In this report, Kaspersky researchers discuss propagation methods of several ransomware families, and a vulnerable driver abuse case that may become a trend.

Reports

This is our latest summary of advanced persistent threat (APT) activities, focusing on events that we observed during Q3 2022.

In the second part of this report, we discuss improvements made to the LODEINFO backdoor shellcode in 2022.

The first part of this report will provide technical analysis of the new infection methods such as SFX files and DOWNIISSA, a new downloader shellcode used to deploy the LODEINFO backdoor.

In this report we provide technical analysis of the GamePlayerFramework deployed by an APT we call DiceyF, which is targeting online casinos in Southeast Asia.

Malware reports

Crimeware trends: self-propagation and driver exploitation

IT threat evolution in Q3 2022. Non-mobile statistics

IT threat evolution in Q3 2022. Mobile statistics

IT threat evolution Q3 2022

A look at the 2020–2022 ATM/PoS malware landscape

Uncommon infection and malware propagation methods

IT threat evolution in Q2 2022. Mobile statistics

IT threat evolution in Q2 2022. Non-mobile statistics

IT threat evolution Q2 2022

IT threat evolution in Q1 2022. Mobile statistics

IT threat evolution Q1 2022

IT threat evolution in Q1 2022. Non-mobile statistics

Mobile malware evolution 2021

IT threat evolution in Q3 2021. Mobile statistics

IT threat evolution Q3 2021

Congratulations, you’ve won! The reality behind online lotteries

Keyloggers: How they work and how to detect them (Part 1)

Scammers’ delivery service: exclusively dangerous

Subscribe

Reports

APT trends report Q3 2022

APT10: Tracking down LODEINFO 2022, part II

APT10: Tracking down LODEINFO 2022, part I

DiceyF deploys GamePlayerFramework in online casino development studio

Subscribe to our weekly e-mails