Analysis

English

Calendar Discussions Polls

RSS feeds Subscriptions Contacts

Log in

Search

The Internet threat alert status is currently normal. At present, no major epidemics or other serious incidents have been recorded by Kaspersky Lab’s monitoring service.

Internet threat level: 1

Read us on

Home→Analysis→Targeted Attacks

All threats

Author search

2013

Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec

What we
detect

Spam and
phishing

Vulnerabilities
and hackers

Internal
threats

Article type:

Internal Threats Reports [6] Kaspersky Security Bulletin [40] Malware Evolution Monthly [9] Monthly Malware Statistics [157] Monthly Spam Reports [57] Quarterly Malware Reports [23] Quarterly Spam Reports [17] User Advice [1]

Tags:

Botnets [18] Duqu [4] Flame [2] Flashfake [1] Gauss [2] Instant Messengers [7] Internet Banking [8] Madi [1] Malware Miscellany [1] Mobile Malware [28] Proactive Protection [2] Ransomware [7] Security technology [2] Social Networks [5] Stuxnet [3] Wardriving [12] Wi-Fi [11] Wiper [1] ZeuS [1]

show all tags

Apr 11 2013

Winnti. More than just a game

The study shed light on the activities of a group that has persistently targeted online gaming companies for several years.

Jan 17 2013

“Red October”. Detailed Malware Description 1. First Stage of Attack

Based on the analysis of known cases, we identified two main ways through which Backdoor.Win32.Sputnik infects the victims

Jan 17 2013

“Red October”. Detailed Malware Description 2. Second Stage of Attack

Most of the tasks are provided as one-time PE DLL libraries that are received from the server, executed in memory and then immediately discarded

Jan 17 2013

“Red October”. Detailed Malware Description 3. Second Stage of Attack

The packer disrupts basic software breakpoints and some api hooking techniques, because it decrypts the original exe’s section contents onto heaps in-memory

Jan 17 2013

“Red October”. Detailed Malware Description 4. Second Stage of Attack

Files with the extension ".bak" are treated differently. They are decrypted using a custom AMPRNG algorithm with a hardcoded key, then decompressed using LZMA

Jan 17 2013

“Red October”. Detailed Malware Description 5. Second Stage of Attack

In the Device notification callback function, the module logs each connection and disconnection event. When a device is connected, it starts a new thread that manipulates this device

Jan 14 2013

"Red October" Diplomatic Cyber Attacks Investigation

In October 2012, Kaspersky Lab’s Global Research & Analysis Team initiated a new threat research after a series of attacks against computer networks of various international diplomatic service agencies

Aug 09 2012

Gauss: Abnormal Distribution

While analyzing the Flame malware that we detected in May 2012, Kaspersky Lab experts identified some distinguishing features of Flame's modules.

Jul 27 2012

The ‘Madi’ infostealers - a detailed analysis

On 17 July, we published a blog about Madi. Here is the follow up with a detailed analysis of the infostealer used in the campaign.

Oct 16 2009

“Brazil: a country rich in banking Trojans”

Anyone who has ever analyzed malware designed to steal data from online banking customers will agree that Brazil is one of the biggest sources of so-called banking Trojans.

Sep 17 2008

The Cybercrime Arms Race

Our society has evolved to the point where many if not most of us spend a significant portion of our lives online. In many ways, this online virtual world mirrors our real world. Criminals, who are an unfortunate but integral part of our social structure, quite naturally have also appeared in the virtual world.

Nov 29 2006

Computers, Networks and Theft: Part 2

Kaspersky Lab presents the second part of its report on theft in networks, focusing on organizations

© 1997-2013 Kaspersky Lab ZAO. All Rights Reserved.
Industry-leading Antivirus Software.
Registered trademarks and service marks are the property of their respective owners.
The authors' opinions do not necessarily reflect the official positions of Kaspersky Lab.

kaspersky.com

securelist.com