Malware Technologies – WindowsTechs.com

BellaCPP: Discovering a new BellaCiao variant written in C++

Posted on December 20, 2024 by Mert Degirmenci

While investigating an incident involving the BellaCiao .NET malware, Kaspersky researchers discovered a C++ version they dubbed “BellaCPP”. Continue reading BellaCPP: Discovering a new BellaCiao variant written in C++→

Lazarus group evolves its infection chain with old and new malware

Posted on December 19, 2024 by Vasily Berdnikov, Sojun Ryu

Lazarus targets employees of a nuclear-related organization with a bunch of malware, such as MISTPEN, LPEClient, RollMid, CookieTime and a new modular backdoor CookiePlus. Continue reading Lazarus group evolves its infection chain with old and new malware→

Analysis of Cyber Anarchy Squad attacks targeting Russian and Belarusian organizations

Posted on December 18, 2024 by Kaspersky

Kaspersky experts analyze attacks by C.A.S, a cybergang that uses uncommon remote access Trojans and posts data about victims in public Telegram channels. Continue reading Analysis of Cyber Anarchy Squad attacks targeting Russian and Belarusian organizations→

Download a banker to track your parcel

Posted on December 17, 2024 by Dmitry Kalinin

The Mamont banking trojan is spreading under the guise of a parcel-tracking app for fake stores claiming to offer goods at wholesale prices. Continue reading Download a banker to track your parcel→

Horns&Hooves campaign delivers NetSupport RAT and BurnsRAT

Posted on December 2, 2024 by Artem Ushkov

Attackers are sending malicious scripts that download the Remote Manipulator System (RMS) build, known as BurnsRAT, and NetSupport RAT Continue reading Horns&Hooves campaign delivers NetSupport RAT and BurnsRAT→

IT threat evolution Q3 2024

Posted on November 29, 2024 by David Emm

In this part of the malware report we discuss the most remarkable findings of Q3 2024, including APT and hacktivist attacks, ransomware, stealers, macOS malware and so on. Continue reading IT threat evolution Q3 2024→

IT threat evolution Q3 2024

Posted on November 29, 2024 by David Emm

Analysis of Elpaco: a Mimic variant

Posted on November 26, 2024 by Cristian Souza, Timofey Ezhov, Eduardo Ovalle, Ashley Muñoz

Kaspersky experts describe an Elpaco ransomware sample, a Mimic variant, which abuses the Everything search system for Windows and provides custom features via a GUI. Continue reading Analysis of Elpaco: a Mimic variant→

Ymir: new stealthy ransomware in the wild

Posted on November 11, 2024 by Cristian Souza, Ashley Muñoz, Eduardo Ovalle

Kaspersky GERT experts have discovered in Colombia new Ymir ransomware, which uses RustyStealer for initial access and the qTox client for communication with its victims. Continue reading Ymir: new stealthy ransomware in the wild→

QSC: A multi-plugin framework used by CloudComputating group in cyberespionage campaigns

Posted on November 8, 2024 by Saurabh Sharma

Kaspersky shares details on QSC modular cyberespionage framework, which appears to be linked to CloudComputating group campaigns. Continue reading QSC: A multi-plugin framework used by CloudComputating group in cyberespionage campaigns→