
Malware evolution: January – July 2007
This half-year report examines changes in malware compared with to the second half of 2006.
In this article, we discuss the tools and TTPs used in the SideWinder APT’s attacks in H2 2024, as well as shifts in its targets, such as an increase in attacks against the maritime and logistics sectors.
Kaspersky researchers analyze EAGERBEE backdoor modules, revealing a possible connection to the CoughingDown APT actor.
While investigating an incident involving the BellaCiao .NET malware, Kaspersky researchers discovered a C++ version they dubbed “BellaCPP”.
Lazarus targets employees of a nuclear-related organization with a bunch of malware, such as MISTPEN, LPEClient, RollMid, CookieTime and a new modular backdoor CookiePlus.