The SolarWinds Hackers Shared Tricks With a Notorious Russian Spy Group

The SolarWinds Hackers Shared Tricks With a Notorious Russian Spy Group

On Monday morning Kaspersky published new evidence of technical similarities between malware used by the mysterious SolarWinds hackers, known by security industry names including UNC2452 and Dark Halo, and the well-known hacker group Turla, believed to be Russian in origin and also known by the names Venomous Bear and Snake.

A China-Linked Group Repurposed Hacking Team’s Stealthy Spyware

A China-Linked Group Repurposed Hacking Team’s Stealthy Spyware

The malware the Kaspersky researchers discovered uses its UEFI foothold to plant a second, more traditional piece of spyware on the computer's hard drive, a unique piece of code Kaspersky has called MosaicRegressor.

How Spies Snuck Malware Into the Google Play Store—Again and Again

How Spies Snuck Malware Into the Google Play Store—Again and Again

Unlike most of the shady apps found in Play Store malware, Kaspersky's researchers say, PhantomLance's hackers apparently smuggled in data-stealing apps with the aim of infecting only some hundreds of users; the spy campaign likely sent links to the malicious apps to those targets via phishing emails.

An Elite Spy Group Used 5 Zero-Days to Hack North Koreans

An Elite Spy Group Used 5 Zero-Days to Hack North Koreans

In just the last three years, Raiu says Kaspersky has found DarkHotel using three zero-day vulnerabilities beyond the five now linked to the group based on Google's blog post.

The Sneaky Simple Malware That Hits Millions of Macs

The Sneaky Simple Malware That Hits Millions of Macs

But given that over 100 million people use macOS, and it hits at least 10 percent of those with Kaspersky installed, it’s reasonable to assume that millions of Mac users deal with it every year.

Hacker Eva Galperin Has a Plan to Eradicate Stalkerware

Hacker Eva Galperin Has a Plan to Eradicate Stalkerware

Ahead of her talk, Galperin has notched her first win: Russian security firm Kaspersky announced today that it will make a significant change to how its antivirus software treats stalkerware on Android phones, where it's far more common than on iPhones.

ATM Hacking Has Gotten So Easy, the Malware's a Game

ATM Hacking Has Gotten So Easy, the Malware's a Game

(But at that point, ATM cyberthief, why would you?) “These people do have a sense of humor and some spare time.” Konstantin Zykov, Kaspersky Lab Kaspersky started tracking the WinPot family of malware back in March of last year, and in that time has seen a few technical versions on the theme.