Take my money: OCR crypto stealers in Google Play and App Store

Kaspersky experts discover iOS and Android apps infected with the SparkCat crypto stealer in Google Play and the App Store. It steals crypto wallet data using an OCR model. Continue reading Take my money: OCR crypto stealers in Google Play and App Store

Take my money: OCR crypto stealers in Google Play and App Store

Kaspersky experts discover iOS and Android apps infected with the SparkCat crypto stealer in Google Play and the App Store. It steals crypto wallet data using an OCR model. Continue reading Take my money: OCR crypto stealers in Google Play and App Store

No need to RSVP: a closer look at the Tria stealer campaign

Kaspersky GReAT experts discovered a new campaign targeting Android devices in Malaysia and Brunei with the Tria stealer to collect data from apps like WhatsApp and Gmail. Continue reading No need to RSVP: a closer look at the Tria stealer campaign

EAGERBEE, with updated and novel components, targets the Middle East

Kaspersky researchers analyze EAGERBEE backdoor modules, revealing a possible connection to the CoughingDown APT actor. Continue reading EAGERBEE, with updated and novel components, targets the Middle East

Cloud Atlas seen using a new tool in its attacks

We analyze the latest activity by the Cloud Atlas gang. The attacks employ the PowerShower, VBShower and VBCloud modules to download victims’ data with various PowerShell scripts. Continue reading Cloud Atlas seen using a new tool in its attacks

Lazarus group evolves its infection chain with old and new malware

Lazarus targets employees of a nuclear-related organization with a bunch of malware, such as MISTPEN, LPEClient, RollMid, CookieTime and a new modular backdoor CookiePlus. Continue reading Lazarus group evolves its infection chain with old and new malware