Olympic Destroyer is still alive

In May-June 2018 we discovered new spear-phishing documents that closely resembled weaponized documents used by Olympic Destroyer in the past. This and other TTPs led us to believe that we were looking at the same actor again. However, this time the attacker has new targets.

no-image

A MitM extension for Chrome

Browser extensions make our lives easier: they hide obtrusive advertising, translate text, help us choose in online stores, etc. There are also less desirable extensions, including those that bombard us with advertising or collect information about our activities. These pale into insignificance, however, when compared to extensions whose main aim is to steal money. Read Full Article

no-image

Trojan watch

We continue to research how proliferation of IoT devices affects the daily lives of users and their information security. In our previous study, we touched upon ways of intercepting authentication data using single-board microcomputers. This time, we turned out attention to wearable devices: smartwatches and fitness trackers. Or more precisely, the accelerometers and gyroscopes inside them. Read Full Article

no-image

2018 Fraud World Cup

There are only two weeks to go before the start of the massive soccer event — FIFA World Cup. This championship has already attracted the attention of millions worldwide, including a fair few cybercriminals. Long before kick-off, email accounts began bulging with soccer-related spam, and scammers started exploiting the topic in mailings and creating World Cup-themed phishing pages. Read Full Article

no-image

Backdoors in D-Link’s backyard

If you want to make the world safer, start with the smart things in your home. Or, to be more specific, start with your router – the core of any home network as well as an interesting research object. And that router you got from your ISP as part of your internet contract is even more interesting when it comes to research. Read Full Article