Prevalent Threats Targeting Cuckoo Sandbox Detection and Our Mitigation

In this blog post, we will discuss the history of sandbox detection. We will then unveil the malware families that KTIS has observed from spear-phishing emails that attempt to bypass the user-mode API hook in order to evade sandbox detection. And finally, we will share the mitigation method we use to harden the Cuckoo sandbox against this bypass technique.

Article Link: https://blog.fortinet.com/2018/01/03/prevalent-threats-targeting-cuckoo-sandbox-detection-and-our-mitigation