malware

Outsmarting Malware

Outsmarting Malware

Cybersecurity can use adaptable machine learning algorithms combined with several anti-malware technologies to find and foil advanced threats.

An (un)documented Word feature abused by attackers

An (un)documented Word feature abused by attackers

A little while back we were investigating the malicious activities of the Freakyshelly targeted attack and came across spear phishing emails that had some interesting documents attached to them. They were in OLE2 format and contained no macros, exploits or any other active content

Miners on the Rise

Miners on the Rise

Over the last month alone, we have detected several large botnets designed to profit from concealed crypto mining. We have also observed growing numbers of attempts to install miners on servers owned by organizations. When these attempts are successful, the companies’ business processes suffer because data processing speeds fall substantially.  

The future of cyber security

The future of cyber security

The cyber security is always evolving and you, as a business or as a consumer, need to be ready to adapt to the new technologies, regulations and strategies that will help to develop a safer and more secure internet.

Why entrepreneurs should not neglect cyber security

Why entrepreneurs should not neglect cyber security

Cyber security is often neglected by smаll buѕіnеѕѕеѕ аnd еntrерrеnеurѕ bесаuѕе thеу assume іt’ѕ ѕоmеоnе еlѕе’ѕ рrоblеm, оr thеіr dаtа іѕ nоt wоrth stealing. But thеrе аrе lоtѕ оf reasons whу cyber security ѕhоuld bе рrіоrіtу numbеr оnе fоr еntrерrеnеurѕ.

Dissecting the Chrome Extension Facebook malware

Dissecting the Chrome Extension Facebook malware

The Facebook malware that spread last week was dissected in a collaboration with Kaspersky Lab and Detectify. We were able to get help from the involved companies and cloud services to quickly shut down parts of the attack to mitigate it as fast as possible.  

Introducing WhiteBear

Introducing WhiteBear

As a part of our Kaspersky APT Intelligence Reporting subscription, customers received an update in mid-February 2017 on some interesting APT activity that we called WhiteBear. It is a parallel project or second stage of the Skipper Turla cluster of activity documented in another private report. Like previous Turla activity, WhiteBear leverages compromised websites and hijacked satellite connections for command and control (C2) infrastructure.  

Jimmy Nukebot: from Neutrino with love

Jimmy Nukebot: from Neutrino with love

In one of our previous articles, we analyzed the NeutrinoPOS banker as an example of a constantly evolving malware family. A week after publication, this Neutrino modification delivered up a new malicious program classified by Kaspersky Lab as Trojan-Banker.Win32.Jimmy.  

Neutralization reaction

Neutralization reaction

Corporate information security services often turn out to be unprepared: their employees underestimate the speed, secrecy and efficiency of modern cyberattacks and do not recognize how ineffective the old approaches to security are. 

WAP-billing Trojan-Clickers on rise

WAP-billing Trojan-Clickers on rise

During the preparation of the “IT threat evolution Q2 2017” report I found several common Trojans that were stealing money from users using WAP-billing. 

New multi platform malware/adware spreading via Facebook Messenger

New multi platform malware/adware spreading via Facebook Messenger

One good thing about having a lot of Facebook friends is that you simply act as a honey pot when your friends click on malicious things. A few days ago I got a message on Facebook from a person I very rarely speak to, and I knew that something fishy was going on.  

Spam and phishing in Q2 2017

Spam and phishing in Q2 2017

In Q2 2017, the average share of spam in global email traffic amounted to 56.97%, which was only 1.07 p.p. more than in the previous quarter. One of the most notable events of this quarter – the WannaCry epidemic – did not go unnoticed by spammers: numerous mass mailings contained offers of assistance in combating the ransomware.  

Booking a Taxi for Faketoken

Booking a Taxi for Faketoken

The Trojan-Banker.AndroidOS.Faketoken malware has been known about for already more than a year. Throughout the time of its existence, it has worked its way up from a primitive Trojan intercepting mTAN codes to an encrypter. Not so long ago, thanks to our colleagues from a large Russian bank, we detected a new Trojan sample, Faketoken.q, which contained a number of curious features.  

IT threat evolution Q2 2017

IT threat evolution Q2 2017

The threat from ransomware continues to grow. Between April 2016 and March 2017, we blocked ransomware on the computers of 2,581,026 Kaspersky Lab customers. In May, we saw the biggest ransomware epidemic in history, called WannaCry.  

IT threat evolution Q2 2017. Statistics

IT threat evolution Q2 2017. Statistics

According to KSN data, Kaspersky Lab solutions detected and repelled 342, 566, 061 malicious attacks from online resources located in 191 countries all over the world.

Load More