Publications

Named & shamed!

StopBadware.org, launched in January by Harvard University’s Berkman Centre and the Oxford Internet Institute, is designed to put pressure on purveyors of ‘badware’ programs by ‘naming and shaming’ them. ‘Badware’, according to the organization’s site, is ‘malicious software that tracks your moves online and feeds that information back to shady marketing groups so that they can ambush you with targeted ads’. The project is supported by Google, Sun and Lenovo.

StopBadware.org positions itself as ‘a “Neighbourhood Watch” campaign aimed at fighting badware.’ The project will ‘seek to provide reliable, objective information about downloadable applications in order to help consumers make better choices about what they download onto their computers.’ It also ‘aim[s] to become a central clearinghouse for research on badware and…[those] who spread it, and become a focal point for developing collaborative, community-minded approaches to stopping badware.’

Yesterday StopBadware.org issued its first reports, naming and shaming Kazaa, MediaPipe, SpyAxe and Screensaver.com as applications that ‘contain annoying or objectionable behaviors’.

Named & shamed!

Your email address will not be published.

 

Reports

Kimsuky’s GoldDragon cluster and its C2 operations

Kimsuky (also known as Thallium, Black Banshee and Velvet Chollima) is a prolific and active threat actor primarily targeting Korea-related entities. In early 2022, we observed this group was attacking the media and a think-tank in South Korea.

Andariel deploys DTrack and Maui ransomware

Earlier, the CISA published an alert related to a Stairwell report, “Maui Ransomware.” Our data should openly help solidify the attribution of the Maui ransomware incident to the Korean-speaking APT Andariel, also known as Silent Chollima and Stonefly.

Subscribe to our weekly e-mails

The hottest research right in your inbox