Malware Descriptions – Page 2

Key Group: another ransomware group using leaked builders

Posted on October 1, 2024 by Kaspersky

Kaspersky experts studied the activity of Key Group, which utilizes publicly available builders for ransomware and wipers, as well as GitHub and Telegram. Continue reading Key Group: another ransomware group using leaked builders→

From 12 to 21: how we discovered connections between the Twelve and BlackJack groups

Posted on September 25, 2024 by Kaspersky

An investigation of BlackJack’s software, TTPs, and motivations led Kaspersky experts to identify a possible connection with the Twelve group. Continue reading From 12 to 21: how we discovered connections between the Twelve and BlackJack groups→

How the Necro Trojan infiltrated Google Play, again

Posted on September 23, 2024 by Dmitry Kalinin

Kaspersky experts have discovered a new version of the Necro Trojan, which has attacked tens of thousands of Android devices through Google Play and Spotify and WhatsApp mods. Continue reading How the Necro Trojan infiltrated Google Play, again→

-=TWELVE=- is back

Posted on September 20, 2024 by Kaspersky

Analysis of Twelve’s activities using the Unified Kill Chain method: from initial access to deployment of LockBit- and Chaos-based ransomware and wipers. Continue reading -=TWELVE=- is back→

Exotic SambaSpy is now dancing with Italian users

Posted on September 18, 2024 by GReAT

Kaspersky researchers detected a campaign exclusively targeting Italian users by delivering a new RAT dubbed SambaSpy Continue reading Exotic SambaSpy is now dancing with Italian users→

Loki: a new private agent for the popular Mythic framework

Posted on September 9, 2024 by Artem Ushkov

Kaspersky experts have discovered a new version of the Loki agent for the open-source Mythic framework, which uses DLLs to attack Russian companies. Continue reading Loki: a new private agent for the popular Mythic framework→

Tropic Trooper spies on government entities in the Middle East

Posted on September 5, 2024 by Sherif Magdy

Kaspersky experts found a new variant of the China Chopper web shell from the Tropic Trooper group that imitates an Umbraco CMS module and targets a government entity in the Middle East. Continue reading Tropic Trooper spies on government entities in the Middle East→

Mallox ransomware: in-depth analysis and evolution

Posted on September 4, 2024 by Fedor Sinitsyn, Yanis Zinchenko

In this report, we provide an in-depth analysis of the Mallox ransomware, its evolution, ransom strategy, encryption scheme, etc. Continue reading Mallox ransomware: in-depth analysis and evolution→

IT threat evolution in Q2 2024. Non-mobile statistics

Posted on September 3, 2024 by AMR

This report presents statistics on PC threats for Q2 2024, including data on ransomware, miners, threats to macOS and IoT devices. Continue reading IT threat evolution in Q2 2024. Non-mobile statistics→

IT threat evolution Q2 2024

Posted on September 3, 2024 by David Emm

In this report, Kaspersky researchers explore the most significant attacks of Q2 2024 that used a XZ backdoor, the LockBit builder, ShrinkLocker ransomware, etc. Continue reading IT threat evolution Q2 2024→