While breaking down some samples of GuLoader, researchers found them to be related to another malware variant named DarkEyE Protector. The discovery was made during Check Point's ongoing study of the dropper GuLoader, which the researchers say is used in hundreds of attacks each day to deliver a wide variety of malware. Prior to CloudEyE's site going offline, Check Point analysts found information indicating the company had more than 5,000 customers and sold three monthly levels of service for $100, $200 and $750. "Code randomization, evasion techniques and payload encryption used in CloudEyE protect malware from being detected by many of the existing security products on the market," according to the Check Point Research report.
#Cloudeye crypter software
The message on the site states that CloudEyE sold legitimate security software but admits some users may have used the software for illegal purposes.Ĭheck Point Research analysts say CloudEyE operated for four years as a legally registered Italian company running a publicly available website.
The website of the firm, also known as CloudEyE, was taken down on June 10 and replaced with a message signed by a person who also had been spotted in darknet forums offering another malware strain called DarkEyE, according to the Check Point Research. See Also: Live Webinar | SaaS: The Gaping Hole in Your Disaster Recovery Plan Note currently posted on the CloudEyE website (Source: ISMG/Check Point Research)Īn Italian cybersecurity company, allegedly was a front for a criminal gang selling access to a GuLoader-related dropper Trojan known as CloudEyE, according to analysts at the security firm Check Point Research.
0 kommentar(er)
