new wave of Android banking Trojans abusing Accessibility Services

September 29, 2021 12:54 pm

Research by: Israel Wernik, Bohdan Melnykov Introduction By limiting physical interactions, the COVID-19 pandemic significantly accelerated the digitization of the banking industry to fulfill customer needs.  To cope with the demand, improve access... Click to Read More

Indra — Hackers Behind Recent Attacks on Iran

August 14, 2021 11:00 am

Check Point Research reveals that a threat actor named Indra is responsible for the attacks against targets in Iran, as well as against companies in Syria.

Do you like to read? I can take over your Kindle with an e-book

August 6, 2021 12:57 pm

Research By: Slava Makkaveev Introduction Since 2007, Amazon has sold tens of millions of Kindles, which is impressive. But this also means that tens of millions of people could have potentially been hacked... Click to Read More

Stealth is never enough, or Revealing Formbook successor’s C&C infrastructure

August 2, 2021 5:25 pm

By: Alexey Bukhteyev & Raman Ladutska Reliability is one of the main requirements for software, and malware is no exception. If a malware product is reliable enough to exfiltrate the data from the... Click to Read More

Time-proven tricks in a new environment: the macOS evolution of Formbook

July 27, 2021 11:15 pm

By: Alexey Bukhteyev & Raman Ladutska The vast majority of threats for macOS are Adware such as Shlayer, Bundlore, Pirrit, and others. Compared to Windows, we only rarely encounter really harmful macOS malware... Click to Read More

IndigoZebra APT continues to attack Central Asia with evolving tools

July 1, 2021 1:00 pm

Introduction Check Point research recently discovered an ongoing spear-phishing campaign targeting the Afghan government. Further investigation revealed this campaign was a part of a long-running activity targeting other Central-Asia countries, including Kyrgyzstan and... Click to Read More

SharpPanda: Chinese APT Group Targets Southeast Asian Government With Previously Unknown Backdoor

June 3, 2021 1:00 pm

Introduction Check Point Research identified an ongoing surveillance operation targeting a Southeast Asian government. The attackers use spear-phishing to gain initial access and leverage old Microsoft Office vulnerabilities together with the chain of... Click to Read More

Uyghurs, a Turkic ethnic minority in China, targeted via fake foundations

May 27, 2021 12:59 pm

Introduction During the past year, Check Point Research (CPR), in cooperation with Kaspersky’s GReAT, have been tracking an ongoing attack targeting a small group of Uyghur individuals located in Xinjiang and Pakistan. Considerable... Click to Read More

Melting Ice – Tracking IcedID Servers with a few simple steps

May 26, 2021 8:51 pm

Research by: Alex Ilgayev Introduction Tracking botnets usually demands a significant amount of effort, time, and threat intelligence know-how. The barrier to entry grows even larger in cases of multi-staged complex malware families... Click to Read More

Security probe of Qualcomm MSM data services

May 6, 2021 12:59 pm

Research By: Slava Makkaveev Introduction Mobile Station Modem (MSM) is an ongoing series of a 2G/3G/4G/5G-capable system on chips (SoC) designed by Qualcomm starting in the early 1990s. MSM has always been and... Click to Read More

Pwn2Own Qualcomm DSP

May 6, 2021 12:59 pm

Research By: Slava Makkaveev Introduction Snapdragon is a suite of system on a chip (SoC) semiconductor products for mobile devices designed and marketed by Qualcomm Technologies Inc. A single SoC may include multiple... Click to Read More

Iran’s APT34 Returns with an Updated Arsenal

April 8, 2021 1:27 pm

Introduction Check Point Research discovered evidence of a new campaign by the Iranian threat group APT34 (aka OilRig), against what appears to be a Lebanese target, employing a new backdoor variant we dubbed... Click to Read More

Playing in the (Windows) Sandbox

March 11, 2021 2:30 pm

Research By: Alex Ilgayev Introduction Two years ago, Microsoft released a new feature as a part of the Insiders build 18305 – Windows Sandbox. This sandbox has some useful specifications: Integrated part of... Click to Read More