Tag: APT reports
-
Transparent Tribe: Evolution analysis,part 1
Transparent Tribe, also known as PROJECTM and MYTHIC LEOPARD, is a highly prolific group whose activities can be traced as far back as …
-
CactusPete APT group’s updated Bisonal backdoor
A new CactusPete campaign shows that the group’s favored types of target remain the same. The victims of the new variant of the Bisonal …
-
APT trends report Q2 2020
This summary is based on our threat intelligence research and provides a representative snapshot of what we have published and discussed, …
-
Lazarus on the hunt for big game
By investigating a number of targeted ransomware attacks and through discussions with some of our trusted industry partners, we feel that …
-
MATA: Multi-platform targeted malware framework
The MATA malware framework possesses several components, such as loader, orchestrator and plugins. The framework is able to target Windows, …
-
Microcin is here
In February 2020, we observed a Trojan injected into the system process memory on a particular host. The target turned out to be a …
-
Cycldek: Bridging the (air) gap
While investigating attacks related to a group named Cycldek post 2018, we were able to uncover various pieces of information on its …
-
The zero-day exploits of Operation WizardOpium
Back in October 2019 we detected a classic watering-hole attack that exploited a chain of Google Chrome and Microsoft Windows zero-days. In …
-
COMpfun authors spoof visa application with HTTP status-based Trojan
In autumn 2019 we published a story about how a COMpfun successor known as Reductor infected files on the fly to compromise TLS traffic. …
-
Naikon’s Aria
Our colleagues at Checkpoint put together a fine research writeup on some Naikon resources and activity related to “aria-body” that we …
-
APT trends report Q1 2020
For more than two years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced …
-
Hiding in plain sight: PhantomLance walks into a market
In July 2019, a sophisticated backdoor trojan in Google Play was reported. We conducted an inquiry of our own, discovering a long-term …
●●●