RAT Trojan – WindowsTechs.com

Key Group: another ransomware group using leaked builders

Posted on October 1, 2024 by Kaspersky

Kaspersky experts studied the activity of Key Group, which utilizes publicly available builders for ransomware and wipers, as well as GitHub and Telegram. Continue reading Key Group: another ransomware group using leaked builders→

IT threat evolution Q1 2024

Posted on June 3, 2024 by David Emm

In this report, we review the most significant malware-related events of Q1 2024: the disclosure of the hardware vulnerability used in Operation Triangulation, a lightweight method to detect iOS malware and DinodasRAT Linux implant. Continue reading IT threat evolution Q1 2024→

Android malware, Android malware and more Android malware

Posted on March 20, 2024 by GReAT

In this report, we share our latest Android malware findings: the Tambir spyware, Dwphon downloader and Gigabud banking Trojan. Continue reading Android malware, Android malware and more Android malware→

Android malware, Android malware and more Android malware

Posted on March 20, 2024 by GReAT

Unveiling NKAbuse: a new multiplatform threat abusing the NKN protocol

Posted on December 14, 2023 by Kaspersky GERT, GReAT

We uncovered a novel multiplatform threat named “NKAbuse”. The malware utilizes NKN technology for data exchange between peers, functioning as a potent implant, and equipped with both flooder and backdoor capabilities. Continue reading Unveiling NKAbuse: a new multiplatform threat abusing the NKN protocol→

FakeSG campaign, Akira ransomware and AMOS macOS stealer

Posted on December 13, 2023 by GReAT

In this report, we share our latest crimeware findings: FakeSG malware distribution campaign delivering NetSupport RAT, new Conti-like Akira ransomware and AMOS stealer for macOS. Continue reading FakeSG campaign, Akira ransomware and AMOS macOS stealer→

APT trends report Q3 2023

Posted on October 17, 2023 by GReAT

TetrisPhantom targets government entities in APAC, APT BadRory attacks multiple entities in Russia, new malicious campaign uses well-known Owowa, IIS backdoor and other significant events during Q3 2023 Continue reading APT trends report Q3 2023→

Andariel’s silly mistakes and a new malware family

Posted on June 28, 2023 by GReAT

In this crimeware report, Kaspersky researchers provide insights into Andariel’s activity targeting organizations: clumsy commands executed manually, off-the-shelf tools and EasyRat malware. Continue reading Andariel’s silly mistakes and a new malware family→

Sneaky DoubleFinger loads GreetingGhoul targeting your cryptocurrency

Posted on June 12, 2023 by GReAT, Sergey Lozhkin

Kaspersky researchers share insight into multistage DoubleFinger loader attack delivering GreetingGhoul cryptocurrency stealer and Remcos RAT. Continue reading Sneaky DoubleFinger loads GreetingGhoul targeting your cryptocurrency→

Tomiris called, they want their Turla malware back

Posted on April 24, 2023 by Pierre Delcher, Ivan Kwiatkowski

We continued to track Tomiris as a separate threat actor over three new attack campaigns between 2021 and 2023, and our telemetry allowed us to shed light on the group. In this blog post, we’re excited to share what we now know of Tomiris with the broader community, and discuss further evidence of a possible connection to Turla. Continue reading Tomiris called, they want their Turla malware back→