hacking

Dissecting the Chrome Extension Facebook malware

Dissecting the Chrome Extension Facebook malware

The Facebook malware that spread last week was dissected in a collaboration with Kaspersky Lab and Detectify. We were able to get help from the involved companies and cloud services to quickly shut down parts of the attack to mitigate it as fast as possible.  

Introducing WhiteBear

Introducing WhiteBear

As a part of our Kaspersky APT Intelligence Reporting subscription, customers received an update in mid-February 2017 on some interesting APT activity that we called WhiteBear. It is a parallel project or second stage of the Skipper Turla cluster of activity documented in another private report. Like previous Turla activity, WhiteBear leverages compromised websites and hijacked satellite connections for command and control (C2) infrastructure.  

New multi platform malware/adware spreading via Facebook Messenger

New multi platform malware/adware spreading via Facebook Messenger

One good thing about having a lot of Facebook friends is that you simply act as a honey pot when your friends click on malicious things. A few days ago I got a message on Facebook from a person I very rarely speak to, and I knew that something fishy was going on.  

IT threat evolution Q2 2017

IT threat evolution Q2 2017

The threat from ransomware continues to grow. Between April 2016 and March 2017, we blocked ransomware on the computers of 2,581,026 Kaspersky Lab customers. In May, we saw the biggest ransomware epidemic in history, called WannaCry.  

APT Trends report Q2 2017

APT Trends report Q2 2017

Since 2014, Kaspersky Lab’s Global Research and Analysis Team (GReAT) has been providing threat intelligence reports to a wide-range of customers worldwide, leading to the delivery of a full and dedicated private reporting service. 

Steganography in contemporary cyberattacks

Steganography in contemporary cyberattacks

A strong upward trend in malware developers using steganography for different purposes is seen, including for concealing C&C communication and for downloading malicious modules

DDoS attacks in Q2 2017

DDoS attacks in Q2 2017

Money remains the driving force of DDoS attacks.The growing interest in cryptocurrencies leads to an increase in their exchange-value in the second quarter of 2017.

No Free Pass for ExPetr

No Free Pass for ExPetr

Recently, there have been discussions around the topic that if our product is installed, ExPetr malware won’t write the special malicious code which encrypts the MFT to MBR. 

Load More