Malware Descriptions – Page 3

HZ Rat backdoor for macOS attacks users of China’s DingTalk and WeChat

Posted on August 27, 2024 by Sergey Puzan

Kaspersky experts discovered a macOS version of the HZ Rat backdoor, which collects user data from WeChat and DingTalk messengers. Continue reading HZ Rat backdoor for macOS attacks users of China’s DingTalk and WeChat→

Tusk: unraveling a complex infostealer campaign

Posted on August 15, 2024 by Elsayed Elrefaei, AbdulRhman Alfaifi

Kaspersky researchers discovered Tusk campaign with ongoing activity that uses Danabot and StealC infostealers and clippers to obtain cryptowallet credentials and system data. Continue reading Tusk: unraveling a complex infostealer campaign→

EastWind campaign: new CloudSorcerer attacks on government organizations in Russia

Posted on August 14, 2024 by GReAT

Kaspersky has identified a new EastWind campaign targeting Russian organizations and using CloudSorcerer as well as APT31 and APT27 tools. Continue reading EastWind campaign: new CloudSorcerer attacks on government organizations in Russia→

LianSpy: new Android spyware targeting Russian users

Posted on August 5, 2024 by Dmitry Kalinin

Previously unknown spyware LianSpy targets Android devices by exploiting root privileges to steal data and leveraging Yandex Disk cloud service as C2. Continue reading LianSpy: new Android spyware targeting Russian users→

How “professional” ransomware variants boost cybercrime groups

Posted on August 1, 2024 by GReAT

Kaspersky researchers investigated three ransomware groups that tapped newly built malware samples based on Babuk, Lockbit, Chaos and others, while lacking professional resources. Continue reading How “professional” ransomware variants boost cybercrime groups→

Mandrake spyware sneaks onto Google Play again, flying under the radar for two years

Posted on July 29, 2024 by Tatyana Shishkova, Igor Golovin

Mandrake spyware threat actors resume attacks with new functionality targeting Android devices while being publicly available on Google Play. Continue reading Mandrake spyware sneaks onto Google Play again, flying under the radar for two years→

XZ backdoor: Hook analysis

Posted on June 24, 2024 by Anderson Leite, Sergey Belov

In this article, we analyze XZ backdoor behavior inside OpenSSH, after it has achieved RSA-related function hook. Continue reading XZ backdoor: Hook analysis→

IT threat evolution in Q1 2024. Mobile statistics

Posted on June 3, 2024 by Anton Kivva

Mobile malware statistics for Q1 2024: most common threats for Android, mobile banking Trojans, and ransomware Trojans. Continue reading IT threat evolution in Q1 2024. Mobile statistics→

IT threat evolution Q1 2024

Posted on June 3, 2024 by David Emm

In this report, we review the most significant malware-related events of Q1 2024: the disclosure of the hardware vulnerability used in Operation Triangulation, a lightweight method to detect iOS malware and DinodasRAT Linux implant. Continue reading IT threat evolution Q1 2024→

IT threat evolution in Q1 2024. Non-mobile statistics

Posted on June 3, 2024 by AMR

In this report, Kaspersky shares non-mobile malware statistics for Q1 2024, including ransomware, miner and macOS malware statistics. Continue reading IT threat evolution in Q1 2024. Non-mobile statistics→