New blog: Browser Hijacking techniques -- when malware has different preferences than you

https://www.gdatasoftware.com/blog/2025/11/38298-learning-about-browser-hijacking

#GDATA #GDATATechblog #BrowserHijacking

Steam game BlockBlasters downloads malware
written by Arvin Tan

#GDATATechblog @GDATA #GDATA
https://www.gdatasoftware.com/blog/2025/09/38265-steam-blockblasters-game-downloads-malware

Our technical deep-dive about AppSuite PDF Editor backdoor is out 📝👇

https://www.gdatasoftware.com/blog/2025/08/38257-appsuite-pdf-editor-backdoor-analysis
#GDATA #GDATATechblog #AppSuite

🔍New Blog: JustAskJacky -- AI brings back classical trojan horse malware

https://www.gdatasoftware.com/blog/2025/08/38247-justaskjacky-ai-trojan-horse-comeback

#GDATA #GDATATechblog

A colleague and me wrote an article about EvilConwi -- signed ConnectWise remote access software being abused as malware
#GDATATechblog
https://www.gdatasoftware.com/blog/2025/06/38218-connectwise-abuse-malware

I wrote how to use knowledge about .NET structures and streams for writing .NET Yara signatures.

E.g. IL code patterns, method signature definitions, GUIDs, compressed length

#GDATATechblog #100DaysOfYara
https://www.gdatasoftware.com/blog/2025/04/38145-yara-signatures-net-malware

Karsten Hahn and I took a closer look at the latest #BBTok .NET loaders. In my first article on the #GDATATechblog we describe how to deobfuscate Trammy.dll and share new details about the BBTok infection chain.

https://www.gdatasoftware.com/blog/2024/09/38039-bbtok-deobfuscating-net-loader

@struppigel #GDATA