Analysis of Cyber Anarchy Squad attacks targeting Russian and Belarusian organizations

Kaspersky experts analyze attacks by C.A.S, a cybergang that uses uncommon remote access Trojans and posts data about victims in public Telegram channels. Continue reading Analysis of Cyber Anarchy Squad attacks targeting Russian and Belarusian organizations

Horns&Hooves campaign delivers NetSupport RAT and BurnsRAT

Attackers are sending malicious scripts that download the Remote Manipulator System (RMS) build, known as BurnsRAT, and NetSupport RAT Continue reading Horns&Hooves campaign delivers NetSupport RAT and BurnsRAT

IT threat evolution Q3 2024

In this part of the malware report we discuss the most remarkable findings of Q3 2024, including APT and hacktivist attacks, ransomware, stealers, macOS malware and so on. Continue reading IT threat evolution Q3 2024

IT threat evolution Q3 2024

In this part of the malware report we discuss the most remarkable findings of Q3 2024, including APT and hacktivist attacks, ransomware, stealers, macOS malware and so on. Continue reading IT threat evolution Q3 2024

Key Group: another ransomware group using leaked builders

Kaspersky experts studied the activity of Key Group, which utilizes publicly available builders for ransomware and wipers, as well as GitHub and Telegram. Continue reading Key Group: another ransomware group using leaked builders

IT threat evolution Q1 2024

In this report, we review the most significant malware-related events of Q1 2024: the disclosure of the hardware vulnerability used in Operation Triangulation, a lightweight method to detect iOS malware and DinodasRAT Linux implant. Continue reading IT threat evolution Q1 2024

Unveiling NKAbuse: a new multiplatform threat abusing the NKN protocol

We uncovered a novel multiplatform threat named “NKAbuse”. The malware utilizes NKN technology for data exchange between peers, functioning as a potent implant, and equipped with both flooder and backdoor capabilities. Continue reading Unveiling NKAbuse: a new multiplatform threat abusing the NKN protocol

FakeSG campaign, Akira ransomware and AMOS macOS stealer

In this report, we share our latest crimeware findings: FakeSG malware distribution campaign delivering NetSupport RAT, new Conti-like Akira ransomware and AMOS stealer for macOS. Continue reading FakeSG campaign, Akira ransomware and AMOS macOS stealer