CVE-2014-2993 BIREBIN.COM ANDROID APP SSL CERTIFICATE VALIDATION WEAKNESS SKEPTIVE Birebin.com is an online betting web-site which also provides Andro...Read More
A NEW TYPE OF MALWARE FOUND ON THE WILD CALLED SMALLB
Sceptive has found a new brand of malware called SmallB during an incident investigation. After initial analysis, we have detected C&C servers for the malware but could not find any major clue about whereabouts or origins of the attackers. Due to our contact with service providers and financial corporations and banks that malware targeted, we observed that C&C servers went down immediately without a trace.
Main targets are mostly Eastern European and Turkish financial institutions including stock brokerage firms and commercial banks. SmallB injects various methods into login pages to pass over two-factor-authentication to retrieve confidential information and access to account pages.
It is spotted that attackers was using zero-day exploits such as CVE-2015-3113 and CVE-2016-1001 for Adobe Flash Player and CVE-2016-0034 for Silverlight on server-side to install SmallB to the victims. Also it uses RDP protocol attacks to transfer itself from one victim to another. And copies itself to shared folders and other drives to get incidentally run by other victims.
More details and malware binaries will be served after we will finish whole investigation.
CVE-2014-2992 MISLI.COM ANDROID APP SSL CERTIFICATE VALIDATION WEAKNESS SKEPTIVE Misli.com is an online betting web-site which also provides Android a...Read More
CVE-2014-3750 BILYONER MOBILE APPS PRONE TO VARIOUS SSL/TLS ATTACKS SKEPTIVE Bilyoner is an online betting platform for various betting options on i...Read More
UNPATCHED ATLASSIAN PRODUCTS STILL REIGN OVER A CRITICAL SECURITY FLAW SKEPTIVE Atlassian released a security advisory nearly 8 months ago and relea...Read More
CVE-2014-3518 JBOSS EAP/AS 5: REMOTE CODE EXECUTION SKEPTIVE JBoss Application Server (JBoss AS) is an open-source, cross-platform Java application se...Read More
Sceptive has found a new brand of malware called SmallB during an incident investigation. After initial analysis, we have detected C&C servers for the malware but could not find any major clue about whereabouts or origins of the attackers.Read More