July 12, 2017 - There is a growing trend among malware authors to incorporate legitimate applications in their malicious package. This time, we encountered a malware downloading a legitimate ffmpeg.
July 6, 2017 - Get more background on the EternalPetya ransomware. Learn about its origin, attribution, decryption, and the methods of infection and propagation.
June 30, 2017 - Since 27th June we've been investigating the outbreak of the new Petya-like malware armed with an infector similar to WannaCry. Since the day one, various contradicting theories started popping up. In this post, we will try to fill this gap, by making a step-by-step comparison of the current kernel and the one on which it is based (Goldeneye Petya).
June 29, 2017 - The latest Petya seems to be broken on purpose: the victims' keys are lost forever.
June 8, 2017 - LatentBot is a multi-modular Trojan written in Delphi and known to have been around since 2013. Recently, we captured and dissected a sample distributed by RIG Exploit Kit.