Zanubis is a sophisticated Android banking Trojan active since 2022, targeting Peruvian financial institutions. It masquerades as legitimate apps to trick users into granting accessibility permissions, enabling full device control.

Outlaw (also known as “Dota”) is a Perl-based crypto mining botnet that typically takes advantage of weak or default SSH credentials for its operations. Telemetry data showed victims across the US, Germany, Italy, Thailand, and more.

GOFFEE continued to launch targeted attacks against organizations in Russia, utilizing PowerTaskel, a non-public Mythic agent written in PowerShell, and introducing a new implant that researchers dubbed “PowerModul”.

In June 2022, Kaspersky researchers found a suspicious shellcode running in the memory of a system process. Based on their reconstruction of the infection chain, they determined that it originated from running an encoded PowerShell script as a task.

A newly discovered campaign related to the Bad Magic APT involved use of a modular framework dubbed CloudWizard. Its features include taking screenshots, microphone recording, keylogging, and more.

The threat actor targets government and diplomatic entities in the CIS. The few victims discovered in other regions (Middle East or Southeast Asia) turn out to be foreign representations of CIS countries, illustrating Tomiris’s narrow focus.

This threat cluster linked to the North Korean threat actor Lazarus is also known as Operation DreamJob or NukeSped. It's dubbed DeathNote after its malware payloads named Dn.dll or Dn64.dll.

The use of IPFS is not limited to mass mailing campaigns: it is used for complex targeted attacks too. Targeted phishing campaigns are much better prepared, normally focusing on specific persons within the company, not just random users.

In October 2022, Kaspersky researchers identified an active infection of government, agriculture, and transportation organizations located in the Donetsk, Lugansk, and Crimea regions.

To protect themselves from significant losses, cybercriminals use regulatory mechanisms, such as escrow services (aka middlemen, intermediaries, or guarantors), and arbitration.