Unveiling the GoldenJackal APT Group: An In-Depth Analysis by Kaspersky
Kaspersky, a leading cybersecurity company, recently uncovered a new and elusive Advanced Persistent Threat (APT) group named GoldenJackal. Operating since 2019, this previously unknown group has primarily focused on targeting government and diplomatic entities in the Middle East and South Asia. Through their extensive investigation, Kaspersky has shed light on GoldenJackal’s capabilities, techniques, and motivations, revealing...
Kaspersky Uncovers Fleckpe Trojan Targeting Google Play Users, Subscribing Them to Paid Services
Kaspersky, a renowned cybersecurity firm, has recently revealed the presence of a new Trojan family named Fleckpe, specifically designed to target users of the Google Play platform. This subscription Trojan spreads through seemingly harmless photo editors and wallpaper apps, deceiving unsuspecting users into subscribing to paid services without their knowledge. Since its detection in 2022, Fleckpe has infected over 620,000 devices...
A Kazual Sunburst – The Missing Link: Experts Connect Solarwinds Attack With Kazuar Backdoor
6 February 2021 (MY) – On December 13, 2020, FireEye, Microsoft and SolarWinds announced the discovery of a large, sophisticated supply chain attack that deployed a new, previously unknown malware “Sunburst” used against SolarWinds’ Orion IT customers. Kaspersky’s experts found various specific code similarities between Sunburst and known versions of Kazuar backdoors – the type of malware that provides remote access to a...
December 2020’s Most Wanted Malware: Emotet Returns as Top Malware Threat
9 January 2021 (MY) – Check Point Research has published its latest Global Threat Index for December 2020. Researchers reported that the Emotet trojan has returned to first place in the top malware list, impacting 7% of organisations globally, following a spam campaign which targeted over 100,000 users per day during the holiday season. In September and October 2020, Emotet was consistently at the top of the Global Threat Index,...
Ghimob: New Banking Malware From Tétrade Threat Actor Targets Mobile Users Worldwide
16 November 2020 – When monitoring a Windows campaign from Guildma banking malware, Kaspersky researchers found URLs distributing not only a malicious .ZIP file for Windows, but also a malicious file that appeared to be a downloader to install Ghimob – a new banking Trojan. Upon infiltrating Accessibility Mode, Ghimob can gain persistence and disable manual uninstallation, capture data, manipulate screen content and provide full...
July 2020’s Most Wanted Malware: Emotet Strikes Again After Five-Month Absence
12 August 2020 – Check Point Research, the Threat Intelligence arm of Check Point Software Technologies Ltd., a leading provider of cyber security solutions globally, has published its latest Global Threat Index for July 2020. Researchers found that after a five-month absence, Emotet has surged back to 1st place in the Index, impacting 5% of organisations globally. Since February 2020, Emotet’s activities – primarily sending...
June 2020’s Most Wanted Malware: Notorious Phorpiex Botnet Rises Again, Doubling Its Global Impact On Organisations
13 July 2020 – Check Point Research, the Threat Intelligence arm of Check Point® Software Technologies Ltd., a leading provider of cyber security solutions globally, has published its latest Global Threat Index for June 2020. Researchers found that in the past month the Phorpiex botnet has been delivering the Avaddon ransomware, a new Ransomware-as-a-Service (RaaS) variant that emerged in early June, via malspam campaigns,...
Research interest: Trojans, Backdoors, and Droppers top the list of most-searched malware by security analysts
3 July 2020 – Anonymized statistics from free requests to the Kaspersky Threat Intelligence Portal have revealed that almost three quarters (72%) of the analyzed malicious files fell into three categories: Trojans, Backdoors, and Droppers. The statistics also show that the types of malware that researchers most frequently investigate do not coincide with the most widespread ones. Malicious activity detection is only the starting...
Blue Coat Reveals Security Risks From “One-Day Wonders” Websites
September 4, 2014 (Thu): Blue Coat Systems, Inc., the market leader in business assurance technology, today announced that 71 percent of hostnames appeared for just 24 hours. While the majority of these “One-Day Wonders” are the backbone for how Internet content is shared and delivered, the sheer volume provides cover for malicious activity, including communication to infected systems. The new report from the Blue Coat Security Labs,...
Facebook Users Most Likely Targets of Account Theft
June 20, 2014 (Fri): Facebook remains the preferred target for cybercriminals who specialize in stealing social network accounts: according to Kaspersky Lab’s statistics, in Q1 2014 fake sites imitating Facebook accounted for 10.85% of all instances when the heuristic Anti-phishing component was triggered. Only fake Yahoo pages sparked more phishing alerts, leaving Facebook the prime target among social networking sites. Today’s...