Financial threats

Kaspersky shares insights into the activity and TTPs of the BlindEagle APT, which targets organizations and individuals in Colombia, Ecuador, Chile, Panama and other Latin American countries.

Kaspersky researchers discovered Tusk campaign with ongoing activity that uses Danabot and StealC infostealers and clippers to obtain cryptowallet credentials and system data.

Here’s how scams target buyers and sellers on online message boards, and how the gangs behind them operate.

As Anti-Ransomware Day approaches, Kaspersky shares insights into the ransomware threat landscape and trends in 2023, and recent anti-ransomware activities by governments and law enforcement.

In this report, we share our insights into the 2023 trends and statistics on financial threats, such as phishing, PC and mobile banking malware.

We review the new mobile Trojan banker SoumniBot, which exploits bugs in the Android manifest parser to dodge analysis and detection.

We will delve into the workings of the infection chain and explore the capabilities of the new Trojan that specifically targets users of more than 60 banking institutions, mainly from Brazil.

An overview of last year’s predictions for corporate and dark web threats and our predictions for 2024.

Key statistics for 2023: ransomware, trojan bankers, miners and other financial malware, zero-day vulnerabilities and exploits, web attacks, threats for macOS and IoT.

Kaspersky assesses last year’s predictions for the financial threat landscape, and tries to anticipate crimeware trends for the coming year 2024.

In this report, we share our latest crimeware findings: the ASMCrypt cryptor/loader related to DoubleFinger, a new Lumma stealer and a new version of Zanubis Android banking trojan.

The article analyzes the malicious tactics, techniques and procedures (TTP) used by the operator of the Cuba ransomware, and details a Cuba attack incident.

The smartphone malware statistics for Q2 2023 includes data for Android malware, adware, banking Trojans and ransomware.

Q2 2023 overview: targeted attacks such as Operation Triangulation, CloudWizard and Lazarus activity, Nokoyawa ransomware, and others.

In September of 2022, multiple security news professionals wrote about and confirmed the leakage of a builder for Lockbit 3 ransomware. In this post we provide the analysis of the builder and recently discovered builds.