Loncom packer: from backdoors to Cobalt Strike

by Anton Kuzmenko
2 Apr 2020 at 10:00am
After the previous story went out, we conducted a detailed analysis of the samples we had obtained, with some interesting findings. All of the malware we examined from the campaign was packed with the same packer, which we named Trojan-Dropper.NSIS.Loncom.

Holy water: ongoing targeted water-holing attack in Asia

by Ivan Kwiatkowski
31 Mar 2020 at 10:00am
On December 4, 2019, we discovered watering hole websites that were compromised to selectively trigger a drive-by download attack with fake Adobe Flash update warnings.

iOS exploit chain deploys LightSpy feature-rich malware

by Alexey Firsh
26 Mar 2020 at 5:32pm
A watering hole was discovered on January 10, 2020 utilizing a full remote iOS exploit chain to deploy a feature-rich implant named LightSpy. The site appears to have been designed to target users in Hong Kong based on the content of the landing page.

WildPressure targets industrial-related entities in the Middle East

by Denis Legezo
24 Mar 2020 at 10:00am
Kaspersky discovered a malicious campaign distributing a fully fledged C++ Trojan that we call Milum. All the victims we registered were organizations from the Middle East. At least some of them are related to industrial sector.

Hunting APTs with YARA

by Costin Raiu
18 Mar 2020 at 4:16pm
If you have wondered how to leverage YARA better and how to achieve a new level of knowledge in APT detection, mitigation and response, we can help a bit with a preview of the secret ingredients.

MonitorMinor: vicious stalkerware?

by Victor Chebyshev
16 Mar 2020 at 10:00am
The other day, our Android traps ensnared an interesting specimen of software that can be used for stalking. On closer inspection, we found that this app outstrips all existing software of its class in terms of functionality.

Cookiethief: a cookie-stealing Trojan for Android

by Anton Kivva
12 Mar 2020 at 10:00am
We recently discovered a new strain of Android malware. Trojan-Spy.AndroidOS.Cookiethief turned out to be quite simple. Its main task was to acquire root rights on the victim device, and transfer cookies used by the browser and Facebook app to the cybercriminals? server.

Mokes and Buerak distributed under the guise of security certificates

by AMR
5 Mar 2020 at 10:00am
We recently discovered a new approach to the well-known distributing malware technique: visitors to infected sites were informed that some kind of security certificate had expired.

Roaming Mantis, part V

by Suguru Ishimaru
27 Feb 2020 at 2:00pm
Kaspersky has continued to track the Roaming Mantis campaign. The group?s attack methods have improved and new targets continuously added in order to steal more funds.

Mobile malware evolution 2019

by Victor Chebyshev
25 Feb 2020 at 10:00am
In 2019, Kaspersky mobile products and technologies detected 3,503,952 malicious installation packages, 69,777 new mobile banking Trojans and 68,362 new mobile ransomware Trojans.

powered by dotcombinat


TOP Referrer

TOP Downloads

Mac OSX Widget



spam shirt

Partner Sites