Malware Technologies – Page 2

How the Necro Trojan infiltrated Google Play, again

Posted on September 23, 2024 by Dmitry Kalinin

Kaspersky experts have discovered a new version of the Necro Trojan, which has attacked tens of thousands of Android devices through Google Play and Spotify and WhatsApp mods. Continue reading How the Necro Trojan infiltrated Google Play, again→

Exotic SambaSpy is now dancing with Italian users

Posted on September 18, 2024 by GReAT

Kaspersky researchers detected a campaign exclusively targeting Italian users by delivering a new RAT dubbed SambaSpy Continue reading Exotic SambaSpy is now dancing with Italian users→

Loki: a new private agent for the popular Mythic framework

Posted on September 9, 2024 by Artem Ushkov

Kaspersky experts have discovered a new version of the Loki agent for the open-source Mythic framework, which uses DLLs to attack Russian companies. Continue reading Loki: a new private agent for the popular Mythic framework→

Tropic Trooper spies on government entities in the Middle East

Posted on September 5, 2024 by Sherif Magdy

Kaspersky experts found a new variant of the China Chopper web shell from the Tropic Trooper group that imitates an Umbraco CMS module and targets a government entity in the Middle East. Continue reading Tropic Trooper spies on government entities in the Middle East→

Mallox ransomware: in-depth analysis and evolution

Posted on September 4, 2024 by Fedor Sinitsyn, Yanis Zinchenko

In this report, we provide an in-depth analysis of the Mallox ransomware, its evolution, ransom strategy, encryption scheme, etc. Continue reading Mallox ransomware: in-depth analysis and evolution→

IT threat evolution in Q2 2024. Non-mobile statistics

Posted on September 3, 2024 by AMR

This report presents statistics on PC threats for Q2 2024, including data on ransomware, miners, threats to macOS and IoT devices. Continue reading IT threat evolution in Q2 2024. Non-mobile statistics→

IT threat evolution Q2 2024

Posted on September 3, 2024 by David Emm

In this report, Kaspersky researchers explore the most significant attacks of Q2 2024 that used a XZ backdoor, the LockBit builder, ShrinkLocker ransomware, etc. Continue reading IT threat evolution Q2 2024→

HZ Rat backdoor for macOS attacks users of China’s DingTalk and WeChat

Posted on August 27, 2024 by Sergey Puzan

Kaspersky experts discovered a macOS version of the HZ Rat backdoor, which collects user data from WeChat and DingTalk messengers. Continue reading HZ Rat backdoor for macOS attacks users of China’s DingTalk and WeChat→

Tusk: unraveling a complex infostealer campaign

Posted on August 15, 2024 by Elsayed Elrefaei, AbdulRhman Alfaifi

Kaspersky researchers discovered Tusk campaign with ongoing activity that uses Danabot and StealC infostealers and clippers to obtain cryptowallet credentials and system data. Continue reading Tusk: unraveling a complex infostealer campaign→

EastWind campaign: new CloudSorcerer attacks on government organizations in Russia

Posted on August 14, 2024 by GReAT

Kaspersky has identified a new EastWind campaign targeting Russian organizations and using CloudSorcerer as well as APT31 and APT27 tools. Continue reading EastWind campaign: new CloudSorcerer attacks on government organizations in Russia→