In the field of information security, sandboxes are used to isolate an insecure external environment from a secure internal environment (or vice versa), to protect against the exploitation of vulnerabilities, and to analyze malicious code.
At Kaspersky Lab, we have several sandboxes, we will look at just one of them that was customized to serve the needs of a specific product and became the basis of Kaspersky Anti Targeted Attack Platform.
During the preparation of the “IT threat evolution Q2 2017rdquo; report I found several common Trojans that were stealing money from users using WAP-billing. We hadnrsquo;t seen any Trojans like this in a while, but several of them appeared out of nowhere. Most of them had been under development since the end of 2016 / the beginning of 2017, but their prevalence increased only in the second half of Q2 2017.
Therefore, I decided to take a closer look at these Trojans.