VIRUS-NEWS
BeatBanker: A dual?mode Android Trojan
by GReAT10 Mar 2026 at 10:00am
Kaspersky researchers identified a new Android Trojan dubbed BeatBanker targeting Brazil, posing as government apps and Google Play Store, and capable of both crypto mining and stealing banking data.
Exploits and vulnerabilities in Q4 2025
by Alexander Kolesnikov6 Mar 2026 at 10:00am
This report provides statistical data on published vulnerabilities and exploits we researched during Q4 2025. It also includes summary data on the use of C2 frameworks in APT attacks.
Mobile malware evolution in 2025
by Anton Kivva4 Mar 2026 at 10:00am
Statistics on Android malware and the most notable mobile threats of 2025: preinstalled backdoors Keenadu and Triada, spyware Trojans, the Kimwolf IoT botnet, and Mamont banking Trojans.
Arkanix Stealer: a C++ & Python infostealer
by Kirill Korchemny, Omar Amin19 Feb 2026 at 11:00am
Kaspersky researchers analyze a C++ and Python stealer dubbed "Arkanix Stealer", which was active for several months, targeted wide range of data, was distributed as MaaS and offered referral program to its partners.
Divide and conquer: how the new Keenadu backdoor exposed links between major ...
by Dmitry Kalinin17 Feb 2026 at 9:00am
Kaspersky experts have uncovered Keenadu, a sophisticated new backdoor targeting tablet firmware as well as system-level and Google Play apps. They also revealed connections between the world's most prolific Android botnets.
The game is over: when ?free? comes at too high a price. What we know about R...
by Denis Brylev, Pavel Sinenko, Maxim Starodubov, Artem Ushkov11 Feb 2026 at 2:00pm
We disclose new details about campaigns involving RenEngine and HijackLoader malware. Since March 2025, attackers have been distributing the Lumma stealer in a complex chain of infections, and in February 2026, ongoing attacks using ACR Stealer became known.
Spam and phishing in 2025
by Tatyana Kulikova, Olga Altukhova, Roman Dedenok, Andrey Kovtun, Irina Shimko, Anna Lazaricheva11 Feb 2026 at 10:00am
The report contains statistics on spam and phishing in 2025, outlining the main trends: phishing and scam QR codes, ClickFix attacks, ChatGPT subscription lures and others.
Stan Ghouls targeting Russia and Uzbekistan with NetSupport RAT
by Kaspersky5 Feb 2026 at 9:00am
We analyze the recent Stan Ghouls campaign targeting organizations in Russia and Uzbekistan: Java-based loaders, the NetSupport RAT, and a potential interest in IoT.
The Notepad++ supply chain attack ? unnoticed execution chains and new IoCs
by Georgy Kucherin, Anton Kargin3 Feb 2026 at 8:10am
Kaspersky GReAT experts discovered previously undocumented infection chains used in the Notepad++ supply chain attacks. The article provides new IoCs related to those incidents which employ DLL sideloading and Cobalt Strike Beacon delivery.
Supply chain attack on eScan antivirus: detecting and remediating malicious u...
by Georgy Kucherin, Kirill Korchemny, Ilya Savelyev29 Jan 2026 at 3:07pm
On January 20, Kaspersky solutions detected malware used in eScan antivirus supply chain attack. In this article we provide available information on the threat: indicators of compromise, threat hunting and mitigating tips, etc.
