9 matches found
Signal in the noise: what hashtags reveal about hacktivism in 2025
What do hacktivist campaigns look like in 2025? To answer this question, we analyzed more than 11,000 posts produced by over 120 hacktivist groups circulating across both the surface web and the dark web, with a particular focus on groups targeting MENA countries. The primary goal of our research...
China-Linked APT Aquatic Panda: 10-Month Campaign, 7 Global Targets, 5 Malware Families
The China-linked advanced persistent threat APT group known as Aquatic Panda has been linked to a "global espionage campaign" that took place in 2022 targeting seven organizations. These entities include governments, Catholic charities, non-governmental organizations NGOs, and think tanks across...
Trojanized Game Installers Deploy Cryptocurrency Miner in Large-Scale StaryDobry Attack
Users who are on the lookout for popular games were lured into downloading trojanized installers that led to the deployment of a cryptocurrency miner on compromised Windows hosts. The large-scale activity has been codenamed StaryDobry by Russian cybersecurity company Kaspersky, which first detect...
Russia’s Most Notorious Special Forces Unit Now Has Its Own Cyber Warfare Team
Unit 29155 of Russia’s GRU military intelligence agency—a team responsible for coup attempts, assassinations, and bombings—has branched out into brazen hacking operations with targets across the world...
StrongPity Hackers Distribute Trojanized Telegram App to Target Android Users
The advanced persistent threat APT group known as StrongPity has targeted Android users with a trojanized version of the Telegram app through a fake website that impersonates a video chat service called Shagle. "A copycat website, mimicking the Shagle service, is used to distribute StrongPity's...
Fodcha DDoS Botnet Resurfaces with New Capabilities
The threat actor behind the Fodcha distributed denial-of-service DDoS botnet has resurfaced with new capabilities, researchers reveal. This includes changes to its communication protocol and the ability to extort cryptocurrency payments in exchange for stopping the DDoS attack against a target,...
Windows 0-Days Used Against Dissidents in Israeli Broker’s Spyware
A set of unique spyware strains created by an Israeli firm and allegedly used by governments around the world to surveil dissidents has been defanged by Microsoft, the software giant said. The private company, called variously Candiru, Grindavik, Saito Tech and Taveta and dubbed “Sourgum” by...
Threat Landscape for Industrial Automation Systems in H1 2018
For many years, Kaspersky Lab experts have been uncovering and researching cyberthreats that target a variety of information systems – those of commercial and government organizations, banks, telecoms operators, industrial enterprises, and individual users. In this report, Kaspersky Lab Industria...
10 Year Poseidon APT Group Identified As First Portuguese Speaking Campaign
TENERIFE, Spain–For more than 10 years, attackers have carried out a series of covert attacks on firms worldwide and capitalized on that connection by coercing the companies into a phony business relationship where they can further steal data. Experts with Kaspersky Lab’s Global Research and...