Author Archives: GReAT

FakeSG campaign, Akira ransomware and AMOS macOS stealer

Posted on December 13, 2023 by GReAT

In this report, we share our latest crimeware findings: FakeSG malware distribution campaign delivering NetSupport RAT, new Conti-like Akira ransomware and AMOS stealer for macOS. Continue reading FakeSG campaign, Akira ransomware and AMOS macOS stealer→

Advanced threat predictions for 2024

Posted on November 14, 2023 by GReAT

Kaspersky researchers review APT predictions for 2023 and current trends in the advanced threat landscape, and try to predict how it will develop in 2024. Continue reading Advanced threat predictions for 2024→

Stealer for PIX payment system, new Lumar stealer and Rhysida ransomware

Posted on October 24, 2023 by GReAT

In this report, we share our latest crimeware findings: GoPIX targeting PIX payment system; Lumar stealing files and passwords; Rhysida ransomware supporting old Windows. Continue reading Stealer for PIX payment system, new Lumar stealer and Rhysida ransomware→

APT trends report Q3 2023

Posted on October 17, 2023 by GReAT

TetrisPhantom targets government entities in APAC, APT BadRory attacks multiple entities in Russia, new malicious campaign uses well-known Owowa, IIS backdoor and other significant events during Q3 2023 Continue reading APT trends report Q3 2023→

A hack in hand is worth two in the bush

Posted on October 16, 2023 by GReAT

We analyzed the data published by Cyber Av3ngers and found it to be sourced from older leaks by another hacktivist group called Moses Staff. Continue reading A hack in hand is worth two in the bush→

A cryptor, a stealer and a banking trojan

Posted on September 28, 2023 by GReAT

In this report, we share our latest crimeware findings: the ASMCrypt cryptor/loader related to DoubleFinger, a new Lumma stealer and a new version of Zanubis Android banking trojan. Continue reading A cryptor, a stealer and a banking trojan→

What’s happening in the world of crimeware: Emotet, DarkGate and LokiBot

Posted on August 3, 2023 by GReAT

In this report, we share our recent crimeware findings: the new DarkGate loader, new LokiBot campaign and new Emotet version delivered via OneNote. Continue reading What’s happening in the world of crimeware: Emotet, DarkGate and LokiBot→

APT trends report Q2 2023

Posted on July 27, 2023 by GReAT

This is our latest summary of the significant events and findings, focusing on activities that we observed during Q2 2023. Continue reading APT trends report Q2 2023→

Andariel’s silly mistakes and a new malware family

Posted on June 28, 2023 by GReAT

In this crimeware report, Kaspersky researchers provide insights into Andariel’s activity targeting organizations: clumsy commands executed manually, off-the-shelf tools and EasyRat malware. Continue reading Andariel’s silly mistakes and a new malware family→

LockBit Green and phishing that targets organizations

Posted on June 22, 2023 by GReAT

In this crimeware report, Kaspersky researchers provide insights into the Conti-based LockBit Green variant, ransomware samples for macOS, FreeBSD, etc. and phishing campaigns targeting organizations. Continue reading LockBit Green and phishing that targets organizations→