Threat Category: Web threats

Kaspersky GReAT experts discovered a new malicious implant: BrowserVenom. It enables a proxy in browsers like Chrome and Mozilla and spreads through a DeepSeek-mimicking phishing website.

The new Arcane stealer spreads via YouTube and Discord, collecting data from many applications, including VPN and gaming clients, network utilities, messaging apps, and browsers.

Kaspersky experts have discovered campaigns distributing stealers, malicious PowerShell scripts, and backdoors through web pages mimicking the DeepSeek and Grok websites.

Kaspersky researchers discovered GitVenom campaign distributing stealers and open-source backdoors via fake GitHub projects.

Kaspersky experts review Do Not Track (DNT) statistics for the most widely used web tracking services in 2023 and 2024 operated by companies like Google, Microsoft, etc.

Kaspersky experts found a new variant of the China Chopper web shell from the Tropic Trooper group that imitates an Umbraco CMS module and targets a government entity in the Middle East.

Kaspersky experts review their privacy predictions for 2023 and last year’s trends, and try to predict what privacy concerns and solutions are to come in 2024.

An overview of last year’s predictions for corporate and dark web threats and our predictions for 2024.

We created a list of companies worldwide from different industries and searched through Darknet trying to find out how likely these companies have suffered a breach, what kind of data leaked, and what to do with it.

Generative AI has become the trendiest technology of 2023. Kaspersky reviews AI-related security concerns, and implementations of this technology in cyberdefense and red teaming, and provides predictions for 2024.

Key statistics for 2023: ransomware, trojan bankers, miners and other financial malware, zero-day vulnerabilities and exploits, web attacks, threats for macOS and IoT.

Kaspersky experts review last year’s predictions on consumer cyberthreats and try to anticipate the trends for 2024.

As Black Friday approaches, Kaspersky analyzes phishing and spam activity around major sales events, and reviews statistics on online shopping threats in 2023.

We look at how user data privacy is handled by large language model-based chatbots: ChatGPT, Microsoft Bing, Google Bard, Anthropic Claude, You.com, and Bing.

In this report, we share our latest crimeware findings: the ASMCrypt cryptor/loader related to DoubleFinger, a new Lumma stealer and a new version of Zanubis Android banking trojan.

Reports

According to Kaspersky, Librarian Ghouls APT continues its series of attacks on Russian entities. A detailed analysis of a malicious campaign utilizing RAR archives and BAT scripts.

Kaspersky GReAT experts uncovered a new campaign by Lazarus APT that exploits vulnerabilities in South Korean software products and uses a watering hole approach.

MysterySnail RAT attributed to IronHusky APT group hasn’t been reported since 2021. Recently, Kaspersky GReAT detected new versions of this implant in government organizations in Mongolia and Russia.

Kaspersky researchers analyze GOFFEE’s campaign in H2 2024: the updated infection scheme, new PowerModul implant, switch to a binary Mythic agent.

Web threats

Toxic trend: Another malware threat targets DeepSeek

Arcane stealer: We want all your data

Trojans disguised as AI: Cybercriminals exploit DeepSeek’s popularity

The GitVenom campaign: cryptocurrency theft using GitHub

Web tracking report: who monitored users’ online activities in 2023–2024 the most

Tropic Trooper spies on government entities in the Middle East

Privacy predictions for 2024

Dark web threats and dark market predictions for 2024

What to do if your company was mentioned on Darknet?

Story of the year: the impact of AI on cybersecurity

Kaspersky Security Bulletin 2023. Statistics

Consumer cyberthreats: predictions for 2024

The dark side of Black Friday: decoding cyberthreats around the year’s biggest shopping season

ChatGPT at work: how chatbots help employees, but threaten business

A cryptor, a stealer and a banking trojan

Reports

Sleep with one eye open: how Librarian Ghouls steal data by night

Operation SyncHole: Lazarus APT goes back to the well

IronHusky updates the forgotten MysterySnail RAT to target Russia and Mongolia

GOFFEE continues to attack organizations in Russia

Subscribe to our weekly e-mails