Home > Resources > Whitepapers > EyeSpy - Iranian Spyware Delivered in VPN Installers

Virtual Desktop Tools, Virtual Desktop Strategies

EyeSpy - Iranian Spyware Delivered in VPN Installers

October 12, 2022

eyespy-iranian-spyware
During routine analysis of detection performance, we noticed a batch of processes that respected the same pattern in the process names. These names begin with sys, win or lib followed by a word that describes the functionality, such as bus, crt, temp, cache, init, and end in 32.exe. We later noticed that the .bat files and the downloaded payloads respect the same naming convention. Further investigation revealed the components are part of a monitoring application called SecondEye, developed in Iran and distributed legitimately via the developer’s website. We also found that some spyware components were already described in an article published by Blackpoint [1]. In the article, researchers drew attention to the dangers of legally distributed monitoring software with malicious behavior

I'm For Real

Enter your details once to access all our information and resources

 

Spotlight

Intercomputer

nterComputer’s InterOperating System (IC IOS) delivers the ultimate in safety, security, privacy, and SOX/GLB/HIPAA/PCI compliance for electronic messaging and payments. The IC IOS employs multiple layers of patented security protections, including our unique Microburst TunnelTM technology, to provide unprecedented fraud and man-in-the-middle attack prevention. Our AuthoriTreeTM technology delivers both corporate and individual electronic identity

OTHER WHITEPAPERS
news image

Versa SD-WAN Solution Use Case for Satellite ISPs

whitePaper | July 19, 2022

Satellite networks offer their customers several advantages over other types of connectivity. They are easily deployed, reliable, and allow a wide degree of mobility, making them a perfect fit for Disaster Recovery Plans (DRP). They are an essential asset in places where other connectivity methods are not available, such as oil rigs, vessels, or even planes. However, they have several characteristics that make them harder to manage when compared to other kinds of networks. This document will discuss those challenges and explore how the Versa Operating System (VOS™) can help you extract better performance out of your Satellite links.

Read More
news image

Powering the Internet of Things with End-to-End Battery Testing

whitePaper | January 17, 2023

Technology is advancing rapidly, transforming many aspects of society, including how we communicate, navigate, and treat diseases. The Internet of Things (IoT) is growing rapidly as there are more electronics than ever to run accurate diagnostics, more sensors to increase autonomy, and better connectivity to avoid interference. Plus, the miniaturization of semiconductor components and advancement in electronic display technologies enables consumer electronic (CE) devices to become compact.

Read More
news image

Four Adoption and Change Management Best Practices for Organizations Migrating from Citrix to VMware

whitePaper | September 13, 2022

Organizations that replace their existing Citrix desktop and application virtualization platform do so for various reasons. Some want to augment their technical feature set, such as acquiring advanced image and app management functionalities, and others might be looking to offer their remote workforce a better experience for all applications. Another motivation for many to migrate to a different vendor is to gain a secure, integrated digital workspace platform that offers flexibility and the advantage of unified endpoint management

Read More
news image

Threat detection and response in cloud environments

whitePaper | June 7, 2022

Cloud environments change fundamental assumptions in how to perform threat detection and response. The highly dynamic inventory of cloud workloads means systems come and go in seconds. When system configuration errors are introduced during a build, they can be exacerbated and amplified when automation replicates the errors across many workloads. Shared responsibility with the cloud service provider (CSP) creates potential threat detection gaps in the attack lifecycle.

Read More
news image

IPsec VPN User Guide

whitePaper | September 15, 2022

For each VPN tunnel, both AH and ESP tunnel sessions are installed on Services Processing Units (SPUs) and the control plane. Tunnel sessions are updated with the 7 protocol on is completed. For SRX5400, SRX5600, and SRX5800 devices, tunnel sessions on anchor SPUs are updated with the protocol while non-anchor SPUs retain ESP and AH tunnel sessions. ESP and AH tunnel sessions are displayed in the outputs.

Read More
news image

VMware Multi-Cloud Adoption Framework

whitePaper | July 22, 2022

Moving to cloud requires a proactive, thoughtful strategy an approach that explores opportunities for value in new areas of the business; improves current capabilities and processes to drive down costs and respond faster to changing customer demands; and establishes a prescriptive path that enables IT to serve as a strategic partner to the business and its customers.

Read More

Versa SD-WAN Solution Use Case for Satellite ISPs

whitePaper | July 19, 2022

Satellite networks offer their customers several advantages over other types of connectivity. They are easily deployed, reliable, and allow a wide degree of mobility, making them a perfect fit for Disaster Recovery Plans (DRP). They are an essential asset in places where other connectivity methods are not available, such as oil rigs, vessels, or even planes. However, they have several characteristics that make them harder to manage when compared to other kinds of networks. This document will discuss those challenges and explore how the Versa Operating System (VOS™) can help you extract better performance out of your Satellite links.

Read More

Powering the Internet of Things with End-to-End Battery Testing

whitePaper | January 17, 2023

Technology is advancing rapidly, transforming many aspects of society, including how we communicate, navigate, and treat diseases. The Internet of Things (IoT) is growing rapidly as there are more electronics than ever to run accurate diagnostics, more sensors to increase autonomy, and better connectivity to avoid interference. Plus, the miniaturization of semiconductor components and advancement in electronic display technologies enables consumer electronic (CE) devices to become compact.

Read More

Four Adoption and Change Management Best Practices for Organizations Migrating from Citrix to VMware

whitePaper | September 13, 2022

Organizations that replace their existing Citrix desktop and application virtualization platform do so for various reasons. Some want to augment their technical feature set, such as acquiring advanced image and app management functionalities, and others might be looking to offer their remote workforce a better experience for all applications. Another motivation for many to migrate to a different vendor is to gain a secure, integrated digital workspace platform that offers flexibility and the advantage of unified endpoint management

Read More

Threat detection and response in cloud environments

whitePaper | June 7, 2022

Cloud environments change fundamental assumptions in how to perform threat detection and response. The highly dynamic inventory of cloud workloads means systems come and go in seconds. When system configuration errors are introduced during a build, they can be exacerbated and amplified when automation replicates the errors across many workloads. Shared responsibility with the cloud service provider (CSP) creates potential threat detection gaps in the attack lifecycle.

Read More

IPsec VPN User Guide

whitePaper | September 15, 2022

For each VPN tunnel, both AH and ESP tunnel sessions are installed on Services Processing Units (SPUs) and the control plane. Tunnel sessions are updated with the 7 protocol on is completed. For SRX5400, SRX5600, and SRX5800 devices, tunnel sessions on anchor SPUs are updated with the protocol while non-anchor SPUs retain ESP and AH tunnel sessions. ESP and AH tunnel sessions are displayed in the outputs.

Read More

VMware Multi-Cloud Adoption Framework

whitePaper | July 22, 2022

Moving to cloud requires a proactive, thoughtful strategy an approach that explores opportunities for value in new areas of the business; improves current capabilities and processes to drive down costs and respond faster to changing customer demands; and establishes a prescriptive path that enables IT to serve as a strategic partner to the business and its customers.

Read More
More Whitepapers

Spotlight

Intercomputer

nterComputer’s InterOperating System (IC IOS) delivers the ultimate in safety, security, privacy, and SOX/GLB/HIPAA/PCI compliance for electronic messaging and payments. The IC IOS employs multiple layers of patented security protections, including our unique Microburst TunnelTM technology, to provide unprecedented fraud and man-in-the-middle attack prevention. Our AuthoriTreeTM technology delivers both corporate and individual electronic identity

Events

SD-WAN & SASE Summit 2023

Conference