More than six years have passed since the banking Trojan Emotet was first detected. During this time it has repeatedly mutated, changed direction, acquired partners, picked up modules, and generally been the cause of high-profile incidents and multimillion-dollar losses. Read Full Article
Kaspersky solutions blocked 1,416,295,227 attacks launched from online resources across the globe. Ransomware attacks were defeated on the computers of 121,579 unique users. Read Full Article
MATA framework, Garmin attack, Operation PowerFall, DeathStalker group and other events of 2020. Read Full Article
As protection methods improve, the developers of miners have had to enhance their own creations, often turning to non-trivial solutions. Several such solutions (previously unseen by us) were detected during our analysis of the open source miner XMRig. Read Full Article
In 2019, on VirusTotal, we encountered a curious piece of Android spyware which, when analyzed, seemed connected to GravityRAT. The cybercriminals had added a spy module to Travel Mate, an Android app for travelers to India, the source code of which is available on Github. Read Full Article
During the second quarter Kaspersky solutions blocked 899,744,810 attacks launched from online resources across the globe, as many as 286,229,445 unique URLs triggered Web Anti-Virus components. Read Full Article
While we already described the exploit for Internet Explorer in the original blog post about Operation PowerFall, we also promised to share more details about the elevation of privilege exploit. Let’s take a look at vulnerability CVE-2020-0986. Read Full Article
Kaspersky prevented an attack on a South Korean company by a malicious script for Internet Explorer. Closer analysis revealed that the attack used a previously unknown full chain that consisted of two zero-day exploits. Read Full Article
Exploit kits still play a role in today’s threat landscape and continue to evolve. For this blogpost I studied and analyzed the evolution of one of the most sophisticated exploit kits out there – Magnitude EK – for a whole year. Read Full Article
Back in October 2019 we detected a classic watering-hole attack that exploited a chain of Google Chrome and Microsoft Windows zero-days. In this blog post we’d like to take a deep technical dive into the attack. Read Full Article