Check Point Blog

The Emergence of the New Azorult 3.3

Research by: Israel Gubi During the last week, Check Point Research spotted a new version of Azorult in the wild being delivered through the RIG exploit kit, as well as other sources. Azorult is a long known information stealer and malware downloader, …

Research October 17, 2018

Godzilla Loader and the Long Tail of Malware

Research by: Ben Herzog To most victims, malware is a force of nature. Zeus, Wannacry, Conficker are all vengeful gods, out to punish the common man for clicking the wrong link. Even for a security analyst, it’s easy to fall into the kind of thin…

Research October 14, 2018

Labeless Part 6: How to Resolve Obfuscated API Calls in the Ngioweb Proxy Malware

In this part we show how to deal with obfuscated Windows API calls in Ngioweb malware using Labeless and x64dbg without reconstructing API-resolving algorithm. If you’re new to all this Labeless stuff, though, please refer to the previous articles in t…

Research October 3, 2018

Labeless Part 5: How to Decrypt Strings in Boleto Banking Malware Without Reconstructing Decryption Algorithm.

In this part we show how to decrypt strings present in the module of Boleto malware – without reconstructing the decryption algorithm. If you’re new to all this Labeless stuff though, please refer to the previous articles in this series as they will be…

Research

Labeless Part 4: Scripting

In this part of our Labeless series, we will discuss the theory behind Labeless scripting. If, however, you’re new to all this Labeless stuff, please refer to the previous articles in this series as they will be helpful in explaining on what’s going on…

Research

The ‘Gazorp’ Dark Web Azorult Builder

Research by: Nikita Fokin, Israel Gubi, Mark Lechtik On 17th September Check Point Research found a new online builder, dubbed ‘Gazorp’, hosted on the Dark Web. Gazorp is designed for building binaries of the popular malware, Azorult, an infostealer us…

Research September 27, 2018

Meet Black Rose Lucy, the Latest Russian MaaS Botnet

Research By: Feixiang He, Bogdan Melnykov, Andrey Polkovnichenko An organization needs to have a collaborative hiring process, advised Steve Jobs. Always a group to follow mainstream trends closely, in recent years we’ve seen cyber criminals take great…

Research September 13, 2018

Domestic Kitten: An Iranian Surveillance Operation

Chinese strategist Sun Tzu, Italian political philosopher Machiavelli and English philosopher Thomas Hobbes all justified deceit in war as a legitimate form of warfare. Preceding them all, however, were some in the Middle East who had already internali…

Research September 7, 2018

Ransom Warrior Decryption Tool

On August 8th, a new ransomware, dubbed ‘RansomWarrior’, was found by the Malware Hunter Team. Going by the ransom note shown to its victims, RansomWarrior seems to have been developed by Indian hackers, who would appear to also not be so e…

Research August 30, 2018

CeidPageLock: A Chinese RootKit

Research by: Israel Gubi Over the last few weeks, we have been observing a rootkit named CEIDPageLock being distributed by the RIG Exploit kit. The rootkit was first discovered by 360 Security Center a few months ago, when it was detected trying to tam…

Research August 28, 2018

1 2 3 … 13 Next »

Network

Cloud

Mobile

Endpoint

Security Management

Business Size

Topic

Industries

Support

Training

Services

Channel Partners

Technology Partners

Partner Portal

Resources

Downloads and Documentation

Cyber Security Insights