Check Point Blog

APT Attack In the Middle East: The Big Bang

Over the last few weeks, the Check Point Threat Intelligence Team discovered the comeback of an APT surveillance attack against institutions across the Middle East, specifically the Palestinian Authority. The attack begins with a phishing email sent to…

Read More
Research July 8, 2018

Deep Dive into UPAS Kit vs. Kronos

By Mark Lechtik Introduction In this post we will be analyzing the UPAS Kit and the Kronos banking Trojan, two malwares that have come under the spotlight recently due to the back story behind them. Background In May 2017, WannaCry wreaked havoc in ove…

Read More
Research June 12, 2018

Scriptable Remote Debugging with Windbg and IDA Pro

Required Background: Basic experience with virtual machines, i.e. creating a VM and installing an OS. The most technically involved it gets is setting up a working SSH server on one of the VMs that you can access from another machine. Familiarity with …

Read More
Research June 7, 2018

Banking Trojans Under Development

Although banks themselves have taken measures to strengthen the security of their authentication processes, Banker Trojans, however, are still a popular tool for stealing user’s financial details and draining bank accounts. The Check Point Research tea…

Read More
Research June 6, 2018

Handling BSODs in Your Sandbox: A Useful Addition to Your Emulation Toolbox

In our malware laboratory sandbox, we emulate a large number of samples each day. These emulations provide a lot of useful information, such as IoCs (Indicators of Compromise), that we use to protect our customers. Usually, we expect to see a small num…

Read More
Research May 23, 2018

Remote Code Execution Vulnerability on LG Smartphones

Research by: Slava Makkaveev Background A few months ago, Check Point Research discovered two vulnerabilities that reside in the default keyboard on all mainstream LG smartphone models (termed by LG as ‘LGEIME’). These vulnerabilities are unique to LG …

Read More
Research May 8, 2018

Telegram: Cyber Crime’s Channel of Choice

Introduction The Dark Web is a hive of illicit activity. From illegal guns and drug dealing to the Ransomware-as-a-Service programs buyers and sellers can use this medium to trade and exchange both knowledge and products. That is, of course, until the …

Read More
Research May 7, 2018

SiliVaccine: Inside North Korea’s Anti-Virus

By: Mark Lechtik and Michael Kajiloti Revealed: In an exclusive piece of research, Check Point Researchers have carried out a revealing investigation into North Korea’s home-grown anti-virus software, SiliVaccine. One of several interesting factors is …

Read More
Research May 1, 2018

A Crypto Mining Operation Unmasked

Introduction With the emerging threat of miners and the rise of cryptocurrencies that have taken the world by storm lately, Check Point Research has been keeping an eye out for mining campaigns. During our work into Monero miners, we stumbled upon seve…

Read More
Research April 29, 2018

MMap Vulnerabilities – Linux Kernel

By: Eyal Itkin As part of our efforts in identifying vulnerabilities in different products, from time to time we also review the Linux Kernel, mainly searching for vulnerabilities in different drivers. In this case, we took a look into drivers trying t…

Read More