Tag: Malware Descriptions
-
Evil Telegram doppelganger attacks Chinese users
Spyware Telegram mod in Uighur and Chinese spreads through Google Play stealing messages and other user …
-
Focus on DroxiDat/SystemBC
An unknown actor targeted an electric utility in southern Africa with Cobalt Strike beacons and DroxiDat, a new variant of the SystemBC …
-
Comprehensive analysis of initial attack samples exploiting CVE-2023-23397 vulnerability
We will highlight the key points and then focus on the initial use of the CVE-2023-23397 vulnerability by attackers before it became …
-
Dissecting TriangleDB, a Triangulation spyware implant
In researching Operation Triangulation, we set ourselves the goal to retrieve as many parts of the exploitation chain as possible. As of …
-
Satacom delivers browser extension that steals cryptocurrency
A recent campaign by Satacom downloader is delivering a cryptocurrency-stealing extension for Chromium-based browsers, such as Chrome, …
-
Minas – on the way to complexity
Kaspersky analysis of a complicated multi-stage attack dubbed Minas that features a number of detection evasion and persistence techniques …
-
Not quite an Easter egg: a new family of Trojan subscribers on Google Play
The new Trojan family, Fleckpe, spreads via Google Play inside photo editors and wallpapers, subscribing the unaware user to paid …
-
QBot banker delivered through business correspondence
In early April, we detected a significant increase in attacks that use banking Trojans of the QBot family (aka QakBot, QuackBot, and …
-
Nokoyawa ransomware attacks with Windows zero-day
In February 2023, we found a zero-day exploit, supporting different versions and builds of Windows, including Windows 11. This particular …
-
Copy-paste heist or clipboard-injector attacks on cryptousers
Clipboard injector malware targeting cryptocurrencies such as Bitcoin, Ethereum, Litecoin, Dogecoin and Monero, is distributed under the …
-
Malvertising through search engines
Kaspersky observes a growth in malvertising activity that exploits Google search ads to promote fake software websites that deliver …
-
Prilex modification now targeting contactless credit card transactions
Kaspersky discovers three new variants of the Prilex PoS malware capable of blocking contactless NFC transactions on an infected …
●●●