Windows Malware – WindowsTechs.com

DCRat backdoor returns

Posted on March 11, 2025 by AMR

Kaspersky experts describe a new wave of attacks distributing the DCRat backdoor through YouTube under the guise of game cheats. Continue reading DCRat backdoor returns→

DCRat backdoor returns

Posted on March 11, 2025 by AMR

Kaspersky experts describe a new wave of attacks distributing the DCRat backdoor through YouTube under the guise of game cheats. Continue reading DCRat backdoor returns→

SideWinder targets the maritime and nuclear sectors with an updated toolset

Posted on March 10, 2025 by Giampaolo Dedola, Vasily Berdnikov

In this article, we discuss the tools and TTPs used in the SideWinder APT’s attacks in H2 2024, as well as shifts in its targets, such as an increase in attacks against the maritime and logistics sectors. Continue reading SideWinder targets the maritime and nuclear sectors with an updated toolset→

Trojans disguised as AI: Cybercriminals exploit DeepSeek’s popularity

Posted on March 6, 2025 by

Kaspersky experts have discovered campaigns distributing stealers, malicious PowerShell scripts, and backdoors through web pages mimicking the DeepSeek and Grok websites. Continue reading Trojans disguised as AI: Cybercriminals exploit DeepSeek’s popularity→

Undercover miner: how YouTubers get pressed into distributing SilentCryptoMiner as a restriction bypass tool

Posted on March 5, 2025 by Leonid Bezvershenko, dmitrypikush, Oleg Kupreev

Attackers blackmail YouTubers with complaints and account blocking threats, forcing them to distribute a miner disguised as a bypass tool. Continue reading Undercover miner: how YouTubers get pressed into distributing SilentCryptoMiner as a restriction bypass tool→

The SOC files: Chasing the web shell

Posted on February 28, 2025 by Domenico Caldarella

Kaspersky SOC analysts discuss a recent incident where the well-known Behinder web shell was used as a post-exploitation backdoor, showing how web shells have evolved. Continue reading The SOC files: Chasing the web shell→

Angry Likho: Old beasts in a new forest

Posted on February 21, 2025 by Kaspersky

Kaspersky experts analyze the Angry Likho APT group’s attacks, which use obfuscated AutoIt scripts and the Lumma stealer for data theft. Continue reading Angry Likho: Old beasts in a new forest→

StaryDobry ruins New Year’s Eve, delivering miner instead of presents

Posted on February 18, 2025 by Tatyana Shishkova, Kirill Korchemny

StaryDobry campaign targets gamers with XMRig miner Continue reading StaryDobry ruins New Year’s Eve, delivering miner instead of presents→

One policy to rule them all

Posted on January 31, 2025 by Gleb Ivanov

How cyberattackers exploit group policies, what risks attacks like these pose, and what measures can be taken to protect against such threats. Continue reading One policy to rule them all→

One policy to rule them all

Posted on January 31, 2025 by Gleb Ivanov

How cyberattackers exploit group policies, what risks attacks like these pose, and what measures can be taken to protect against such threats. Continue reading One policy to rule them all→