Trojan-stealer – Page 2 – WindowsTechs.com

Stealer for PIX payment system, new Lumar stealer and Rhysida ransomware

Posted on October 24, 2023 by GReAT

In this report, we share our latest crimeware findings: GoPIX targeting PIX payment system; Lumar stealing files and passwords; Rhysida ransomware supporting old Windows. Continue reading Stealer for PIX payment system, new Lumar stealer and Rhysida ransomware→

A cryptor, a stealer and a banking trojan

Posted on September 28, 2023 by GReAT

In this report, we share our latest crimeware findings: the ASMCrypt cryptor/loader related to DoubleFinger, a new Lumma stealer and a new version of Zanubis Android banking trojan. Continue reading A cryptor, a stealer and a banking trojan→

Free Download Manager backdoored – a possible supply chain attack on Linux machines

Posted on September 12, 2023 by Georgy Kucherin, Leonid Bezvershenko

Kaspersky researchers analyzed a Linux backdoor disguised as Free Download Manager software that remained under the radar for at least three years. Continue reading Free Download Manager backdoored – a possible supply chain attack on Linux machines→

What’s happening in the world of crimeware: Emotet, DarkGate and LokiBot

Posted on August 3, 2023 by GReAT

In this report, we share our recent crimeware findings: the new DarkGate loader, new LokiBot campaign and new Emotet version delivered via OneNote. Continue reading What’s happening in the world of crimeware: Emotet, DarkGate and LokiBot→

Understanding Malware-as-a-Service

Posted on June 15, 2023 by Kaspersky Security Services, Alexander Zabrovsky

What Malware-as-a-Service includes, on what terms cybercriminals offer it, and what malware they most often distribute under this model Continue reading Understanding Malware-as-a-Service→

Sneaky DoubleFinger loads GreetingGhoul targeting your cryptocurrency

Posted on June 12, 2023 by GReAT, Sergey Lozhkin

Kaspersky researchers share insight into multistage DoubleFinger loader attack delivering GreetingGhoul cryptocurrency stealer and Remcos RAT. Continue reading Sneaky DoubleFinger loads GreetingGhoul targeting your cryptocurrency→

Uncommon infection methods—part 2

Posted on April 13, 2023 by GReAT

Kaspersky researchers discuss infection methods used by Mirai-based RapperBot, Rhadamantys stealer, and CUEMiner: smart brute forcing, malvertising, and distribution through BitTorrent and OneDrive. Continue reading Uncommon infection methods—part 2→

Malvertising through search engines

Posted on March 9, 2023 by Victoria Vlasova, Haim Zigel, Ilya Tyunkin

Kaspersky observes a growth in malvertising activity that exploits Google search ads to promote fake software websites that deliver stealers, such as RedLine and Rhadamantys. Continue reading Malvertising through search engines→

Crimeware and financial cyberthreats in 2023

Posted on November 22, 2022 by Kaspersky

This report assesses how accurately we predicted the developments in the financial threats landscape in 2022 and ponder at what to expect in 2023. Continue reading Crimeware and financial cyberthreats in 2023→

NullMixer: oodles of Trojans in a single dropper

Posted on September 26, 2022 by Haim Zigel, Oleg Kupreev, Artem Ushkov

NullMixer is a dropper delivering a number of Trojans, such as RedLine Stealer, SmokeLoader, Satacom, and others. Continue reading NullMixer: oodles of Trojans in a single dropper→