Recherche : [Malware-Technologies]

A miner and the ClipBanker Trojan being distributed via SourceForge | Securelist https://securelist.com/miner-clipbanker-sourceforge-campaign/116088/?ref=metacurity.com

09/04/2025 20:20:08

Malicious actors are using SourceForge to distribute a miner and the ClipBanker Trojan while utilizing unconventional persistence techniques.

SparkCat crypto stealer in Google Play and App Store https://securelist.com/sparkcat-stealer-in-app-store-and-google-play/115385/

05/02/2025 09:18:19

Kaspersky experts discover iOS and Android apps infected with the SparkCat crypto stealer in Google Play and the App Store. It steals crypto wallet data using an OCR model.

CloudSorcerer APT uses cloud services and GitHub as C2 | Securelist https://securelist.com/cloudsorcerer-new-apt-cloud-actor/113056/

11/07/2024 09:57:32

Kaspersky discovered a new APT CloudSorcerer targeting Russian government entities and using cloud services as C2, just like the CloudWizard actor.

XZ backdoor behavior inside OpenSSH https://securelist.com/xz-backdoor-part-3-hooking-ssh/113007/

24/06/2024 16:44:07

In this article, we analyze XZ backdoor behavior inside OpenSSH, after it has achieved RSA-related function hook.

Leaked LockBit builder in a real-life incident response case | Securelist https://securelist.com/lockbit-3-0-based-custom-targeted-ransomware/112375/

16/04/2024 14:24:13

Kaspersky researchers revisit the leaked LockBit 3.0 builder and share insights into a real-life incident involving a custom targeted ransomware variant created with this builder.

Kaspersky analysis of the backdoor in XZ https://securelist.com/xz-backdoor-story-part-1/112354/

13/04/2024 03:32:39

Kaspersky analysis of the backdoor recently found in XZ, which is used in many popular Linux distributions and in OpenSSH server process.

A backdoor with a cryptowallet stealer inside cracked macOS software https://securelist.com/new-macos-backdoor-crypto-stealer/111778/

22/01/2024 10:41:52

We review a new macOS backdoor that piggybacks on cracked software to replace Bitcoin and Exodus wallets with malware.

StripedFly: Perennially flying under the radar https://securelist.com/stripedfly-perennially-flying-under-the-radar/110903/

26/10/2023 23:06:55

Nobody would even suspect the mining malware was merely a mask, masquerading behind an intricate modular framework that supports both Linux and Windows. The amount of effort that went into creating the framework is truly remarkable, and its disclosure was quite astonishing.

DNS changer in malicious mobile app used by Roaming Mantis https://securelist.com/roaming-mantis-dns-changer-in-malicious-mobile-app/108464/

20/01/2023 11:57:51

Roaming Mantis (a.k.a Shaoye) is a long-term cyberattack campaign that uses malicious Android package (APK) files to control infected Android devices and steal data. In 2022, we observed a DNS changer function implemented in its Android malware Wroba.o.

Stolen certificates in two waves of ransomware and wiper attacks https://securelist.com/ransomware-and-wiper-signed-with-stolen-certificates/108350/

22/12/2022 22:45:01

In this report, we compare the ROADSWEEP ransomware and ZEROCLEARE wiper versions used in two waves of attacks against Albanian government organizations.

NullMixer drops Redline Stealer, SmokeLoader and other malware | Securelist https://securelist.com/nullmixer-oodles-of-trojans-in-a-single-dropper/107498/

28/09/2022 15:28:47

NullMixer is a dropper delivering a number of Trojans, such as RedLine Stealer, SmokeLoader, Satacom, and others.

Kaspersky report on Luna and Black Basta ransomware https://securelist.com/luna-black-basta-ransomware/106950/

22/07/2022 09:04:18

This report discusses new ransomware, that targets Windows, Linux and ESXi systems: Luna written in Rust and Black Basta.

The hateful eight: Kaspersky’s guide to modern ransomware groups’ TTPs https://securelist.com/modern-ransomware-groups-ttps/106824/

27/06/2022 09:19:46

We want to familiarize the reader with the different stages of ransomware deployment and provide a visual guide to defending against targeted ransomware attacks.

Liens par page

Filtres