Press Releases
October 27, 2025 Kaspersky Global Research and Analysis Team (GReAT) has uncovered evidence linking the HackingTeam successor, Memento Labs, to a new wave of cyberespionage attacks. The discovery stems from an investigation into Operation ForumTroll, an Advanced...
October 21, 2025 Kaspersky’s Global Research and Analysis Team (GReAT) have uncovered an ongoing cyberespionage PassiveNeuron campaign, that targets Windows Server systems in government, financial and industrial organizations across Asia, Africa and Latin America....
September 16, 2025 Between June and August 2025, Kaspersky’s Global Research and Analysis Team (GReAT) identified a new wave of attacks carried out by RevengeHotels, also known as TA558, a threat group which has been active since 2015. In this campaign, the group...
August 26, 2025 Kaspersky Threat Research has identified new attacks by the Russian-speaking ransomware group OldGremlin in early 2025, signaling the return of an operation that targets manufacturing, healthcare, retail and technology firms and once demanded nearly...
August 19, 2025 Kaspersky’s Global Research and Analysis Team (GReAT) has uncovered GodRAT — a new Remote Access Trojan distributed via malicious screensaver files disguised as financial documents and delivered through Skype messenger until March 2025, subsequently...
September 9, 2024 A previously unknown version of the Loki backdoor that has been used in a series of targeted attacks against at least 12 Russian companies has been identified by Kaspersky experts. The incursions occurred across various industries, including...
August 1, 2024 Kaspersky’s Global Research and Analysis Team (GReAT) has published a report describing the recent ransomware attacks with the use of leaked code. This research sheds light on the tools and methods utilized by both organized ransomware groups and...
July 8, 2024 Kaspersky’s Global Research and Analysis Team (GReAT) has uncovered a new Advanced Persistent Threat (APT) group, dubbed CloudSorcerer, which has been actively targeting Russian government entities. This sophisticated cyberespionage tool exploits...
June 25, 2024 Ahead of International SMB Day on 27 June, a new Kaspersky report reveals that the number of infections experienced by the sector has risen by 5% over the first quarter of 2024, compared to the same period last year. The number of users who...
May 8, 2024 Ransomware remains a formidable cybersecurity threat, impacting organizations and individuals globally. With the rise of targeted ransomware groups, Kaspersky's latest research uncovers a concerning trend: every third cyber incident in 2023 was...
May 6, 2024 Kaspersky has released its annual Financial Threats Report for 2023, offering a detailed analysis of the evolving financial cyberthreat landscape. The report reveals significant increases in mobile banking malware and cryptocurrency-related...
March 20, 2024 Three new dangerous Android malware variants have been analyzed by Kaspersky researchers. The Tambir, Dwphon, and Gigabud malicious programs exhibit diverse features, ranging from downloading other programs and credential theft to bypassing...
February 8, 2024 A new sophisticated banking Trojan that steals sensitive financial information and introduces advanced tactics to avoid detection has been discovered by Kaspersky's Global Research and Analysis Team (GReAT). Dubbed 'Coyote,' this malware relies on...
December 13, 2023 Kaspersky's Global Research and Analysis Team (GReAT) has uncovered the emergence of three cross-platform threats, and reveals three new strategies being employed by cybercriminals using the FakeSG campaign, Akira ransomware, and AMOS macOS stealer...
October 18, 2023 Kaspersky's Global Research and Analysis Team (GReAT) and Industrial Control Systems Cyber Emergency Response Team (ICS CERT) have unveiled significant developments in the cyber espionage activities targeting Eastern European industrial companies...
October 12, 2023 Cybersecurity researchers at Kaspersky have uncovered significant developments in the activities of the ToddyCat Advanced Persistent Threat (APT) group, shedding light on the group's evolving strategies and introducing a fresh set of loaders...
September 11, 2023 Kaspersky has unveiled research into the activities of the notorious ransomware group known as Cuba. This cybercriminal gang has recently deployed malware that evaded advanced detection, and targeted organizations worldwide, leaving a trail of...
August 3, 2023 Kaspersky's new report uncovers intricate infection tactics of malware strains DarkGate, Emotet, and LokiBot. Amid DarkGate's unique encryption and Emotet's robust comeback, LokiBot exploits persist, illustrating the ever-advancing cybersecurity...
July 20, 2023 Kaspersky has recently concluded an investigation into cyber attacks targeting the industrial sector in Eastern Europe. The investigation has revealed the employment of advanced tactics, techniques, and procedures (TTPs) by threat actors to...
June 28, 2023 During an in-depth malware investigation into the activities of Andariel, a notorious subgroup of Lazarus, Kaspersky researchers discovered a new malware family called EarlyRat, being used alongside Andariel’s known utilization of the DTrack malware...
June 22, 2023 LockBit, one of the world’s most prolific ransomware groups, has recently upgraded its operations with enhanced multiplatform functionality, according to cybersecurity experts at Kaspersky. LockBit gained notoriety for its relentless targeting of...
June 12, 2023 Kaspersky has discovered a new sophisticated multi-stage attack campaign targeting cryptowallets in Europe, USA and Latin America. The attack involves the DoubleFinger loader, a complex crimeware that deploys the GreetingGhoul cryptocurrency stealer...
April 13, 2023 Cybercriminals continuously develop their skills and tools, looking for new ways to compromise individuals and companies. Kaspersky has explored uncommon infection methods used by attackers in its recent Securelist blogpost. Alongside other...
April 12, 2023 Kaspersky recently investigated the DeathNote, one of clusters that belong to the infamous Lazarus group. DeathNote has transformed drastically over the years, beginning in 2019 with attacks on cryptocurrency-related businesses worldwide. By the end...