Kaspersky Labs

WastedLocker: A Technical Analysis

The use of crypto-ransomware in targeted attacks has become an ordinary occurrence lately: new incidents are being reported every month, sometimes even more often.

The Streaming Wars: A Cybercriminal’s Perspective

Not only are millions of account holders of video streaming services susceptible to cyberattacks, but so are the millions more who receive access via relatives or friends that share their passwords.

The Tetrade: Brazilian banking malware goes global

Brazilian hackers have used the Guildma, Javali, Melcoz, and Grandoreiro banking trojan families to target users across South America and Europe.

Web skimming with Google Analytics

Attackers injected malicious code into sites, which collected all the data entered by users, and then sent it via Google Analytics to access the stolen data in their Google Analytics account.

COMpfun authors spoof visa application with HTTP status-based Trojan

The trojan has the ability to acquire the target’s geolocation, gathering host- and network-related data, keylogging and screenshots. It can also self-propagate itself via removable devices.

Hiding in plain sight: PhantomLance walks into a market

The functionality of all malware samples are similar – the main purpose of spyware was to gather sensitive information.

Unkillable xHelper and a Trojan matryoshka

The malware disguises itself as a popular cleaner and speed-up app for smartphones. After installation, it simply disappears from the main screen and the program menu.

Loncom packer: from backdoors to Cobalt Strike

The malware uses legitimate NSIS software for packing and loading shellcode, and Microsoft Crypto API for decrypting the final payload.

iOS exploit chain deploys LightSpy feature-rich malware

A watering hole was discovered on January 10, 2020 utilizing a full remote iOS exploit chain to deploy a feature-rich implant named LightSpy.

WildPressure targets industrial-related entities in the Middle East

The malware uses the JSON format for configuration data and as a C2 communication protocol over HTTP as well. The encryption implemented is the RC4 algorithm with different keys for different victims.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags