RAT Trojan – WindowsTechs.com

Android malware, Android malware and more Android malware

Posted on March 20, 2024 by GReAT

In this report, we share our latest Android malware findings: the Tambir spyware, Dwphon downloader and Gigabud banking Trojan. Continue reading Android malware, Android malware and more Android malware→

Android malware, Android malware and more Android malware

Posted on March 20, 2024 by GReAT

Unveiling NKAbuse: a new multiplatform threat abusing the NKN protocol

Posted on December 14, 2023 by Kaspersky GERT, GReAT

We uncovered a novel multiplatform threat named “NKAbuse”. The malware utilizes NKN technology for data exchange between peers, functioning as a potent implant, and equipped with both flooder and backdoor capabilities. Continue reading Unveiling NKAbuse: a new multiplatform threat abusing the NKN protocol→

FakeSG campaign, Akira ransomware and AMOS macOS stealer

Posted on December 13, 2023 by GReAT

In this report, we share our latest crimeware findings: FakeSG malware distribution campaign delivering NetSupport RAT, new Conti-like Akira ransomware and AMOS stealer for macOS. Continue reading FakeSG campaign, Akira ransomware and AMOS macOS stealer→

APT trends report Q3 2023

Posted on October 17, 2023 by GReAT

TetrisPhantom targets government entities in APAC, APT BadRory attacks multiple entities in Russia, new malicious campaign uses well-known Owowa, IIS backdoor and other significant events during Q3 2023 Continue reading APT trends report Q3 2023→

Andariel’s silly mistakes and a new malware family

Posted on June 28, 2023 by GReAT

In this crimeware report, Kaspersky researchers provide insights into Andariel’s activity targeting organizations: clumsy commands executed manually, off-the-shelf tools and EasyRat malware. Continue reading Andariel’s silly mistakes and a new malware family→

Sneaky DoubleFinger loads GreetingGhoul targeting your cryptocurrency

Posted on June 12, 2023 by GReAT, Sergey Lozhkin

Kaspersky researchers share insight into multistage DoubleFinger loader attack delivering GreetingGhoul cryptocurrency stealer and Remcos RAT. Continue reading Sneaky DoubleFinger loads GreetingGhoul targeting your cryptocurrency→

Tomiris called, they want their Turla malware back

Posted on April 24, 2023 by Pierre Delcher, Ivan Kwiatkowski

We continued to track Tomiris as a separate threat actor over three new attack campaigns between 2021 and 2023, and our telemetry allowed us to shed light on the group. In this blog post, we’re excited to share what we now know of Tomiris with the broader community, and discuss further evidence of a possible connection to Turla. Continue reading Tomiris called, they want their Turla malware back→

IT threat evolution Q3 2022

Posted on November 18, 2022 by David Emm

Recent APT campaigns, a sophisticated UEFI rootkit, new ransomware for Windows, Linux and ESXi, attacks on foreign and crypto-currency exchanges, and malicious packages in online code repositories. Continue reading IT threat evolution Q3 2022→

APT trends report Q3 2022

Posted on November 1, 2022 by GReAT

This is our latest summary of advanced persistent threat (APT) activities, focusing on events that we observed during Q3 2022. Continue reading APT trends report Q3 2022→