Financial Cyberthreats in 2020
2020 was challenging for everyone: companies, regulators, individuals. Due to the limitations imposed by the epidemiological situation, particular categories of users and businesses were increasingly targeted by cybercriminals. While we were adjusting to remote work and the rest of the new conditions, so were scammers. As a result, 2020 was extremely eventful in terms of digital […] more…Spam and phishing in 2020
Figures of the year In 2020: The share of spam in email traffic amounted to 50.37%, down by 6.14 p.p. from 2019. Most spam (21.27%) originated in Russia. Kaspersky solutions detected a total of 184,435,643 malicious attachments. The email antivirus was triggered most frequently by email messages containing members of the Trojan.Win32.Agentb malware family. The […] more…IT threat evolution Q3 2020
Targeted attacks MATA: Lazarus’s multi-platform targeted malware framework The more sophisticated threat actors are continually developing their TTPs (Tactics, Techniques and Procedures) and the toolsets they use to compromise the systems of their targets. However, malicious toolsets used to target multiple platforms are rare, because they required significant investment to develop and maintain them. In […] more…Unity’s new weapon for devs: Porting games to Firefox
Mozilla has teamed up with Unity to run its games on the Web without plugins — but with an add-on. Announced at the Game Developer’s Conference in San Francisco, the extension will ship later this year with the anticipated Unity 5.0. Powered by the Web graphics library WebGL and the JavaScript subset asm.js, the add-on […] more…Inside of the WASP’s nest: deep dive into PyPI-hosted malware
Photo by Matheus Queiroz on Unsplash In late 2022 we decided to start monitoring PyPI, arguably the most important Python repository, as there were a number of reports on it hosting malware. PyPI took exceptional relevance amongst all repositories as, historically, it was trusted by default by many software developers. Any security breach or abuse […] more…APT43: An investigation into the North Korean group’s cybercrime operations
Introduction As recently reported by our Mandiant’s colleagues, APT43 is a threat actor believed to be associated with North Korea. APT43’s main targets include governmental institutions, research groups, think tanks, business services, and the manufacturing sector, with most victims located in the United States and South Korea. The group uses a variety of techniques and […] more…Cyberthreats to financial organizations in 2022
First of all, we are going to analyze the forecasts we made at the end of 2020 and see how accurate they were. Then we will go through the key events of 2021 relating to attacks on financial organizations. Finally, we will make some forecasts about financial attacks in 2022. Analysis of forecasts for 2021 […] more…Russian-speaking cybercrime evolution: What changed from 2016 to 2021
Experts at Kaspersky have been investigating various computer incidents on a daily basis for over a decade. Having been in the field for so long, we have witnessed some major changes in the cybercrime world’s modus operandi. This report shares our insights into the Russian-speaking cybercrime world and the changes in how it operates that […] more…IT threat evolution Q2 2021
Targeted attacks The leap of a Cycldek-related threat actor It is quite common for Chinese-speaking threat actors to share tools and methodologies: one such example is the infamous “DLL side-loading triad”: a legitimate executable, a malicious DLL to be side-loaded by it and an encoded payload, generally dropped from a self-extracting archive. This was first thought to […] more…IT threat evolution in Q2 2021. Mobile statistics
These statistics are based on detection verdicts of Kaspersky products received from users who consented to providing statistical data. Quarterly figures In Q2 2021, according to data from Kaspersky Security Network: 14,465,672 malware, adware and riskware attacks were prevented. The largest share of all detected threats accrued to RiskTool programs — 38.48%. 886,105 malicious installation […] more…Cyberthreats to financial organizations in 2021
It is hard to believe that a year has gone since our last article on financial attacks and our predictions for 2020. It has been a tough one, but first things first. Let us review the forecasts we made at the end of 2019 and see how accurate we were. Then we will go through […] more…Malicious Optimizer and Utility Android Apps on Google Play Communicate with Trojans that Install Malware, Perform Mobile Ad Fraud
By Lorin Wu (Mobile Threats Analyst) We recently discovered several malicious optimizer, booster, and utility apps (detected by Trend Micro as AndroidOS_BadBooster.HRX) on Google Play that are capable of accessing remote ad configuration servers that can be used for malicious purposes, perform mobile ad fraud, and download as many as 3,000 malware variants or malicious […] more…Kaspersky Security Bulletin 2018. Top security stories
Introduction The internet is now woven into the fabric of our lives. Many people routinely bank, shop and socialize online and the internet is the lifeblood of commercial organizations. The dependence on technology of governments, businesses and consumers provides a broad attack surface for attackers with all kinds of motives – financial theft, theft of […] more…Ztorg: money for infecting your smartphone
This research started when we discovered an infected Pokémon GO guide in Google Play. It was there for several weeks and was downloaded more than 500,000 times. We detected the malware as Trojan.AndroidOS.Ztorg.ad. After some searching, I found some other similar infected apps that were being distributed from the Google Play Store. The first of […] more…Mozilla, Epic bring Unreal engine to the web
Mozilla, a non-profit organization dedicated to promoting openness, innovation and opportunity on the Web, is advancing the Web as the platform for high-end game development. With Mozilla’s latest innovations in JavaScript, game developers and publishers can now take advantage of fast performance that rivals native while leveraging scale of the Web, without the additional costs […] more…More information
- The Exactis Data Breach: What Consumers Need to Know
- Windows 7 update guide: How ‘security-only’ and ‘monthly rollups’ differ
- Jobert Abma makes $100,000 a year as a ‘bug bounty hunter’
- Security Manager’s Journal: Security has to extend to your customers
- North Korea blames U.S. for Internet blackouts, calls Obama ‘monkey’
- Blackshades webcam voyeur spared jail over stolen webcam images
- In Other News: Microsoft Email Spoofing, Snowflake Hack Ransoms, LogoFail Follow-Up
- Microsoft Temporarily Doubles Bounty Payouts for Online Services Bugs
- US Senate panel says no to criminal charges for encryption-related court orders: Report
- The Importance of Looking After Your Tires