New GPCode

26 Jan 2006

minute read

Authors

Denis Nazarov

We’ve got another version of GPCode. We’re currently looking at the encryption algorithms, and we’ll get back to you with the full story in the near future.

Authors

Denis Nazarov

New GPCode

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Latest Posts

Latest Webinars

Reports

Kaspersky researchers analyze updated CoolClient backdoor and new tools and scripts used in HoneyMyte (aka Mustang Panda or Bronze President) APT campaigns, including three variants of a browser data stealer.

Kaspersky discloses a 2025 HoneyMyte (aka Mustang Panda or Bronze President) APT campaign, which uses a kernel-mode rootkit to deliver and protect a ToneShell backdoor.

Kaspersky GReAT experts analyze the Evasive Panda APT’s infection chain, including shellcode encrypted with DPAPI and RC5, as well as the MgBot implant.

Kaspersky expert describes new malicious tools employed by the Cloud Atlas APT, including implants of their signature backdoors VBShower, VBCloud, PowerShower, and CloudAtlas.

New GPCode

GReAT Ideas. Balalaika Edition

GReAT Ideas. Green Tea Edition

GReAT Ideas. Powered by SAS: malware attribution and next-gen IoT honeypots

GReAT Ideas. Powered by SAS: threat actors advance on new fronts

GReAT Ideas. Powered by SAS: threat hunting and new techniques

Induc, the innovative file infector

2+2=89?

An inventive approach

New file infector for Win64

Blackmailer: the story of Gpcode

The game is over: when “free” comes at too high a price. What we know about RenEngine

Deep analysis of the flaw in BetterBank reward logic

Post-exploitation framework now also delivered via npm

Massive npm infection: the Shai-Hulud worm and patient zero

The SOC files: Rumble in the jungle or APT41’s new target in Africa

Latest Posts

The Notepad++ supply chain attack — unnoticed execution chains and new IoCs

Supply chain attack on eScan antivirus: detecting and remediating malicious updates

HoneyMyte updates CoolClient and deploys multiple stealers in recent campaigns

The HoneyMyte APT evolves with a kernel-mode rootkit and a ToneShell backdoor

Latest Webinars

Signal in the noise. What 2025 hacktivism reveals about the modern threat landscape

Kaspersky Security Bulletin 2025: Decoding the finance sector threats

State of AI in cybersecurity: AI trends & predictions for 2026

KSB: Kaspersky ICS CERT trends and predictions for 2026

Reports

HoneyMyte updates CoolClient and deploys multiple stealers in recent campaigns

The HoneyMyte APT evolves with a kernel-mode rootkit and a ToneShell backdoor

Evasive Panda APT poisons DNS requests to deliver MgBot

Cloud Atlas activity in the first half of 2025: what changed

Subscribe to our weekly e-mails