A Glimpse Behind “The Mask”

The world of APTs is a colorful place. In 2012, we uncovered Flame, a massive cyberespionage operation infiltrating computers in the Middle East. Our research indicated a connection with the wellknown Stuxnet cyberweapon, designed to sabotage the Iranian nuclear program.In… Read Full Article

Winnti FAQ. More Than Just a Game

Today Kaspersky Lab’s team of experts published a detailed research report that analyzes a sustained cyberespionage campaign conducted by the cybercriminal organization known as Winnti. According to report, the Winnti group has been attacking companies in the online video game… Read Full Article

The Winnti honeypot – luring intruders

During our research on the Winnti group we have managed to discovered quite a considerable amount of Winnti samples targeting different gaming companies. With the help ofUsing thisat sophisticatedcomplicated malicious program cybercriminals gained remote access to infected workstations and then carried out further they activityed manually. Read Full Article

New 64-bit Linux Rootkit Doing iFrame Injections

A few days ago, an interesting piece of Linux malware came up on the Full Disclosure mailing-list. It’s an outstanding sample, not only because it targets 64-bit Linux platforms and uses advanced techniques to hide itself, but primarily because of the unusual functionality of infecting the websites hosted on attacked HTTP server – and therefore working as a part of drive-by download scenario.

Read Full Article