Collaborate Disseminate
The report features the most significant developments relating to APT groups in Q2 2024, including the new backdoor in Linux utility XZ, a new RAT called SalmonQT, and hacktivist activity. Continue reading APT trends report Q2 2024
Kaspersky researchers investigated three ransomware groups that tapped newly built malware samples based on Babuk, Lockbit, Chaos and others, while lacking professional resources. Continue reading How “professional” ransomware variants boost cybercrime groups
In this report, we discuss two new stealers: Acrid and ScarletStealer, and an evolution of the known Sys01 stealer, with the latter two dividing stealer functionality across several modules. Continue reading Stealers, stealers and more stealers
The report features the most significant developments relating to APT groups in Q1 2024, including the new malware campaigns DuneQuixote and Durian, and hacktivist activity. Continue reading APT trends report Q1 2024
In this article we analyze social engineering aspects of the XZ backdoor incident. Namely pressuring the XZ maintainer to pass on the project to Jia Cheong Tan, and then urging major downstream maintainers to commit the backdoored code to their projects. Continue reading Assessing the Y, and How, of the XZ Utils incident
New unattributed DuneQuixote campaign targeting entities in the Middle East employs droppers disguised as Total Commander installer and CR4T backdoor in C and Go. Continue reading DuneQuixote campaign targets Middle Eastern entities with “CR4T” malware
Kaspersky analysis of the backdoor recently found in XZ, which is used in many popular Linux distributions and in OpenSSH server process. Continue reading XZ backdoor story – Initial analysis
In this report, we share our latest Android malware findings: the Tambir spyware, Dwphon downloader and Gigabud banking Trojan. Continue reading Android malware, Android malware and more Android malware
In this report, we share our latest Android malware findings: the Tambir spyware, Dwphon downloader and Gigabud banking Trojan. Continue reading Android malware, Android malware and more Android malware
We will delve into the workings of the infection chain and explore the capabilities of the new Trojan that specifically targets users of more than 60 banking institutions, mainly from Brazil. Continue reading Coyote: A multi-stage banking Trojan abusing the Squirrel installer