Threat Category: Windows malware | Page 5

The Ducktail malware, designed to hijack Facebook business and ads accounts, sends marketing professionals fake ads for jobs with major clothing manufacturers.

Gaming-related threat landscape in 2023: desktop and mobile malware disguised as Minecraft, Roblox and other popular games, and the most widespread phishing schemes.

In this report, we share our latest crimeware findings: GoPIX targeting PIX payment system; Lumar stealing files and passwords; Rhysida ransomware supporting old Windows.

Cybercriminals attack government, law enforcement, non-profit organizations, agricultural and commercial companies by slipping a cryptominer, keylogger, and backdoor into their systems.

In this report, we share our latest crimeware findings: the ASMCrypt cryptor/loader related to DoubleFinger, a new Lumma stealer and a new version of Zanubis Android banking trojan.

The article analyzes the malicious tactics, techniques and procedures (TTP) used by the operator of the Cuba ransomware, and details a Cuba attack incident.

PC malware statistics for Q2 2022 includes data on miners, ransomware, banking Trojans, and other threats to Windows, macOS and IoT devices.

In September of 2022, multiple security news professionals wrote about and confirmed the leakage of a builder for Lockbit 3 ransomware. In this post we provide the analysis of the builder and recently discovered builds.

In this report, we share our recent crimeware findings: the new DarkGate loader, new LokiBot campaign and new Emotet version delivered via OneNote.

This is our latest summary of the significant events and findings, focusing on activities that we observed during Q2 2023.

In this crimeware report, Kaspersky researchers provide insights into Andariel’s activity targeting organizations: clumsy commands executed manually, off-the-shelf tools and EasyRat malware.

This report contains statistics on cybersecurity threats to small and medium-sized businesses in 2023, and examples of cyberattacks on SMBs.

In this crimeware report, Kaspersky researchers provide insights into the Conti-based LockBit Green variant, ransomware samples for macOS, FreeBSD, etc. and phishing campaigns targeting organizations.

What Malware-as-a-Service includes, on what terms cybercriminals offer it, and what malware they most often distribute under this model

Kaspersky researchers share insight into multistage DoubleFinger loader attack delivering GreetingGhoul cryptocurrency stealer and Remcos RAT.

Reports

According to Kaspersky, Librarian Ghouls APT continues its series of attacks on Russian entities. A detailed analysis of a malicious campaign utilizing RAR archives and BAT scripts.

Kaspersky GReAT experts uncovered a new campaign by Lazarus APT that exploits vulnerabilities in South Korean software products and uses a watering hole approach.

MysterySnail RAT attributed to IronHusky APT group hasn’t been reported since 2021. Recently, Kaspersky GReAT detected new versions of this implant in government organizations in Mongolia and Russia.

Kaspersky researchers analyze GOFFEE’s campaign in H2 2024: the updated infection scheme, new PowerModul implant, switch to a binary Mythic agent.

Windows malware

Ducktail fashion week

Gaming-related cyberthreats in 2023: Minecrafters targeted the most

Stealer for PIX payment system, new Lumar stealer and Rhysida ransomware

Money-making scripts attack organizations

A cryptor, a stealer and a banking trojan

From Caribbean shores to your devices: analyzing Cuba ransomware

IT threat evolution in Q2 2023. Non-mobile statistics

Lockbit leak, research opportunities on tools leaked from TAs

What’s happening in the world of crimeware: Emotet, DarkGate and LokiBot

APT trends report Q2 2023

Andariel’s silly mistakes and a new malware family

How cybercrime is impacting SMBs in 2023

LockBit Green and phishing that targets organizations

Understanding Malware-as-a-Service

Sneaky DoubleFinger loads GreetingGhoul targeting your cryptocurrency

Reports

Sleep with one eye open: how Librarian Ghouls steal data by night

Operation SyncHole: Lazarus APT goes back to the well

IronHusky updates the forgotten MysterySnail RAT to target Russia and Mongolia

GOFFEE continues to attack organizations in Russia

Subscribe to our weekly e-mails