Malware

The Awakening of PoS Malware (or, has it really been dormant?)

by Verint Cyber Threat Intelligence Research Team

posted at May 7, 2019

The peak of activity of Point-of-Sale (PoS) malware was in late 2013 (with the disclosure of the notorious Target breach[1]), and over the course of 2014, when we witnessed the development and trade of new PoS malware strains. The vigorous discussions on hacking communities at the time, has led hackers to believe PoS malware would

Breaking Down Builder-encrypted RAT

by Nadav Lorber

posted at November 7, 2018

The emerging trend of Fully Undetectable (FUD) malware builders is not new to our research team. However, in light of the wide variety of techniques that the malware authors keep developing, it’s obvious that we will always encounter malicious code execution tricks that successfully bypass traditional anti-malware solutions. This blog post is actually a case

Threat Hunting with TPS to Reveal Undetected Malicious Activities

by Nadav Lorber

posted at October 25, 2018

One of the common concepts applied in threat hunting, is to define a hypothesis that will yield indicators/TTPs to follow, in order to discover malicious behavior that went under the radar. When using Verint’s Threat Protection System (TPS) for example, we can utilize predefined queries that aim to discover malicious indicators within the events’ raw

Discovery of a New Nymaim Malware Variant Employing Advanced Delivery, Obfuscation and Blacklisting methods

by Verint Research Lab

posted at October 27, 2016

Verint’s Cyber Research team has discovered an unknown variant of the Nymaim malware family, a group of threats that are also capable of downloading various malicious payloads onto the affected device, ranging from Ransomware to Banking Trojans. Background Nymaim is a malware family that was prevalent in 2013 but has recently reemerged on the threat landscape.