Results for pakistan

Threat Research

In-Depth Look at New Variant of MONSOON APT Backdoor, Part 1

Three weeks ago, FortiGuard Labs, along with @_ddoxer (Roland de la Paz), using VirusTotal Intelligence queries, spotted a document with the politically themed file name (Senate_panel.doc). This malicious RTF file takes advantage of the vulnerability CVE-2015-1641.

By Jasper Manuel and Artem Semenchenko April 05, 2017

Threat Research

In-Depth Look at New Variant of MONSOON APT Backdoor, Part 2

In part 1 of FortiGuard Labs’ analysis of a new variant of the BADNEWS backdoor, which is actively being used in the MONSOON APT campaign, we did a deep technical analysis of what this backdoor of capable of and how the bad guys control it using the command and control server. In this part of the analysis, we will try to discover who might be behind the distribution of these files.

By Jasper Manuel and Artem Semenchenko April 05, 2017