Tag: APT reports

  • Transparent Tribe: Evolution analysis,part 1

    Transparent Tribe, also known as PROJECTM and MYTHIC LEOPARD, is a highly prolific group whose activities can be traced as far back as …

  • CactusPete APT group’s updated Bisonal backdoor

    A new CactusPete campaign shows that the group’s favored types of target remain the same. The victims of the new variant of the Bisonal …

  • APT trends report Q2 2020

    This summary is based on our threat intelligence research and provides a representative snapshot of what we have published and discussed, …

  • Lazarus on the hunt for big game

    By investigating a number of targeted ransomware attacks and through discussions with some of our trusted industry partners, we feel that …

  • MATA: Multi-platform targeted malware framework

    The MATA malware framework possesses several components, such as loader, orchestrator and plugins. The framework is able to target Windows, …

  • Microcin is here

    In February 2020, we observed a Trojan injected into the system process memory on a particular host. The target turned out to be a …

  • Cycldek: Bridging the (air) gap

    While investigating attacks related to a group named Cycldek post 2018, we were able to uncover various pieces of information on its …

  • The zero-day exploits of Operation WizardOpium

    Back in October 2019 we detected a classic watering-hole attack that exploited a chain of Google Chrome and Microsoft Windows zero-days. In …

  • COMpfun authors spoof visa application with HTTP status-based Trojan

    In autumn 2019 we published a story about how a COMpfun successor known as Reductor infected files on the fly to compromise TLS traffic. …

  • Naikon’s Aria

    Our colleagues at Checkpoint put together a fine research writeup on some Naikon resources and activity related to “aria-body” that we …

  • APT trends report Q1 2020

    For more than two years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced …

  • Hiding in plain sight: PhantomLance walks into a market

    In July 2019, a sophisticated backdoor trojan in Google Play was reported. We conducted an inquiry of our own, discovering a long-term …