The ‘Gazorp’ Dark Web Azorult Builder

September 27, 2018 1:46 am

Research by: Nikita Fokin, Israel Gubi, Mark Lechtik   On 17th September Check Point Research found a new online builder, dubbed ‘Gazorp’, hosted on the Dark Web. Gazorp is designed for building binaries... Click to Read More

Meet Black Rose Lucy, the Latest Russian MaaS Botnet

September 13, 2018 7:51 am

Research By: Feixiang He, Bogdan Melnykov, Andrey Polkovnichenko   An organization needs to have a collaborative hiring process, advised Steve Jobs. Always a group to follow mainstream trends closely, in recent years we’ve... Click to Read More

Domestic Kitten: An Iranian Surveillance Operation

September 7, 2018 6:03 am

  Chinese strategist Sun Tzu, Italian political philosopher Machiavelli and English philosopher Thomas Hobbes all justified deceit in war as a legitimate form of warfare. Preceding them all, however, were some in the... Click to Read More

Ransom Warrior Decryption Tool

August 30, 2018 7:28 am

  On August 8th, a new ransomware, dubbed ‘RansomWarrior’, was found by the Malware Hunter Team. Going by the ransom note shown to its victims, RansomWarrior seems to have been developed by Indian hackers,... Click to Read More

CeidPageLock: A Chinese RootKit

August 28, 2018 12:36 am

Research by: Israel Gubi   Over the last few weeks, we have been observing a rootkit named CEIDPageLock being distributed by the RIG Exploit kit. The rootkit was first discovered by 360 Security... Click to Read More

Interactive Mapping of APT-C-23

August 26, 2018 11:54 pm

Research by: Aseel Kayal   Last month, we investigated the renewal of a targeted attack against the Palestinian Authority, attributed to the APT-C-23 threat group. Although this campaign was initially discovered in early... Click to Read More

Ryuk Ransomware: A Targeted Campaign Break-Down

August 20, 2018 3:14 pm

Research by: Itay Cohen, Ben Herzog Over the past two weeks, Ryuk, a targeted and well-planned Ransomware, has attacked various organizations worldwide. So far the campaign has targeted several enterprises, while encrypting hundreds... Click to Read More

VBEtaly: An Italian Ursnif MalSpam Campaign

August 16, 2018 1:43 am

  Check Point researchers have found another wave of the Ursnif malspam campaign targeting Italy. Only a few details are known so far but what we have found is that the file delivered... Click to Read More

Faxploit: Sending Fax Back to the Dark Ages

August 12, 2018 3:09 pm

Research By: Eyal Itkin, Yannay Livneh and Yaniv Balmas   Fax, the brilliant technology that lifted mankind out the dark ages of mail delivery when only the postal service and carrier pigeons were... Click to Read More

Man-in-the-Disk: Android Apps Exposed via External Storage

August 12, 2018 1:09 pm

Research By: Slava Makkaveev   Recently, our researchers came across a shortcoming in the design of Android’s use of storage resources. Careless use of External Storage by applications may open the door to... Click to Read More