Security News

The first report, detailing desktop attacks, found that cryptomining malware has exploded in popularity, while the second report covering mobile devices, revealed that a popular Trojan targeting gamers has made the leap from PC to Android. Between February and March 2021, during which time the price of a single bitcoin increased by more than $10,000, the number of modified cryptomining malware found by Kaspersky experienced a similar jump with a fourfold increase over the course of the same time period.

Cybersecurity firm Kaspersky observed a drop in ransomware attacks on industrial control system computers in the second half of 2020, but it saw an increase in these types of attacks in developed countries. According to the company's Industrial Control System Threat Landscape report for H2 2020, globally, the percentage of ICS computers targeted with ransomware dropped from 0.63% in the first half of the year to 0.49% in the second half of 2020.

Kaspersky CEO Eugene Kaspersky has suggested that the end of the COVID-19 pandemic will bring a slowdown in cyber-crime. This theory was swiftly shot down by Australian infosec boffin, Dr. Greg Austin, a professor of Cyber Security, Strategy and Diplomacy at the University of New South Wales.

The security company found that 85% of workers spend up to five hours a week watching YouTube, listening to podcasts, or exercising during work hours. Mixing work and play might be a good thing if it breaks up the monotony of security monitoring, according to Kaspersky.

Kaspersky has released the results of research into fraud detected by its Fraud Prevention platform in 2020, and the results further reinforce what we already knew: 2020 was a banner year for online fraudsters, with account takeovers dominating as the method of choice. Occurring whenever a bad actor is able to steal login credentials and seize control of an online account, takeover attacks rose from 34% of fraud detected by Kaspersky in 2019 to 54% by the end of December 2020.

Kaspersky Lab reckons the SolarWinds hackers may have hailed from the Turla malware group, itself linked to Russia's FSB security service. Referring to the hidden backdoor secretly implanted in SolarWinds' Orion product, Kaspersky's Georgy Kucherin wrote in a blog post on Monday: "While looking at the Sunburst backdoor, we discovered several features that overlap with a previously identified backdoor known as Kazuar."

Researchers have identified some similarities between the Sunburst malware used in the SolarWinds supply chain attack and Kazuar, a backdoor that appears to have been used by the Russia-linked cyber-espionage group known as Turla. On Monday, Kaspersky reported finding an interesting link between the Sunburst malware delivered by the SolarWinds attackers and Kazuar, a.NET backdoor that has been around since at least 2015 and which was first detailed in 2017 by Palo Alto Networks.

A survey of gamers worldwide found that gamers deal with bullying and theft of in-game valuables in addition to identity theft. American gamers are at a higher risk for identity theft than gamers around the world, according to new research from security firm Kaspersky.

A trojan targeting Linux and deployed by a known ransomware gang has been discovered by Russian antivirus firm Kaspersky. The trojan was, so the two said, similar to the existing RansomEXX trojan, which they said had been deployed only last week against Brazil's courts, as well as targets in the US and elsewhere.

Russian antivirus maker Kaspersky has said it uncovered "Rogue UEFI firmware images" seemingly developed by black hats with links to China. The firm explained that UEFI firmware is "Typically shipped within SPI flash storage that is soldered to the computer's motherboard", and thus any malware injected into it is "Resistant to OS reinstallation or replacement of the hard drive." The technique shot to public prominence in 2015 when malware-for-governments purveyor Hacking Team was itself hacked, with details of its firmware-level spyware becoming public knowledge.