Kaspersky uncovers Efimer trojan delivered via phishing emails
The malware was particularly impactful in Brazil, affecting around 1,500 victims. These attacks also targeted users in India, Spain, Russia, Italy, and Germany.
Kaspersky has discovered a rapidly escalating malicious campaign targeting corporate users with Efimer — a trojan designed to steal and replace cryptocurrency wallet addresses. Initial versions of Efimer appeared in October 2024 and were distributed through compromised WordPress websites. However, in June 2025, the malware began spreading via phishing emails as well. Disguised as a legal firm, the attackers send emails threatening recipients with lawsuits over alleged domain name patent violations to trick them into downloading the malware. This approach allows Efimer to build its own malicious infrastructure and continue spreading to new devices.
'This Trojan is notable for its dual approach, to spreading — targeting both individual users and corporate environments with different tactics. For private users, attackers use torrent files pretending to be popular movies to lure victims, while in corporate settings, they rely on fraudulent emails containing legal threats. Crucially, in both cases, compromise only occurs if the user actively downloads and executes the malicious file,' explains Artyom Ushkov, threat researcher at Kaspersky.
Kaspersky recommends corporate and individual users:
Refrain from downloading torrent files from unknown or untrusted sources.
Recipients should carefully verify the legitimacy of email senders and ensure antivirus databases are regularly updated.
Avoid clicking on links or opening attachments in unsolicited or spam emails to reduce the risk of malware infection.
Stick to best practice including regular software updates, enforcing strong passwords and two-factor authentication, as well as continuous monitoring for signs of compromise.
Install a trusted security solution and follow its recommendations. Secure solutions will solve the majority of problems automatically and send alerts.
For developers and website administrators: implementing robust security measures to protect their infrastructure from unauthorised access and malware propagation is essential.
Find the full report on Securelist.com.
Image Credit: Kaspersky
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Tahawul Tech
24 minutes ago
- Tahawul Tech
Kaspersky shares tips for safer remote working
It is holiday season in many parts of the world, these days, though, going on holiday does not always mean turning back on office life – hybrid work cuts both ways. Today's widespread connectivity—available at airports, train stations, restaurants, hotels, and most indoor public spaces—makes staying connected easier than ever, with free Wi-Fi in many locations and reliable 4G or 5G coverage elsewhere, facilitating a seamless blend of work and leisure even while on holiday. This increase in connectivity among travellers has not gone unnoticed by cyber criminals. Kaspersky experts analysed nearly 25,000 free Wi-Fi spots in Paris ahead of the Summer Olympic Games and Paralympic Games. The analysis revealed that almost 25% of these networks had weak or no encryption, making users vulnerable to personal and banking data theft. Travelers often have their guard down. The unfamiliar surroundings of a new location or a different language can throw up a useful smokescreen for a cyberattack, meaning additional care needs to be taken when logging on. Fortunately, a few smart tools and habits can help you stay protected while enjoying the flexibility of remote work. Use a VPN for secure connections A VPN is one of the most effective ways to safeguard users' online activity, especially when working from unfamiliar locations. By encrypting internet traffic, a VPN ensures that hackers can't intercept sensitive data like login credentials or financial details. This is particularly important when accessing work emails or company files on public Wi-Fi, where cybercriminals often lurk. Switch to an eSIM for reliable, secure mobile data Another useful digital tool that provides a seamless way to stay connected using local mobile networks with no physical SIM card required is the eSIM. This is a game-changer for international travellers who want to avoid sky-high roaming charges or the hassle of hunting down temporary SIM cards in foreign countries. With an eSIM, a user can download a local data plan before you even arrive at your destination, ensuring instant connectivity the moment you land. This eliminates the need to rely on unsecured Wi-Fi hotspots, significantly reducing your exposure to cyber threats. Plus, many eSIM providers allow you to manage multiple profiles on a single device, making it easy to switch between