Threat Category: Web threats

Kaspersky experts review last year’s predictions on consumer cyberthreats and try to anticipate the trends for 2024.

As Black Friday approaches, Kaspersky analyzes phishing and spam activity around major sales events, and reviews statistics on online shopping threats in 2023.

We look at how user data privacy is handled by large language model-based chatbots: ChatGPT, Microsoft Bing, Google Bard, Anthropic Claude, You.com, and Bing.

In this report, we share our latest crimeware findings: the ASMCrypt cryptor/loader related to DoubleFinger, a new Lumma stealer and a new version of Zanubis Android banking trojan.

IoT threats: how devices get hacked, what malware is uploaded, and what services are on offer on the dark web in 2023.

PC malware statistics for Q2 2022 includes data on miners, ransomware, banking Trojans, and other threats to Windows, macOS and IoT devices.

Recent BlueNoroff and Roaming Mantis activities, new APT related to the Russo-Ukrainian conflict, ChatGPT and threat intelligence, malvertising through search engines, cryptocurrency theft campaign and fake Tor browser

A recent campaign by Satacom downloader is delivering a cryptocurrency-stealing extension for Chromium-based browsers, such as Chrome, Brave and Opera.

Kaspersky researchers discuss infection methods used by Mirai-based RapperBot, Rhadamantys stealer, and CUEMiner: smart brute forcing, malvertising, and distribution through BitTorrent and OneDrive.

How deals and arrangements are made on the dark web, what parties are involved, what escrow services and arbitration are and how these affect the security of deals.

Kaspersky observes a growth in malvertising activity that exploits Google search ads to promote fake software websites that deliver stealers, such as RedLine and Rhadamantys.

In H2 2022, the percentage of ICS computers on which malicious objects were blocked increased by 3.5 percentage points compared to the previous six-month period, reaching 34.3%.

Statistics on spam and phishing with the key trends in 2022: two-stage spear phishing, hijacking of social network and instant messaging accounts, import substitution, and survey phishing.

Explaining web beacons (web bugs, spy or tracking pixels), what companies use these on websites and in e-mail, how and why.

Kaspersky’s predictions about the threats to corporations in 2023: media blackmail, fake leaks, cloud attacks, and more advanced ransomware.

Reports

In this report Kaspersky researchers provide an analysis of the previously unknown HrServ web shell, which exhibits both APT and crimeware features and has likely been active since 2021.

Asian APT groups target various organizations from a multitude of regions and industries. We created this report to provide the cybersecurity community with the best-prepared intelligence data to effectively counteract Asian APT groups.

We unveil a Lazarus campaign exploiting security company products and examine its intricate connections with other campaigns

How Kaspersky researchers obtained all stages of the Operation Triangulation campaign targeting iPhones and iPads, including zero-day exploits, validators, TriangleDB implant and additional modules.

Web threats

Consumer cyberthreats: predictions for 2024

The dark side of Black Friday: decoding cyberthreats around the year’s biggest shopping season

ChatGPT at work: how chatbots help employees, but threaten business

A cryptor, a stealer and a banking trojan

Overview of IoT threats in 2023

IT threat evolution in Q2 2023. Non-mobile statistics

IT threat evolution Q1 2023

Satacom delivers browser extension that steals cryptocurrency

Uncommon infection methods—part 2

Business on the dark web: deals and regulatory mechanisms

Malvertising through search engines

Threat landscape for industrial automation systems for H2 2022

Spam and phishing in 2022

Web beacons on websites and in e-mail

What threatens corporations in 2023: media blackmail, fake leaks and cloud attacks

Reports

HrServ – Previously unknown web shell used in APT attack

Modern Asian APT groups’ tactics, techniques and procedures (TTPs)

A cascade of compromise: unveiling Lazarus’ new campaign

How to catch a wild triangle

Subscribe to our weekly e-mails