Threat Category: Mobile threats | Page 2

In this report, Kaspersky shares statistics on stalkerware detections, as well as insights into the impact of digital stalking in 2023 and the beginning of 2024, and advice for those affected.

This report details statistics and key trends associated with mobile malware: Google Play Trojans, malicious messaging app mods, and others.

Analyzing Shutdown.log file as a lightweight method to detect indicators of infection with sophisticated iOS malware such as Pegasus, Reign and Predator.

Mobile threat statistics for Q3 2023 include data on malware, adware, banking Trojans and ransomware for Android devices.

Attacks on a critical infrastructure target in South Africa, supply-chain attack on Linux machines, Telegram doppelganger used to target people in China.

Gaming-related threat landscape in 2023: desktop and mobile malware disguised as Minecraft, Roblox and other popular games, and the most widespread phishing schemes.

A WhatsApp mod with a built-in spy module has been spreading through Arabic and Azeri Telegram channels since August 2023.

In this report Kaspersky shares insights into the validation components used in Operation Triangulation, TriangleDB implant post-compromise activity, as well as details of some additional modules.

Spyware Telegram mod in Uighur and Chinese spreads through Google Play stealing messages and other user data.

The smartphone malware statistics for Q2 2023 includes data for Android malware, adware, banking Trojans and ransomware.

This is our latest summary of the significant events and findings, focusing on activities that we observed during Q2 2023.

The smartphone threat statistics for Q1 2023 includes data for Android malware, adware, banking Trojans and ransomware.

While monitoring the traffic of our own corporate Wi-Fi network, we noticed suspicious activity that originated from several iOS-based phones. We created offline backups of the devices, inspected them and discovered traces of compromise.

The new Trojan family, Fleckpe, spreads via Google Play inside photo editors and wallpapers, subscribing the unaware user to paid services.

Kaspersky research into dark web offers related to Android malware and its distribution via Google Play: hacked app developer accounts, malicious loaders, etc.

Reports

Kaspersky researchers analyze EAGERBEE backdoor modules, revealing a possible connection to the CoughingDown APT actor.

While investigating an incident involving the BellaCiao .NET malware, Kaspersky researchers discovered a C++ version they dubbed “BellaCPP”.

Lazarus targets employees of a nuclear-related organization with a bunch of malware, such as MISTPEN, LPEClient, RollMid, CookieTime and a new modular backdoor CookiePlus.

Kaspersky researchers analyze 2019, 2022 and 2024 attacks attributed to Careto APT with medium to high confidence.

Mobile threats

The State of Stalkerware in 2023–2024

The mobile malware threat landscape in 2023

A lightweight method to detect potential iOS malware

IT threat evolution in Q3 2023. Mobile statistics

IT threat evolution Q3 2023

Gaming-related cyberthreats in 2023: Minecrafters targeted the most

WhatsApp spy mod spreads through Telegram, attacks Arabic-speaking users

The outstanding stealth of Operation Triangulation

Evil Telegram doppelganger attacks Chinese users

IT threat evolution in Q2 2023. Mobile statistics

APT trends report Q2 2023

IT threat evolution Q1 2023. Mobile statistics

Operation Triangulation: iOS devices targeted with previously unknown malware

Not quite an Easter egg: a new family of Trojan subscribers on Google Play

Overview of Google Play threats sold on the dark web

Reports

EAGERBEE, with updated and novel components, targets the Middle East

BellaCPP: Discovering a new BellaCiao variant written in C++

Lazarus group evolves its infection chain with old and new malware

Careto is back: what’s new after 10 years of silence?

Subscribe to our weekly e-mails