Report an incident
Read in Polish Read in polish
  • About us
  • News
  • FAQ
  • Analyses
  • Publications
  • Contact
Tag #analysis
  • 02 October 2015 Łukasz Siewierski #analysis #android #app overlay #e-banking #GMBot #trojan

    GMBot: Android poor man’s “webinjects”

    Article thumbnail

    Recently, we obtained a sample of a new Android banking trojan, named GMBot, which tries to be self-contained (i.e. does not need Windows counterpart) and uses application overlay as a poor man’s webinjects substitute. This malware uses known and common techniques, but implements them in a way similar …

    Read more
  • 27 August 2015 Łukasz Siewierski #analysis #malware #smoke

    Smoke Loader poses as an Office plugin

    Article thumbnail

    Zaufana Trzecia Strona – a Polish security news portal – informed about a new attack on Polish user’s (link is in Polish) that used a Microsoft Office plugin install wizard as a decoy. In reality, the user not only installed the plugin, but also a malware called Smoke Loader. It allows …

    Read more
  • 06 May 2015 CERT Polska #analysis #botnet #dga #DNS

    DGA botnet domains: malicious usage of pseudo random domains

    Article thumbnail

    In the previous entry we showed examples of domains, which could be easily missclassified as DGA botnet domains. Most of them are machine generated and used in a non-malicious manner. In this entry, conversely, we will present examples of pseudo random domains, which could be used in attacks or be …

    Read more
  • 16 January 2015 CERT Polska #analysis #android #e-banking #malware

    iBanking is back in Poland

    Article thumbnail

    iBanking malware was already described on our blog in connection with the attacks targeting Polish e-banking users at the end of 2013. This malware posed as a mobile antivirus application, while in reality it was use to steal one time passwords that were sent via text message. The attack scenario …

    Read more
« 1 ... 2 3

The CERT Polska team operates within the structures of NASK (Research and Academic Computer Network) — a research institute which conducts scientific studies, operates the national .pl domain registry and provides advanced IT services.

Social media

Facebook Twitter GitHub

Contact

ul. Kolska 12, PL-01-045 Warsaw, Poland
tel.: +48 22 380 82 74
fax: +48 22 380 83 99
ePUAP: /NASK-Instytut/SkrytkaESP

E-mail: [email protected]
Incidents: [email protected]

Co-financed by the Connecting Europe Facility of The European Union
  • © 2023 NASK
  • Privacy policy
  • CSIRT GOV
  • CSIRT MON