Darkhotel’s attacks in 2015

In 2015, many of Darkhotel’s techniques and activities remain in use. However, in addition to new variants of malicious .hta, we find new victims, .rar attachments with RTLO spearphishing, and the deployment of a 0day from Hacking Team. Read Full Article

The Darkhotel APT

For the past seven years, a strong threat actor named Darkhotel, also known as Tapaoux, has carried out a number of successful attacks against a wide range of victims from around the world. It employs methods and techniques which go well beyond typical cybercriminal behavior. Read Full Article

“El Machete”

“Machete” is a targeted attack campaign with Spanish speaking roots. Most of the victims are located in Venezuela, Ecuador, Colombia, Peru, Russia, Cuba, and Spain. Targets include high-level profiles, including intelligence services, military, embassies and government institutions. Read Full Article

A Glimpse Behind “The Mask”

The world of APTs is a colorful place. In 2012, we uncovered Flame, a massive cyberespionage operation infiltrating computers in the Middle East. Our research indicated a connection with the wellknown Stuxnet cyberweapon, designed to sabotage the Iranian nuclear program.In… Read Full Article

Winnti FAQ. More Than Just a Game

Today Kaspersky Lab’s team of experts published a detailed research report that analyzes a sustained cyberespionage campaign conducted by the cybercriminal organization known as Winnti. According to report, the Winnti group has been attacking companies in the online video game… Read Full Article