Check Point Blog

Research August 7, 2018

FakesApp: A Vulnerability in WhatsApp

Research By: Dikla Barda, Roman Zaikin and Oded Vanunu As of early 2018, the Facebook-owned messaging application, WhatsApp, has over 1.5 billion users with over one billion groups and 65 billion messages sent every day. With so much chatter, the poten...

Read More
Research August 5, 2018

Ramnit’s Network of Proxy Servers

Research By: Alexey Bukhteyev As you may know, Ramnit is one of the most prominent banking malware families in existence today and lately Check Point Research monitored a new massive campaign of Ramnit, dubbed ‘Black’, reaching over 100,000 infections ...

Read More
Research July 31, 2018

Osiris: An Enhanced Banking Trojan

Research By: Yaroslav Harakhavik and Nikita Fokin Following our recent analysis of the Kronos banking Trojan, we discovered that Kronos has also now been enhanced to hide its communication with C&C server using Tor. While the author of Kronos conti...

Read More
Research July 30, 2018

A Malvertising Campaign of Secrets and Lies

Check Point Research has uncovered a large Malvertising campaign that starts with thousands of compromised WordPress websites, involves multiple parties in the online advertising chain and ends with distributing malicious content, via multiple Exploit ...

Read More
Research July 24, 2018

Emotet: The Tricky Trojan that ‘Git Clones’

The Emotet Trojan downloader originally debuted in 2014 as a banking Trojan that took an unusual approach to stealing banking credentials; Instead of hooking per-browser functions in the victim’s web browser process, Emotet directly hooked networ...

Read More
Research July 12, 2018

GlanceLove: Spying Under the Cover of the World Cup

When the whistle of the first match of the 2018 World Cup blew, it didn’t just signal the start of an exciting tournament for football fans worldwide, but also gave the green light for threat actors to exploit this much anticipated event for their own ...

Read More
Research July 8, 2018

APT Attack In the Middle East: The Big Bang

Over the last few weeks, the Check Point Threat Intelligence Team discovered the comeback of an APT surveillance attack against institutions across the Middle East, specifically the Palestinian Authority. The attack begins with a phishing email sent to...

Read More
Research June 12, 2018

Deep Dive into UPAS Kit vs. Kronos

By Mark Lechtik Introduction In this post we will be analyzing the UPAS Kit and the Kronos banking Trojan, two malwares that have come under the spotlight recently due to the back story behind them. Background In May 2017, WannaCry wreaked havoc in ove...

Read More
Research June 7, 2018

Scriptable Remote Debugging with Windbg and IDA Pro

Required Background: Basic experience with virtual machines, i.e. creating a VM and installing an OS. The most technically involved it gets is setting up a working SSH server on one of the VMs that you can access from another machine. Familiarity with ...

Read More
Research June 6, 2018

Banking Trojans Under Development

Although banks themselves have taken measures to strengthen the security of their authentication processes, Banker Trojans, however, are still a popular tool for stealing user’s financial details and draining bank accounts. The Check Point Research tea...

Read More