Malware Technologies – Page 9

Malvertising through search engines

Posted on March 9, 2023 by Victoria Vlasova, Haim Zigel, Ilya Tyunkin

Kaspersky observes a growth in malvertising activity that exploits Google search ads to promote fake software websites that deliver stealers, such as RedLine and Rhadamantys. Continue reading Malvertising through search engines→

The mobile malware threat landscape in 2022

Posted on February 27, 2023 by Tatyana Shishkova

Android threat report by Kaspersky for 2022: malware on Google Play and inside the Vidmate in-app store, mobile malware statistics. Continue reading The mobile malware threat landscape in 2022→

Prilex modification now targeting contactless credit card transactions

Posted on January 31, 2023 by GReAT

Kaspersky discovers three new variants of the Prilex PoS malware capable of blocking contactless NFC transactions on an infected device. Continue reading Prilex modification now targeting contactless credit card transactions→

Roaming Mantis implements new DNS changer in its malicious mobile app in 2022

Posted on January 19, 2023 by GReAT

Roaming Mantis (a.k.a Shaoye) is a long-term cyberattack campaign that uses malicious Android package (APK) files to control infected Android devices and steal data. In 2022, we observed a DNS changer function implemented in its Android malware Wroba.o. Continue reading Roaming Mantis implements new DNS changer in its malicious mobile app in 2022→

BlueNoroff introduces new methods bypassing MoTW

Posted on December 27, 2022 by Seongsu Park

We continue to track the BlueNoroff group’s activities and this October we observed the adoption of new malware strains in its arsenal. Continue reading BlueNoroff introduces new methods bypassing MoTW→

Ransomware and wiper signed with stolen certificates

Posted on December 22, 2022 by Mohamad Amin Hasbini

In this report, we compare the ROADSWEEP ransomware and ZEROCLEARE wiper versions used in two waves of attacks against Albanian government organizations. Continue reading Ransomware and wiper signed with stolen certificates→

DeathStalker targets legal entities with new Janicab variant

Posted on December 8, 2022 by GReAT

While hunting for less common Deathstalker intrusions, we identified a new Janicab variant used in targeting legal entities in the Middle East throughout 2020. Continue reading DeathStalker targets legal entities with new Janicab variant→

If one sheep leaps over the ditch…

Posted on December 5, 2022 by GReAT

In this report, Kaspersky researchers discuss propagation methods of several ransomware families, and a vulnerable driver abuse case that may become a trend. Continue reading If one sheep leaps over the ditch…→

DTrack activity targeting Europe and Latin America

Posted on November 15, 2022 by Konstantin Zykov, Jornt van der Wiel

In recent campaigns DTrack targets organizations in Europe and Latin America, and uses more delivery stages. Continue reading DTrack activity targeting Europe and Latin America→

Server-side attacks, C&C in public clouds and other MDR cases we observed

Posted on November 2, 2022 by Sergey Soldatov

This report describes several interesting incidents observed by the Kaspersky Managed Detection and Response (MDR) team. We hope that it helps you to stay up to date on the modern threat landscape and to be better prepared for attacks. Continue reading Server-side attacks, C&C in public clouds and other MDR cases we observed→