Tag Archives: Global Research and Analysis Team

LuckyMouse Group is back and using a legitimate certificate to sign Malware

Kaspersky Lab: Chinese-speaking APT LuckyMouse is back

The Kaspersky Lab Global Research and Analysis Team (GReAT) has discovered several infections from a previously unknown Trojan, which is most likely related to the infamous Chinese-speaking threat actor – LuckyMouse.

hacker, cyber crime (Pixabay)

Kaspersky Lab 2018 Latest Threat Predictions: Supply chain attacks, high-end mobile malware to rise

This year, the world will see more legitimate software being poisoned by groups targeting wider victim profiles and geographies, with the added advantage that such attacks are extremely hard to spot and mitigate, according to Kaspersky Lab’s Targeted Threat Predictions for 2018.

Kaspersky Lab_Yury Namestnikov

Cyber-spy Groups are moving towards using supply chain attacks and legitimate tools to attack financial institutions, warns Kaspersky Lab

From spying, stealing, and leaking state, military, and trade secrets, cybersecurity researchers at Kaspersky Lab discovered that cybercriminals operating in the region now aim for monetary gain as they infect banks in APAC countries.

DSC_0084

Kaspersky Lab Researcher Creates Free Software Tool for Collecting Remote Evidence After Cyber-Attacks

To overcome the need for investigators to travel far and wide to gather evidence from infected computers after a cyberattack, a Kaspersky Lab expert has developed a simple tool that can remotely collect vital data without risk of its contamination or loss. Named BitScout, the tool can build a swiss-army knife for the remote forensic investigation of live systems and has been made freely available for all investigators to use.

Kaspersky Lab_Shamoon 2.0 and Stonedrill

From Shamoon to StoneDrill – Advanced New Destructive Malware Discovered in the Wild

Kaspersky Lab’s Global Research and Analysis Team has discovered a new sophisticated wiper malware, called StoneDrill. Just like another infamous wiper, Shamoon, it destroys everything on the infected computer.

Poseidon_Figure 2 copy copy

Kaspersky Lab Exposes the Poseidon Group: A Commercial Malware Boutique Operating on Land, Air and Sea

Kaspersky Lab’s Global Research and Analysis Team has announced the discovery of the Poseidon Group, an advanced threat actor active in global cyber-espionage operations since at least 2005. What makes the Poseidon Group stand out is that it’s a commercial entity, whose attacks involve custom malware digitally signed with rogue certificates deployed to steal sensitive data from victims to coerce them into a business relationship. In addition, the malware is designed to function specifically on English and Brazilian Portuguese Windows machines, a first for a targeted attack.

Adwind_Figure 1 copy copy

Adwind: Malware-as-a-Service Platform that Hit more than 400,000 Users and Organizations Globally

10 February 2016 Kaspersky Lab’s Global Research and Analysis Team has published extensive research on the Adwind RAT, a cross-platform, multifunctional malware program also known as AlienSpy, Frutas, Unrecom, Sockrat, JSocket and jRat, and which is distributed through a single malware-as-a-service platform. According to the results of the investigation, conducted between 2013 and 2016, different versions of the Adwind malware have been used in attacks against at least 443,000 private users, commercial and non-commercial organizations around the world. The platform and the malware are still active.