Incidents

Yet another Bofra variant

A new Bofra variant has been reported. We already detect it generically as “I-Worm.Bofra.gen”. The new variant has a distribution node located at the following URL:

http://kjh0.narod.ru/

Just like we did with previous Bofra variants, we are talking to narod.ru adminstrators to take the site offline ASAP.

Yet another Bofra variant

Your email address will not be published. Required fields are marked *

 

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Reports

Mysterious Elephant: a growing threat

Kaspersky GReAT experts describe the latest Mysterious Elephant APT activity. The threat actor exfiltrates data related to WhatsApp and employs tools such as BabShell and MemLoader HidenDesk.