MadProtect, not that mad

3 February 2016 Maciej Kotowicz

Some weeks ago we stumbled on a packer that our tools could not break. Surprisingly, this is actually not that common since most of the malware in the wild uses some sort of RunPE technique which is relatively trivial to break using simple memory tracing.

Read more

Banatrix successor – swapping acct numbers with a Firefox add-on

21 January 2016 malgorzatad

Our laboratory recently received a sample of malware used for attacks on Polish users of electronic banking. Analysis of this malware gave us reasons to believe, that this is the software written by the authors of Banatrix (which we discussed in greater detail in our earlier posts), Slave and e-mail campaign (allegedly by Polish Post).

Read more

Sorry, but this post is not available in English

17 December 2015 piotrk

Sorry, but this post is not available in English

Dorkbot botnets disruption

4 December 2015 piotrk

Talking to Dridex (part 0) – inside the dropper

17 November 2015 Maciej Kotowicz

Sorry, but this post is not available in English

Łukasz Siewierski

System bezpieczeństwa cyberprzestrzeni RP

12 November 2015 piotrk