As researchers we interesting in developmental prototypes of malware that have had limited distribution or not even occurred in the wild. We recently came across one such sample: a macOS backdoor that we named Calisto. Read Full Article
IoT lottery: finding a perfectly secure connected device
Being enthusiastic shoppers just like many other people around the world, at Kaspersky Lab we are, however paranoid enough to look at any Internet of Things (IoT)-device with some concern, even when the price is favorable. So we randomly took several different connected devices and reviewed their security set up. Read Full Article
Dangerous liaisons
We took the most popular dating apps and analyzed what sort of user data they were capable of handing over to criminals and under what conditions. Read Full Article
Honeypots and the Internet of Things
According to Gartner, there are currently over 6 billion IoT devices on the planet. Such a huge number of potentially vulnerable gadgets could not possibly go unnoticed by cybercriminals. As of May 2017, Kaspersky Lab’s collections included several thousand different malware samples for IoT devices, about half of which were detected in 2017. Read Full Article
SambaCry is coming
Not long ago, news appeared online of a younger sibling for the sensational vulnerability EternalBlue. The story was about a new vulnerability for *nix-based systems – EternalRed (aka SambaCry). On May 30th our honeypots captured the first attack to make use of this particular vulnerability, but the payload in this exploit had nothing in common with the Trojan-Crypt that was EternalBlue and WannaCry. Read Full Article
Mobile apps and stealing a connected car
The concept of a connected car, or a car equipped with Internet access, has been gaining popularity for the last several years. By using proprietary mobile apps, it is possible to get some useful features, but if a car thief were to gain access to the mobile device that belongs to a victim that has the app installed, then would car theft not become a mere trifle? Read Full Article
Good morning Android!
We encountered a gratuitous act of violence against Android users. By simply viewing their favorite news sites over their morning coffee users can end up downloading last-browser-update.apk, a banking Trojan detected by Kaspersky Lab solutions as Trojan-Banker.AndroidOS.Svpeng.q. Read Full Article
Attack on Zygote: a new twist in the evolution of mobile threats
Applications that gain root access to a mobile device without the user’s knowledge can provide access to much more advanced and dangerous malware, in particular, to Triada, the most sophisticated mobile Trojans we know. Read Full Article
The Ventir Trojan: assemble your MacOS spy
We got an interesting file for analysis a short while ago. It turned out to be a sample of modular malware for MacOS X. Read Full Article
Versatile DDoS Trojan for Linux
In February 2014, an article was published on a popular Russian IT website under a curious title – Studying the BillGates Linux Botnet. It described a Trojan with sufficiently versatile DDoS functionality. The capability that we found the most interesting… Read Full Article