Category: Security Blog G Data Software AG

A 2D platformer game called BlockBlasters has recently started showing signs of malicious activity after a patch release on August 30. While the user is playing the game, various bits of information are lifted from the PC the game is…

Read more →

Having taken a look at AppSuite in one of our last articles, we have started pulling on a few loose threads to see where it would take us. It turns out that there are relationships with other malicious programs –…

Read more →

Having taken a look at AppSuite in one of our last articles, we have started pulling on a few loose threads to see where it would take us. It turns out that there are relationships with other malicious programs –…

Read more →

Some threat actors are bold enough to submit their own malware as false positive to antivirus companies and demand removal of the detection. This is exactly what happened with AppSuite PDF Editor. Initially, automation flagged it as a potentially unwanted…

Read more →

Despite what some might want to make you believe, Trojan Horses used to be a rare breed in the last few years. But they are back, thanks to AI and LLMs. This article has been indexed from Security Blog G…

Read more →

“Criminals go where the money flows.” This quote is indeed true among cybercriminals lately, as our team of Security Analysts discovered and examined a resurgence of malware deploying XMRig cryptominer in mid-April this year after a two-year hiatus. This article…

Read more →

Since March 2025 there has been a noticeable increase in infections and fake applications using validly signed ConnectWise samples. We reveal how bad signing practices allow threat actors to abuse this legitimate software to build and distribute their own signed…

Read more →

Since March 2025 there has been a noticeable increase in infections and fake applications using validly signed ConnectWise samples. We reveal how bad signing practices allow threat actors to abuse this legitimate software to build and distribute their own signed…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Security Blog G Data Software AG Read the original article: Reborn in Rust: AsyncRAT

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Security Blog G Data Software AG Read the original article: Printer company provided infected software downloads for…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Security Blog G Data Software AG Read the original article: Sit, Fetch, Steal – Chihuahua Stealer: A…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Security Blog G Data Software AG Read the original article: Sit, Fetch, Steal – Chihuahua Stealer: A…

Read more →

If YARA signatures for .NET assemblies only rely on strings, they are very limited. We explore more detection opportunities, including IL code, method signature definitions and specific custom attributes. Knowledge about the underlying .NET metadata structures, tokens and streams helps…

Read more →

If YARA signatures for .NET assemblies only rely on strings, they are very limited. We explore more detection opportunities, including IL code, method signature definitions and specific custom attributes. Knowledge about the underlying .NET metadata structures, tokens and streams helps…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Security Blog G Data Software AG Read the original article: Vidar Stealer: Revealing A New Deception Strategy

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Security Blog G Data Software AG Read the original article: Smoked out – Emmenhtal spreads SmokeLoader malware

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Security Blog G Data Software AG Read the original article: Smoked out – Emmenhtal spreads SmokeLoader malware

Read more →

In the ever-evolving landscape of advanced persistent threats (APTs), the notorious financial cybercrime group FIN7 has added another sophisticated tool to their arsenal. We have recently discovered a new Python-based backdoor, called “AnubisBackdoor”, being deployed in their latest campaigns. This…

Read more →

In the ever-evolving landscape of advanced persistent threats (APTs), the notorious financial cybercrime group FIN7 has added another sophisticated tool to their arsenal. We have recently discovered a new Python-based backdoor, called “AnubisBackdoor”, being deployed in their latest campaigns. This…

Read more →

Cybercriminals are taking advantage of the increased demand in travel by setting up fake booking sites, phishing scams and fraudulent listings to trick unsuspecting travelers. This article has been indexed from Security Blog G Data Software AG Read the original…

Read more →