Tag Archive: Cybercrime

Bumblebee: increasing its capacity and evolving its TTPs

October 3, 2022 2:18 pm

Research by: Marc Salinas Fernandez Background & Key Findings The spring of 2022 saw a spike in activity of Bumblebee loader, a recent threat that has garnered a lot of attention due to... Click to Read More

Canadian banks targeted in a massive phishing campaign

December 23, 2019 3:00 am

Introduction Recently, Check Point engines detected a new phishing campaign impersonating the Royal Bank of Canada (RBC). The attack starts by sending legitimate-looking e-mails containing a PDF attachment to multiple organizations and victims... Click to Read More

Deep Dive into UPAS Kit vs. Kronos

June 12, 2018 12:53 pm

Research By: Mark Lechtik    Introduction In this post we will be analyzing the UPAS Kit and the Kronos banking Trojan, two malwares that have come under the spotlight recently due to the... Click to Read More

Christmas is Coming: The Criminals Await

November 21, 2017 12:27 am

Research By: Dikla Barda, Roman Zaikin and Oded Vanunu   Black Friday symbolizes the start of the end of year shopping season. During this period, online shopping is expected to increase rapidly as... Click to Read More

Bad Rabbit: The Full Research Investigation

October 25, 2017 2:12 pm

  What is this all about? Earlier this week a new ransomware attack dubbed ‘Bad Rabbit’ broke out and has so far affected The Ukraine, Russia, Turkey and Bulgaria.  Various healthcare, media, software... Click to Read More

September’s Most Wanted Malware: Locky Shoots Back Up Global Rankings

October 11, 2017 6:00 am

  Check Point’s latest Global Threat Index has revealed a massive increase in worldwide Locky attacks during September, with the ransomware impacting 11.5% of organizations globally over the course of the month. Locky... Click to Read More

July’s Most Wanted Malware: RoughTed and Fireball Decrease, But Stay Most Prevalent

August 21, 2017 6:00 am

  Check Point’s latest Global Threat Impact Index reveals that that the number of organizations impacted globally by the RoughTed malvertising campaign fell by over a third during July, from 28% to 18%.... Click to Read More

June’s Most Wanted Malware: RoughTed Malvertising Campaign Impacts 28% of Organizations

July 17, 2017 4:14 pm

  THE TAKEAWAY Check Point’s latest Global Threat Impact Index revealed that 28% of organizations globally were affected by the Roughted malvertising campaign during June. IN CONTEXT A large-scale malvertising campaign, RoughTed is... Click to Read More

OSX/Dok Refuses to Go Away and It’s After Your Money

July 13, 2017 9:00 am

Research by: Ofer Caspi Following up on our recent discovery of the new OSX/Dok malware targeting macOS users, we’d like to report that the malicious actors behind it are not giving up yet. They... Click to Read More

Hacked in Translation – “Director’s Cut” – Full Technical Details

July 8, 2017 10:00 pm

  Background Recently, Check Point researchers revealed a brand new attack vector – attack by subtitles. As discussed in the previous post and in our demo, we showed how attackers can use subtitles... Click to Read More

BROKERS IN THE SHADOWS – Part 2: Analyzing Petya’s DoublePulsarV2.0 Backdoor

July 3, 2017 5:58 pm

  Background In the wake of WannaCry, a new cyber threat has emerged from the NSA leak. Making use of previously exposed tools, Petya once again is engaged in another large scale attack.... Click to Read More

Preventing Petya – stopping the next ransomware attack

June 28, 2017 8:02 am

  Check Point’s Incident Response Team has been responding to multiple global infections caused by a new variant of the Petya malware, which first appeared in 2016 and is currently moving laterally within... Click to Read More

Anatomy of the Jaff Ransomware Campaign

June 8, 2017 4:47 am

  Last month, Check Point researchers were able to spot the distribution of Jaff Ransomware by the Necurs Botnet. The ransomware was spread using malicious PDF files that had an embedded docm file,... Click to Read More

BROKERS IN THE SHADOWS: Analyzing vulnerabilities and attacks spawned by the leaked NSA hacking tools

May 25, 2017 9:39 am

  Background Rarely does the release of an exploit have such a large impact across the world. With the recent leak of the NSA exploit methods, we saw the effects of powerful tools... Click to Read More

The Judy Malware: Possibly the largest malware campaign found on Google Play

May 25, 2017 6:00 am

  Check Point researchers discovered another widespread malware campaign on Google Play, Google’s official app store. The malware, dubbed “Judy”, is an auto-clicking adware which was found on 41 apps developed by a... Click to Read More