Statistics on spam and phishing with the key trends in 2021: investment scams, fake streaming websites, theft of corporate credentials and COVID-19.

Reports

This is our latest summary of advanced persistent threat (APT) activity, focusing on events that we observed during Q1 2022.

We recently discovered a Trojanized DeFi application that was compiled in November 2021. This application contains a legitimate program called DeFi Wallet that saves and manages a cryptocurrency wallet, but also implants a full-featured backdoor.

At the end of 2021, we inspected UEFI firmware that was tampered with to embed a malicious code we dub MoonBounce. In this report we describe how the MoonBounce implant works and how it is connected to APT41.

It appears that BlueNoroff shifted focus from hitting banks and SWIFT-connected servers to solely cryptocurrency businesses as the main source of the group’s illegal income.

Spam and phishing reports

Spam and phishing in 2021

Spam and phishing in Q3 2021

Spam and phishing in Q2 2021

Spam and phishing in Q1 2021

Spam and phishing in 2020

Spam and phishing in Q3 2020

Spam and phishing in Q2 2020

Spam and phishing in Q1 2020

Spam and phishing in 2019

Spam and phishing in Q3 2019

Spam and phishing in Q2 2019

Spam and phishing in Q1 2019

Spam and phishing in 2018

Spam and phishing in Q3 2018

Spam and phishing in Q2 2018

Congratulations, you’ve won! The reality behind online lotteries

Keyloggers: How they work and how to detect them (Part 1)

Scammers’ delivery service: exclusively dangerous

Subscribe

Reports

APT trends report Q1 2022

Lazarus Trojanized DeFi app for delivering malware

MoonBounce: the dark side of UEFI firmware

The BlueNoroff cryptocurrency hunt is still on

Subscribe to our weekly e-mails