Tag: Malware Descriptions
-
Malicious spam campaigns delivering banking Trojans
In mid-March 2021, we observed two new spam campaigns delivering banking Trojans. The payload in most cases was IcedID, but we have also …
-
Black Kingdom ransomware
Black Kingdom ransomware appeared on the scene back in 2019, but we observed some activity again in 2021. The ransomware was used by an …
-
Andariel evolves to target South Korea with ransomware
In April 2021, we observed a suspicious Word document with a Korean file name and decoy. It revealed a novel infection scheme and an …
-
Gootkit: the cautious Trojan
Gootkit is complex multi-stage banking malware capable of stealing data from the browser, performing man-in-the-browser attacks, …
-
IT threat evolution Q1 2021. Mobile statistics
In the first quarter of 2021 we detected 1.45M mobile installation packages, of which 25K packages were related to mobile banking Trojans …
-
IT threat evolution Q1 2021. Non-mobile statistics
In Q1 2021, we blocked more than 2 billion attacks launched from online resources across the globe, detected 77.4M unique malicious and …
-
Evolution of JSWorm ransomware
There are times when a single ransomware family has evolved from a mass-scale operation to a highly targeted threat – all in the span of …
-
Bizarro banking Trojan expands its attacks to Europe
Bizarro is yet another banking Trojan family originating from Brazil that steals credentials from customers of 70 banks from different …
-
Ransomware world in 2021: who, how and why
In this report, we take a step back from the day-to-day ransomware news cycle and follow the ripples back into the heart of the ecosystem …
-
Operation TunnelSnake
A newly discovered rootkit that we dub ‘Moriya’ is used by an unknown actor to deploy passive backdoors on public facing servers, …
-
Ransomware by the numbers: Reassessing the threat’s global impact
In this report, we’ll take a look at the numbers behind the ransomware threat from 2019 to 2020, what they mean — and what they foretell …
-
The leap of a Cycldek-related threat actor
The investigation described in this article started with one such file which caught our attention due to the various improvements it …
●●●