Windows Malware – Page 2 – WindowsTechs.com

IT threat evolution Q3 2024

Posted on November 29, 2024 by David Emm

In this part of the malware report we discuss the most remarkable findings of Q3 2024, including APT and hacktivist attacks, ransomware, stealers, macOS malware and so on. Continue reading IT threat evolution Q3 2024→

Analysis of Elpaco: a Mimic variant

Posted on November 26, 2024 by Cristian Souza, Timofey Ezhov, Eduardo Ovalle, Ashley Muñoz

Kaspersky experts describe an Elpaco ransomware sample, a Mimic variant, which abuses the Everything search system for Windows and provides custom features via a GUI. Continue reading Analysis of Elpaco: a Mimic variant→

Scammer Black Friday offers: Online shopping threats and dark web sales

Posted on November 19, 2024 by Kaspersky

Kaspersky experts share their insights into cyberthreats that face online shoppers in 2024: phishing, banking trojans, fake shopping apps and Black Friday sales on the dark web data market. Continue reading Scammer Black Friday offers: Online shopping threats and dark web sales→

Ymir: new stealthy ransomware in the wild

Posted on November 11, 2024 by Cristian Souza, Ashley Muñoz, Eduardo Ovalle

Kaspersky GERT experts have discovered in Colombia new Ymir ransomware, which uses RustyStealer for initial access and the qTox client for communication with its victims. Continue reading Ymir: new stealthy ransomware in the wild→

QSC: A multi-plugin framework used by CloudComputating group in cyberespionage campaigns

Posted on November 8, 2024 by Saurabh Sharma

Kaspersky shares details on QSC modular cyberespionage framework, which appears to be linked to CloudComputating group campaigns. Continue reading QSC: A multi-plugin framework used by CloudComputating group in cyberespionage campaigns→

New SteelFox Trojan mimics software activators, stealing sensitive data and mining cryptocurrency

Posted on November 6, 2024 by Kirill Korchemny

Kaspersky experts have discovered a new SteelFox Trojan that mimics popular software like Foxit PDF Editor and JetBrains to spread a stealer-and-miner bundle. Continue reading New SteelFox Trojan mimics software activators, stealing sensitive data and mining cryptocurrency→

Lumma/Amadey: fake CAPTCHAs want to know if you’re human

Posted on October 29, 2024 by Vasily Kolesnikov

Malicious CAPTCHA distributed through ad networks delivers the Amadey Trojan or the Lumma stealer, which pilfers data from browsers, password managers, and crypto wallets. Continue reading Lumma/Amadey: fake CAPTCHAs want to know if you’re human→

Stealer here, stealer there, stealers everywhere!

Posted on October 21, 2024 by GReAT

Kaspersky researchers investigated a number of stealer attacks over the past year, and they are now sharing some details on the new Kral stealer, recent AMOS version and Vidar delivering ACR stealer. Continue reading Stealer here, stealer there, stealers everywhere!→

Analysis of the Crypt Ghouls group: continuing the investigation into a series of attacks on Russia

Posted on October 18, 2024 by Kaspersky

A close look at the utilities, techniques, and infrastructure used by the hacktivist group Crypt Ghouls has revealed links to groups such as Twelve, BlackJack, etc. Continue reading Analysis of the Crypt Ghouls group: continuing the investigation into a series of attacks on Russia→

Awaken Likho is awake: new techniques of an APT group

Posted on October 7, 2024 by Kaspersky

Kaspersky experts have discovered a new version of the APT Awaken Likho RAT Trojan, which uses AutoIt scripts and the MeshCentral system to target Russian organizations. Continue reading Awaken Likho is awake: new techniques of an APT group→