Home > Resources > Whitepapers > EyeSpy - Iranian Spyware Delivered in VPN Installers

Virtual Desktop Tools, Virtual Desktop Strategies

EyeSpy - Iranian Spyware Delivered in VPN Installers

October 12, 2022

eyespy-iranian-spyware
During routine analysis of detection performance, we noticed a batch of processes that respected the same pattern in the process names. These names begin with sys, win or lib followed by a word that describes the functionality, such as bus, crt, temp, cache, init, and end in 32.exe. We later noticed that the .bat files and the downloaded payloads respect the same naming convention. Further investigation revealed the components are part of a monitoring application called SecondEye, developed in Iran and distributed legitimately via the developer’s website. We also found that some spyware components were already described in an article published by Blackpoint [1]. In the article, researchers drew attention to the dangers of legally distributed monitoring software with malicious behavior

I'm For Real

Enter your details once to access all our information and resources

Spotlight

Electric Cloud

Electric Cloud powers Continuous Delivery. We help organizations developing mobile, embedded systems and enterprise web/IT applications deliver better software faster by automating and accelerating build, test, and deployment processes at scale. Industry leaders like Qualcomm, SpaceX, Cisco, GE, Gap, and E*TRADE use Electric Cloud solutions and services to boost DevOps productivity and Agile throughput. For more information, visit www.electric-cloud.com.

OTHER WHITEPAPERS
news image

Virtual Desktop Infrastructure for the Financial Services Industry

whitePaper | July 12, 2022

This Dell Technologies Validated Design Technical White Paper describes technical considerations and best practices for the deployment of Dell Technologies virtual desktop infrastructure (VDI) in Financial Services Industry (FSI) applications. The document gives particular attention to the design of configurations for different financial user profiles, including the front office or branch worker, the knowledge worker, the developer, and the financial trader.

Read More
news image

HP Print and Scan Devices Supported in Citrix Virtual Apps and Virtual Desktops Environments

whitePaper | May 3, 2022

These tests were run to determine how HP printers and their associated printer drivers performed using the standard printer and printer-related features tests that Citrix uses to test its Virtual Apps server and client software.

Read More
news image

NSX-T Data Center Installation Guide - VMware NSX-T Data Center 2.4

whitePaper | February 28, 2020

In the same way that server virtualization programmatically creates and manages virtual machines, NSXT Data Center network virtualization programmatically creates and managed software-based virtual networks. With network virtualization, the functional equivalent of a network hypervisor reproduces the complete set of Layer 2 through Layer 7 networking services (for example, switching, routing, access control, firewalling, QoS) in software. As a result, these services can be programmatically assembled in any arbitrary combination, to produce unique, isolated virtual networks in a matter of seconds.

Read More
news image

Avoiding The 9 Common Hazards Of App And Desktop Virtualization

whitePaper | June 4, 2021

VDI can change the way IT delivers desktops and apps to users—yet the success of an IT project path has many potential hazards along the way. These hazards can stop IT at any stage of a VDI deployment, from initial planning to the rollout of production systems.

Read More
news image

Achieving pervasive security above and below the OS

whitePaper | October 3, 2022

Keeping business data secure is a challenging task, complicated by the proliferation of endpoints operating outside of the organizational network and the constant evolution of threat vectors

Read More
news image

Zero Trust Maturity Model

whitePaper | June 13, 2023

The Cybersecurity and Infrastructure Security Agency (CISA) leads the nation’s effort to understand, manage, and reduce cybersecurity risk, including by supporting Federal Civilian Executive Branch agencies in evolving and operationalizing cybersecurity programs and capabilities. CISA’s Zero Trust Maturity Model (ZTMM) provides an approach to achieve continued modernization efforts related to zero trust within a rapidly evolving environment and technology landscape. This ZTMM is one of many paths that an organization can take in designing and implementing their transition plan to zero trust architectures in accordance with Executive Order (EO) 14028 “Improving the Nation’s Cybersecurity” § (3)(b)(ii),1 which requires that agencies develop a plan to implement a Zero Trust Architecture (ZTA). While the ZTMM is specifically tailored for federal agencies as required by EO 14028, all organizations should review and consider adoption of the approaches outlined in this document.

Read More

Virtual Desktop Infrastructure for the Financial Services Industry

whitePaper | July 12, 2022

This Dell Technologies Validated Design Technical White Paper describes technical considerations and best practices for the deployment of Dell Technologies virtual desktop infrastructure (VDI) in Financial Services Industry (FSI) applications. The document gives particular attention to the design of configurations for different financial user profiles, including the front office or branch worker, the knowledge worker, the developer, and the financial trader.

Read More

HP Print and Scan Devices Supported in Citrix Virtual Apps and Virtual Desktops Environments

whitePaper | May 3, 2022

These tests were run to determine how HP printers and their associated printer drivers performed using the standard printer and printer-related features tests that Citrix uses to test its Virtual Apps server and client software.

Read More

NSX-T Data Center Installation Guide - VMware NSX-T Data Center 2.4

whitePaper | February 28, 2020

In the same way that server virtualization programmatically creates and manages virtual machines, NSXT Data Center network virtualization programmatically creates and managed software-based virtual networks. With network virtualization, the functional equivalent of a network hypervisor reproduces the complete set of Layer 2 through Layer 7 networking services (for example, switching, routing, access control, firewalling, QoS) in software. As a result, these services can be programmatically assembled in any arbitrary combination, to produce unique, isolated virtual networks in a matter of seconds.

Read More

Avoiding The 9 Common Hazards Of App And Desktop Virtualization

whitePaper | June 4, 2021

VDI can change the way IT delivers desktops and apps to users—yet the success of an IT project path has many potential hazards along the way. These hazards can stop IT at any stage of a VDI deployment, from initial planning to the rollout of production systems.

Read More

Achieving pervasive security above and below the OS

whitePaper | October 3, 2022

Keeping business data secure is a challenging task, complicated by the proliferation of endpoints operating outside of the organizational network and the constant evolution of threat vectors

Read More

Zero Trust Maturity Model

whitePaper | June 13, 2023

The Cybersecurity and Infrastructure Security Agency (CISA) leads the nation’s effort to understand, manage, and reduce cybersecurity risk, including by supporting Federal Civilian Executive Branch agencies in evolving and operationalizing cybersecurity programs and capabilities. CISA’s Zero Trust Maturity Model (ZTMM) provides an approach to achieve continued modernization efforts related to zero trust within a rapidly evolving environment and technology landscape. This ZTMM is one of many paths that an organization can take in designing and implementing their transition plan to zero trust architectures in accordance with Executive Order (EO) 14028 “Improving the Nation’s Cybersecurity” § (3)(b)(ii),1 which requires that agencies develop a plan to implement a Zero Trust Architecture (ZTA). While the ZTMM is specifically tailored for federal agencies as required by EO 14028, all organizations should review and consider adoption of the approaches outlined in this document.

Read More
More Whitepapers

Spotlight

Electric Cloud

Electric Cloud powers Continuous Delivery. We help organizations developing mobile, embedded systems and enterprise web/IT applications deliver better software faster by automating and accelerating build, test, and deployment processes at scale. Industry leaders like Qualcomm, SpaceX, Cisco, GE, Gap, and E*TRADE use Electric Cloud solutions and services to boost DevOps productivity and Agile throughput. For more information, visit www.electric-cloud.com.

Events