work and personal data plans without juggling multiple phones. Services like Kaspersky eSIM Store enables users to purchase and activate data plans in advance, track usage and top up as needed, all from a single app. Enable two-factor authentication (2FA) When traveling, people often leave devices unattended. To protect against unwanted people logging in, travellers should ensure two-factor authentication (2FA) is enabled on all critical accounts and that passwords are used all devices. Final tips for a secure summer workcation Even with a VPN, eSIM and 2FA in place, your devices still need strong defences against malware, phishing scams and ransomware. Cybercriminals often target remote workers who may let their guard down while traveling, making real-time protection essential. Modern antivirus software does more than just scan for viruses, it actively blocks malicious downloads, warns you about phishing attempts and even secures your passwords and financial data. For the most robust security, consider a solution like Kaspersky Premium, which combines antivirus protection, a VPN and password management into a single, easy-to-use package. By combining a VPN, eSIM and strong antivirus, you can work from anywhere with confidence, whether you're sending emails from a poolside or joining a video call from a festival tent. For more expert advice on remote work safety, explore Kaspersky's Remote Work Security Guide. Image Credit: Stock Image
Zawya
2 hours ago
- Zawya
Ecodrisil launches Carbon Xpress solution to fast-track emission data capture and reporting
Dubai, UAE: Travanleo, a leading ESG and sustainability technology company with offices in the UAE and India, today announced the launch of Carbon Xpress, a purpose-built solution on its flagship platform Ecodrisil ESG Xpress, for enterprises that need to quickly capture, compute, and report greenhouse gas (GHG) emissions. Designed to simplify and accelerate emission disclosures, Carbon Xpress enables organizations to respond swiftly to RFPs, supplier qualification programs, investor queries, and climate-linked financing needs. The solution empowers teams to generate audit-ready carbon reports aligned with globally recognized standards without the complexity, manual effort, or delays typically involved in ESG processes. 'Many enterprises face urgent requests for carbon data, whether during bidding for large contracts, supplier assessments, or while securing green financing. Carbon Xpress addresses this very need with speed, accuracy, and compliance,' said Mr. Sandeep Nair, Global Business Head at Ecodrisil. He added 'With Carbon Xpress, we enable organizations to act decisively, present credible climate data, and build trust with stakeholders'. Powered by ESGAI® – Making Carbon Reporting Simpler and Smarter Carbon Xpress is powered by ESGAI®, Ecodrisil's natively integrated AI Co-pilot, which simplifies the entire lifecycle of carbon emission reporting, from data collection to validation and automated report curation and drafting. This ensures faster turnaround and higher confidence in disclosures, even under tight timelines. Key Features of Carbon Xpress Quick Data Onboarding: Guided workflows for rapid emission data collection from internal systems and value chain partners Automated Computation: Built-in emission factors and calculators across Scope 1, 2, and select Scope 3 categories Standards-Aligned Reports: Generate reports aligned with GHG Protocol, CDP, and other investor-preferred frameworks Export-Ready Outputs: Submission-ready documents tailored for RFPs, due diligence, or regulatory filings Early Momentum and Industry Use Cases Carbon Xpress is already seeing traction across sectors. Current implementations include: A global technology company headquartered in Europe, is using Carbon Xpress to generate Scope 1 and 2 emission disclosures as part of a high-value RFP submission. A leading chemical manufacturing group in the GCC region, integrating the solution to meet growing supplier evaluation and ESG scoring requirements from international buyers. Both companies selected Carbon Xpress for its ability to deliver rapid, standards-compliant reporting within tight timelines, with implementations currently underway. For more information, please visit: About Ecodrisil Ecodrisil ESG Xpress is an AI-powered integrated platform that simplifies and automates sustainability, ESG, and emissions management for enterprises at any stage of their journey. By unifying data, streamlining workflows, and replacing manual processes, it enables faster and more accurate ESG reporting and emissions reduction. The platform is trusted by 20+ organizations and built by Travanleo Info Solutions, a company with over a decade of expertise in Cloud, AI, and sustainability software.
