PRINT
PRINT
SEND MAIL
SEND MAIL

Category: Financial malware

Security FeedsMalware StatisticsFinancial malwareInternet of ThingsFeaturedVulnerabilities and exploitsMalware reportsMinerApple MacOSVulnerability Statistics

IT threat evolution Q3 2020. Non-mobile statistics

These statistics are based on detection verdicts of Kaspersky products received from users who consented to provide statistical data. Quarterly figures According to Kaspersky Security Network, in Q3: Kaspersky solutions blocked 1,416,295,227 attacks launched from online resources across the globe. 456,573,467 unique URLs were recognized as malicious by Web Anti-Virus components. Attempts to run malware for stealing money from online bank accounts were stopped on the computers of 146,761 unique users. Ransomware attacks were defeated on the computers of 121,579 unique users. Our File…

Security FeedsMalware DescriptionsFinancial malwareFeaturedGoogle AndroidMalware TechnologiesTrojan BankerRAT TrojanBrazil

Ghimob: a Tétrade threat actor moves to infect mobile devices

Guildma, a threat actor that is part of the Tétrade family of banking trojans, has been working on bringing in new techniques, creating new malware and targeting new victims. Recently, their new creation, the Ghimob banking trojan, has been a move toward infecting mobile devices, targeting financial apps from banks, fintechs, exchanges and cryptocurrencies in Brazil, Paraguay, Peru, Portugal, Germany, Angola and Mozambique. Ghimob is a full-fledged spy in your pocket: once infection is completed, the hacker can access the infected device remotely, completing…

Security FeedsFinancial malwareFeaturedMiner

On the trail of the XMRig miner

As protection methods improve, the developers of miners have had to enhance their own creations, often turning to non-trivial solutions. Several such solutions (previously unseen by us) were detected during our analysis of the open source miner XMRig. How it all began: ransominer Alongside well-known groups that make money from data theft and ransomware (for example, Maze, which is suspected of the recent attacks on SK Hynix and LG Electronics), many would-be attackers are attracted by the high-profile successes of cybercrime. In terms of…

Security FeedsMalware StatisticsFinancial malwareInternet of ThingsFeaturedVulnerabilities and exploitsMalware reportsMinerApple MacOSVulnerability StatisticsTrojan-Dropper

IT threat evolution Q2 2020. PC statistics

IT threat evolution Q2 2020. Review IT threat evolution Q2 2020. Mobile statistics These statistics are based on detection verdicts of Kaspersky products received from users who consented to provide statistical data. Quarterly figures According to Kaspersky Security Network, in Q2: Kaspersky solutions blocked 899,744,810 attacks launched from online resources in 191 countries across the globe. As many as 286,229,445 unique URLs triggered Web Anti-Virus components. Attempted infections by malware designed to steal money via online access to bank accounts were logged on the…

Security FeedsAPTFinancial malwareAPT reportsFeaturedTargeted AttacksLazarusTurlaRussian-speaking cybercrimeChinese-speaking cybercrime

APT trends report Q2 2020

For more than three years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. The summaries are based on our threat intelligence research and provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports. They are designed to highlight the significant events and findings that we feel people should be aware of. This is our latest installment, focusing on activities that we observed during…

Security FeedsMalware StatisticsFinancial malwareFeaturedCybercrimeMalware TechnologiesMalware reportsTrojan BankerBrazil

The Tetrade: Brazilian banking malware goes global

Introduction Brazil is a well-known country with plenty of banking trojans developed by local crooks. The Brazilian criminal underground is home to some of the world’s busiest and most creative perpetrators of cybercrime. Like their counterparts’ in China and Russia, their cyberattacks have a strong local flavor, and for a long time, they limited their attacks to the customers of local banks. But the time has come when they aggressively expand their attacks and operations abroad, targeting other countries and banks. The Tetrade is…

Security FeedsAPTFinancial malwareFeaturedTargeted AttacksGoogle AndroidMalware TechnologiesData leaksWatering hole attacksMalware reportsApple MacOSApple iOSStalkerwareDigital Certificates

IT threat evolution Q1 2020

Targeted attacks and malware campaigns Operation AppleJeus: the sequel In 2018, we published a report on Operation AppleJeus, one of the more notable campaigns of the threat actor Lazarus, currently one of the most active and prolific APT groups. One notable feature of this campaign was that it marked the first time Lazarus had targeted macOS targets, with the group inventing a fake company in order to deliver its manipulated application and exploit the high level of trust among potential victims. Our follow-up research…

Security FeedsMalware StatisticsFinancial malwareInternet of ThingsFeaturedVulnerabilities and exploitsGoogle AndroidMobile MalwareMalware reportsMinerTrojan BankerApple MacOSVulnerability Statistics

IT threat evolution Q1 2020. Statistics

These statistics are based on detection verdicts for Kaspersky products received from users who consented to providing statistical data. Quarterly figures According to Kaspersky Security Network, Kaspersky solutions blocked 726,536,269 attacks launched from online resources in 203 countries across the globe. A total of 442,039,230 unique URLs were recognized as malicious by Web Anti-Virus components. Attempted infections by malware designed to steal money via online access to bank accounts were logged on the computers of 249,748 unique users. Ransomware attacks were defeated on the…

Security FeedsMalware DescriptionsMalware StatisticsFinancial malwareFeaturedTargeted AttacksMalware reportsATM attacks

A look at the ATM/PoS malware landscape from 2017-2019

From remote administration and jackpotting, to malware sold on the Darknet, attacks against ATMs have a long and storied history.  And, much like other areas of cybercrime, attackers only refine and grow their skillset for infecting ATM systems from year-to-year. So what does the ATM landscape look like as of 2020? Let’s take a look. The world of ATM/PoS malware ATM attacks aren’t new, and that’s not surprising. After all, what is one of the primary motives driving cyber criminals? Money. And ATMs are…