crimeware – WindowsTechs.com

Сrimeware and financial cyberthreats in 2025

Posted on November 14, 2024 by GReAT

Kaspersky’s GReAT looks back on the 2024 predictions about financial and crimeware threats, and explores potential cybercrime trends for 2025. Continue reading Сrimeware and financial cyberthreats in 2025→

New SteelFox Trojan mimics software activators, stealing sensitive data and mining cryptocurrency

Posted on November 6, 2024 by Kirill Korchemny

Kaspersky experts have discovered a new SteelFox Trojan that mimics popular software like Foxit PDF Editor and JetBrains to spread a stealer-and-miner bundle. Continue reading New SteelFox Trojan mimics software activators, stealing sensitive data and mining cryptocurrency→

Grandoreiro, the global trojan with grandiose ambitions

Posted on October 22, 2024 by GReAT

In this report, Kaspersky experts analyze recent Grandoreiro campaigns, new targets, tricks, and banking trojan versions. Continue reading Grandoreiro, the global trojan with grandiose ambitions→

Stealer here, stealer there, stealers everywhere!

Posted on October 21, 2024 by GReAT

Kaspersky researchers investigated a number of stealer attacks over the past year, and they are now sharing some details on the new Kral stealer, recent AMOS version and Vidar delivering ACR stealer. Continue reading Stealer here, stealer there, stealers everywhere!→

Whispers from the Dark Web Cave. Cyberthreats in the Middle East

Posted on October 14, 2024 by Vera Kholopova, Kaspersky Security Services

The Kaspersky Digital Footprint Intelligence team shares insights into the H1 2024 Middle Eastern cyberthreat landscape: hacktivism, initial access brokers, ransomware, stealers, and so on. Continue reading Whispers from the Dark Web Cave. Cyberthreats in the Middle East→

-=TWELVE=- is back

Posted on September 20, 2024 by Kaspersky

Analysis of Twelve’s activities using the Unified Kill Chain method: from initial access to deployment of LockBit- and Chaos-based ransomware and wipers. Continue reading -=TWELVE=- is back→

Exotic SambaSpy is now dancing with Italian users

Posted on September 18, 2024 by GReAT

Kaspersky researchers detected a campaign exclusively targeting Italian users by delivering a new RAT dubbed SambaSpy Continue reading Exotic SambaSpy is now dancing with Italian users→

Mallox ransomware: in-depth analysis and evolution

Posted on September 4, 2024 by Fedor Sinitsyn, Yanis Zinchenko

In this report, we provide an in-depth analysis of the Mallox ransomware, its evolution, ransom strategy, encryption scheme, etc. Continue reading Mallox ransomware: in-depth analysis and evolution→

Head Mare: adventures of a unicorn in Russia and Belarus

Posted on September 2, 2024 by Kaspersky

Analysis of the hacktivist group Head Mare targeting companies in Russia and Belarus: exploitation of WinRAR vulnerability, custom tools PhantomDL and PhantomCore. Continue reading Head Mare: adventures of a unicorn in Russia and Belarus→

Stealers, stealers and more stealers

Posted on May 22, 2024 by GReAT

In this report, we discuss two new stealers: Acrid and ScarletStealer, and an evolution of the known Sys01 stealer, with the latter two dividing stealer functionality across several modules. Continue reading Stealers, stealers and more stealers→