Zawya
4 hours ago
- Zawya
Tech Mahindra and Coresight Research release report highlighting key global trends for building the 'Store of the Future'
Pune – Tech Mahindra (NSE: TECHM), a leading global provider of technology consulting and digital solutions to enterprises across industries, in collaboration with Coresight Research, a leading research and advisory firm specializing in retail and technology, unveiled a global survey report titled ' Store of the Future: Unlocking Performance Through Innovation.' The report provides timely, data-backed insights into how retailers are modernizing their in-store operations by focusing on unifying the shopper journey, enhancing the shopper experience, optimizing labor productivity, and maximizing store sales - the four pillars of building the 'Store of the Future.' The report defines the store of the future as a technology-enabled, data-integrated retail environment designed to elevate customer journey while driving back-end efficiency. Based on a survey of 360 retail decision-makers across North America and Europe, the findings highlight how leading retailers are turning to technology to solve core operational challenges, from ineffective store management to inventory inaccuracies - with 92% actively investing in tools to enhance in-store operations. Sampath Saagi, Head of Diverse Industry Verticals Group (DIG), Americas, Tech Mahindra, said, 'The 'Store of the Future' is more than just a connected space, it's a dynamic, data-driven environment where seamless customer experiences meet operational efficiency. This report envisions equipping retailers with actionable insights and a practical roadmap to navigate their transformation journey - helping them identify where to invest, improve store performance, and deliver greater value to customers. Through our collaboration with Coresight Research, we aim to empower the industry with data-led strategies for building smarter, future-ready stores.' Key findings highlight an industry in transition: 92% of retailers are actively investing in technologies to boost in-store operations. 84% of respondents acknowledge persistent operational inefficiencies that affect margins and revenue. Enhancing shopper experience emerged as the top priority for 40% of retailers building future-ready stores. 57% are investing in advanced data analytics, making it the most widely adopted technology, while automated inventory tracking is seen as the most critical need. Retailers anticipate that technology will drive benefits, including improved product availability, greater automation, and real-time data insights. Automated inventory tracking is viewed as the most critical capability for future store operations. The top three benefits of technology adoption are greater product availability, increased automation, and access to real-time data. The report outlines that despite widespread optimism towards technologies, challenges remain, such as high implementation costs and data security concerns, that continue to slow adoption, underscoring the need for a phased, strategic approach to digital transformation. Deborah Weinswig, CEO and Founder of Coresight Research, said, 'Building the 'Store of the Future' goes beyond deploying isolated technologies; it requires a clear understanding of core operational challenges and a cohesive blueprint to solve them. Success hinges on aligning investments with both near-term performance goals and long-term scalability to create a true competitive edge.' The report provides global retailers a roadmap for building scalable, secure, and future-ready retail environments – 'Store of the Future.' For more information about Tech Mahindra's retail solutions, click here About Coresight Research Coresight Research is a research and advisory firm specializing in retail and technology. Established in 2018 by leading global retail analyst Deborah Weinswig, the firm is headquartered in New York, with offices in London, Lagos, Hong Kong, Shanghai and Mangalore (India). The firm provides data-driven analysis and strategic advisory to clients including retailers, brands, real estate owners, enterprise technology companies, accelerators and more. For more information, please visit About Tech Mahindra Tech Mahindra (NSE: TECHM) offers technology consulting and digital solutions to global enterprises across industries, enabling transformative scale at unparalleled speed. With 148,000+ professionals across 90+ countries helping 1100+ clients, Tech Mahindra provides a full spectrum of services including consulting, information technology, enterprise applications, business process services, engineering services, network services, customer experience & design, AI & analytics, and cloud & infrastructure services. It is the first Indian company in the world to have been awarded the Sustainable Markets Initiative's Terra Carta Seal, which recognizes global companies that are actively leading the charge to create a climate and nature-positive future. Tech Mahindra is part of the Mahindra Group, founded in 1945, one of the largest and most admired multinational federation of companies. For more information on how TechM can partner with you to meet your Scale at Speed™ imperatives, please visit Our Social Media Channels For more information on Tech Mahindra, please contact: Abhilasha Gupta, Global Head – Corporate Communications & Public Affairs, Tech Mahindra Email: ;
