StaryDobry ruins New Year’s Eve, delivering miner instead of presents
StaryDobry campaign targets gamers with XMRig miner Continue reading StaryDobry ruins New Year’s Eve, delivering miner instead of presents
Collaborate Disseminate
StaryDobry campaign targets gamers with XMRig miner Continue reading StaryDobry ruins New Year’s Eve, delivering miner instead of presents
Kaspersky experts discover iOS and Android apps infected with the SparkCat crypto stealer in Google Play and the App Store. It steals crypto wallet data using an OCR model. Continue reading Take my money: OCR crypto stealers in Google Play and App Store
Kaspersky experts discover iOS and Android apps infected with the SparkCat crypto stealer in Google Play and the App Store. It steals crypto wallet data using an OCR model. Continue reading Take my money: OCR crypto stealers in Google Play and App Store
How cyberattackers exploit group policies, what risks attacks like these pose, and what measures can be taken to protect against such threats. Continue reading One policy to rule them all
How cyberattackers exploit group policies, what risks attacks like these pose, and what measures can be taken to protect against such threats. Continue reading One policy to rule them all
Kaspersky GReAT experts discovered a new campaign targeting Android devices in Malaysia and Brunei with the Tria stealer to collect data from apps like WhatsApp and Gmail. Continue reading No need to RSVP: a closer look at the Tria stealer campaign
Kaspersky researchers analyze EAGERBEE backdoor modules, revealing a possible connection to the CoughingDown APT actor. Continue reading EAGERBEE, with updated and novel components, targets the Middle East
We analyze the latest activity by the Cloud Atlas gang. The attacks employ the PowerShower, VBShower and VBCloud modules to download victims’ data with various PowerShell scripts. Continue reading Cloud Atlas seen using a new tool in its attacks
While investigating an incident involving the BellaCiao .NET malware, Kaspersky researchers discovered a C++ version they dubbed “BellaCPP”. Continue reading BellaCPP: Discovering a new BellaCiao variant written in C++
Lazarus targets employees of a nuclear-related organization with a bunch of malware, such as MISTPEN, LPEClient, RollMid, CookieTime and a new modular backdoor CookiePlus. Continue reading Lazarus group evolves its infection chain with old and new malware