Cabir, the star of the show

Tomorrow will be the last day of CeBIT and everyone’s extremely busy. We still found the time to visit the Physikalisch-Technische Bundesanstalt (the national meteorology institute providing scientific and technical services) in Braunschweig together with a German TV crew.

And why did we go there? Although the room may look like a big recording studio, the spikes on the wall aren’t to ensure clean sound, but to disperse all radio waves inside the room. Additionally, the metal plated walls and floor create a Faraday cage, making sure that all waves stay inside the room. In short, it’s a perfect location for mobile malware testing.

This gave us the opportunity to show the cameras just how Cabir, the first known smartphone virus, spreads. There are only a few known cases of Cabir infections in the wild in Germany, but everyone in the room understood that mobile malware is a real threat.

The chances of getting infected in your home country may be low. But there are other regions – like parts of Asia – where Cabir is more widespread. And that’s why we never tire of repeating the security professionals mantra: never install a program on your mobile phone if you’re not sure where it came from, and if you don’t need Bluetooth, turn it off! Even (or perhaps especially) at CeBIT.

Cabir, the star of the show

Your email address will not be published.



The SessionManager IIS backdoor

In early 2022, we investigated an IIS backdoor called SessionManager. It has been used against NGOs, government, military and industrial organizations in Africa, South America, Asia, Europe, Russia and the Middle East.

APT ToddyCat

ToddyCat is a relatively new APT actor responsible for multiple sets of attacks against high-profile entities in Europe and Asia. Its main distinctive signs are two formerly unknown tools that we call ‘Samurai backdoor’ and ‘Ninja Trojan’.

WinDealer dealing on the side

We have discovered that malware dubbed WinDealer, spread by Chinese-speaking APT actor LuoYu, has an ability to perform intrusions through a man-on-the-side attack.

APT trends report Q1 2022

This is our latest summary of advanced persistent threat (APT) activity, focusing on events that we observed during Q1 2022.

Subscribe to our weekly e-mails

The hottest research right in your inbox