GReAT – WindowsTechs.com

Maverick: a new banking Trojan abusing WhatsApp in a mass-scale distribution

Posted on October 15, 2025 by GReAT

A malware campaign was recently detected in Brazil, distributing a malicious LNK file using WhatsApp. It delivered a new Maverick banker, which features code overlaps with Coyote malware. Continue reading Maverick: a new banking Trojan abusing WhatsApp in a mass-scale distribution→

GhostContainer backdoor: malware compromising Exchange servers of high-value organizations in Asia

Posted on July 17, 2025 by GReAT

In an incident response case in Asia, Kaspersky researchers discovered a new backdoor for Microsoft Exchange servers, based on open-source tools and dubbed “GhostContainer”. Continue reading GhostContainer backdoor: malware compromising Exchange servers of high-value organizations in Asia→

IronHusky updates the forgotten MysterySnail RAT to target Russia and Mongolia

Posted on April 17, 2025 by GReAT

MysterySnail RAT attributed to IronHusky APT group hasn’t been reported since 2021. Recently, Kaspersky GReAT detected new versions of this implant in government organizations in Mongolia and Russia. Continue reading IronHusky updates the forgotten MysterySnail RAT to target Russia and Mongolia→

APT trends report Q3 2024

Posted on November 28, 2024 by GReAT

The report features the most significant developments relating to APT groups in Q3 2024, including hacktivist activity, new APT tools and campaigns. Continue reading APT trends report Q3 2024→

Сrimeware and financial cyberthreats in 2025

Posted on November 14, 2024 by GReAT

Kaspersky’s GReAT looks back on the 2024 predictions about financial and crimeware threats, and explores potential cybercrime trends for 2025. Continue reading Сrimeware and financial cyberthreats in 2025→

Grandoreiro, the global trojan with grandiose ambitions

Posted on October 22, 2024 by GReAT

In this report, Kaspersky experts analyze recent Grandoreiro campaigns, new targets, tricks, and banking trojan versions. Continue reading Grandoreiro, the global trojan with grandiose ambitions→

Stealer here, stealer there, stealers everywhere!

Posted on October 21, 2024 by GReAT

Kaspersky researchers investigated a number of stealer attacks over the past year, and they are now sharing some details on the new Kral stealer, recent AMOS version and Vidar delivering ACR stealer. Continue reading Stealer here, stealer there, stealers everywhere!→

Exotic SambaSpy is now dancing with Italian users

Posted on September 18, 2024 by GReAT

Kaspersky researchers detected a campaign exclusively targeting Italian users by delivering a new RAT dubbed SambaSpy Continue reading Exotic SambaSpy is now dancing with Italian users→

BlindEagle flying high in Latin America

Posted on August 19, 2024 by GReAT

Kaspersky shares insights into the activity and TTPs of the BlindEagle APT, which targets organizations and individuals in Colombia, Ecuador, Chile, Panama and other Latin American countries. Continue reading BlindEagle flying high in Latin America→

EastWind campaign: new CloudSorcerer attacks on government organizations in Russia

Posted on August 14, 2024 by GReAT

Kaspersky has identified a new EastWind campaign targeting Russian organizations and using CloudSorcerer as well as APT31 and APT27 tools. Continue reading EastWind campaign: new CloudSorcerer attacks on government organizations in Russia→