Several days ago, Microsoft released a security advisory disclosing a new zero-day vulnerability in older versions of Windows. It was reported that it was being abused by a malicious PDF file (TROJ_PIDIEF.GUD) to deliver a backdoor (BKDR_TAVDIG.GUD) onto affected systems in “limited, targeted attacks.” We independently obtained samples of the backdoor, which is the final…
Read MoreJayronn Christian Bucu
Senior Research Engineer
We recently came across some malware of the SOGOMOT and MIRYAGO families that update themselves in an unusual way: they download JPEG files that contain encrypted configuration files/binaries. Not only that, we believe that this activity has been ongoing since at least the middle of 2010. A notable detail of the malware we came across…
Read MoreRecently, we spotted a new malware family that was being used in targeted attacks – the EvilGrab malware family. It is called EvilGrab due to its behavior of grabbing audio, video, and screenshots from affected machines. We detect EvilGrab under the following malware families: BKDR_HGDER BKDR_EVILOGE BKDR_NVICM Looking into the feedback provided by the Smart…
Read More