According to Kaspersky Security Network, in Q1 2022 516,617 mobile malware installation packages were detected, of which 53,947 packages were related to mobile banking trojans, and 1,942 packages were mobile ransomware trojans.

Reports

In early 2022, we investigated an IIS backdoor called SessionManager. It has been used against NGOs, government, military and industrial organizations in Africa, South America, Asia, Europe, Russia and the Middle East.

ToddyCat is a relatively new APT actor responsible for multiple sets of attacks against high-profile entities in Europe and Asia. Its main distinctive signs are two formerly unknown tools that we call ‘Samurai backdoor’ and ‘Ninja Trojan’.

We have discovered that malware dubbed WinDealer, spread by Chinese-speaking APT actor LuoYu, has an ability to perform intrusions through a man-on-the-side attack.

This is our latest summary of advanced persistent threat (APT) activity, focusing on events that we observed during Q1 2022.

Malware reports

IT threat evolution in Q1 2022. Mobile statistics

IT threat evolution Q1 2022

IT threat evolution in Q1 2022. Non-mobile statistics

Mobile malware evolution 2021

IT threat evolution in Q3 2021. Mobile statistics

IT threat evolution Q3 2021

IT threat evolution in Q3 2021. PC statistics

IT threat evolution Q2 2021

IT threat evolution in Q2 2021. Mobile statistics

IT threat evolution in Q2 2021. PC statistics

IT threat evolution Q1 2021

IT threat evolution Q1 2021. Mobile statistics

IT threat evolution Q1 2021. Non-mobile statistics

Ransomware by the numbers: Reassessing the threat’s global impact

Mobile malware evolution 2020

Congratulations, you’ve won! The reality behind online lotteries

Keyloggers: How they work and how to detect them (Part 1)

Scammers’ delivery service: exclusively dangerous

Subscribe

Reports

The SessionManager IIS backdoor

APT ToddyCat

WinDealer dealing on the side

APT trends report Q1 2022

Subscribe to our weekly e-mails