Posts Written ByThreatRavens

The ScarCruft group (also known as APT37 or Temp.Reaper) is a nation-state sponsored APT actor. Recently, we had an opportunity to perform a deeper investigation on a host compromised by this group.

In this report we provide details on a malicious VBS implant distributed via MS Excel droppers and a fake “Kaspersky Update Agent” which we attribute to WIRTE APT who may be linked to Gaza Cybergang.

In Q3 2021, 9,599,519 malware, adware and riskware attacks on mobile devices were prevented.

WildPressure and LuminousMoth threat actors, FinSpy implants, zero-day vulnerabilities and PrintNightmare, threats for Linux and macOS in our review of Q3 2021.

PC threat statistics for Q3 2021 contain data on miners, encrypting ransomware, financial malware, and threats to Windows, macOS and IoT.

In recent years, we have observed various trends in the changing threat landscape for industrial enterprises. We can say with high confidence that many of these trends will not only continue, but gain new traction in the coming year.

The ScarCruft group (also known as APT37 or Temp.Reaper) is a nation-state sponsored APT actor. Recently, we had an opportunity to perform a deeper investigation on a host compromised by this group.

In this report we provide details on a malicious VBS implant distributed via MS Excel droppers and a fake “Kaspersky Update Agent” which we attribute to WIRTE APT who may be linked to Gaza Cybergang.