Financial threats

Kaspersky assesses last year’s predictions for the financial threat landscape, and tries to anticipate crimeware trends for the coming year 2024.

In this report, we share our latest crimeware findings: the ASMCrypt cryptor/loader related to DoubleFinger, a new Lumma stealer and a new version of Zanubis Android banking trojan.

The article analyzes the malicious tactics, techniques and procedures (TTP) used by the operator of the Cuba ransomware, and details a Cuba attack incident.

The smartphone malware statistics for Q2 2023 includes data for Android malware, adware, banking Trojans and ransomware.

Q2 2023 overview: targeted attacks such as Operation Triangulation, CloudWizard and Lazarus activity, Nokoyawa ransomware, and others.

In September of 2022, multiple security news professionals wrote about and confirmed the leakage of a builder for Lockbit 3 ransomware. In this post we provide the analysis of the builder and recently discovered builds.

What Malware-as-a-Service includes, on what terms cybercriminals offer it, and what malware they most often distribute under this model

Kaspersky researchers share insight into multistage DoubleFinger loader attack delivering GreetingGhoul cryptocurrency stealer and Remcos RAT.

Recent BlueNoroff and Roaming Mantis activities, new APT related to the Russo-Ukrainian conflict, ChatGPT and threat intelligence, malvertising through search engines, cryptocurrency theft campaign and fake Tor browser

On the eve of the global Anti-Ransomware Day, Kaspersky researchers share an overview of the key trends observed among ransomware groups.

In early April, we detected a significant increase in attacks that use banking Trojans of the QBot family (aka QakBot, QuackBot, and Pinkslipbot). The malware would be delivered through e-mails that were based on real business letters the attackers had gotten access to.

This report shines a spotlight on the financial cyberthreat landscape in 2022. We look at phishing threats commonly encountered by users and companies, as well as the dynamics of various Windows and Android-based financial malware.

Clipboard injector malware targeting cryptocurrencies such as Bitcoin, Ethereum, Litecoin, Dogecoin and Monero, is distributed under the guise of Tor Browser.

Statistics on spam and phishing with the key trends in 2022: two-stage spear phishing, hijacking of social network and instant messaging accounts, import substitution, and survey phishing.

Kaspersky discovers three new variants of the Prilex PoS malware capable of blocking contactless NFC transactions on an infected device.