Latest news with #CyberSecurityWeekend
Channel Post MEA
03-06-2025
- Business
- Channel Post MEA
Kaspersky Discovers Malware Targeting Fintech Platforms
At its annual Cyber Security Weekend for the Middle East, Turkiye and Africa (META) region, Kaspersky revealed the discovery of GriffithRAT – a new and highly sophisticated malware used in campaigns targeting fintech companies, online trading platforms, and Forex exchange services worldwide, with victims in the UAE, Egypt, Turkiye, and South Africa. Distributed via Skype and Telegram channels, GriffithRAT is typically disguised as files containing financial trend analysis or investment advice. These deceptive tactics target both organizations and individual traders who unknowingly download the malware. Once downloaded, it enables attackers to steal login credentials, capture screenshots/webcam stream, log keystrokes, and monitor user activity. The stolen data can be exploited in a variety of ways, ranging from gathering competitive business intelligence to tracking individuals or valuable assets – highlighting the broad potential for misuse. Kaspersky researchers have been monitoring GriffithRAT for over a year and link it to cyber mercenary operations, where threat actors are contracted by third parties to conduct targeted attacks – often driven by motives such as corporate espionage. This connection is reinforced by technical analysis, which shows strong similarities between GriffithRAT and DarkMe intrusions, a known remote access Trojan (RAT) commonly used in mercenary-led cyber campaigns. 'This discovery highlights the growing sophistication and commercialization of cyberthreats,' said Maher Yamout, Lead Security Researcher at Kaspersky. 'GriffithRAT is not the work of random hackers, it is a maintained piece of malware and part of a broader trend where cyber mercenaries are hired to collect sensitive information, often for financial or strategic advantage. The data harvested could offer visibility into the inner workings of major organizations, provide unethical competitive advantage, and may also be sold on the dark web. It is a reminder that in today's threat landscape, cybercrime is increasingly professional, targeted, and persistent.' To stay protected, Kaspersky advises individuals to: Be attentive to the files you download, check them with reputable cybersecurity software, such as Kaspersky Premium for individual users and Kaspersky Next for businesses, that helps detect complex threats, respond automatically, and manage security across all devices, networks, and cloud systems from one place. Be extra cautious when dealing with social media and instant messaging apps; hackers use such mediums to deliver malware in addition to the common phishing emails. Use Kaspersky Threat Intelligence to go beyond the malware and understand the threat actors behind it. By combining diverse data sources and expert research, the portal offers actionable insights – giving access to tactical, operational, and strategic intelligence to stay secure in a dynamic threat landscape. Improve your and your employees' security awareness on a regular basis and encourage safe practices, such as proper account protection. 0 0
Fintech News ME
03-06-2025
- Business
- Fintech News ME
Kaspersky Uncovers GriffithRAT Malware Targeting Global Fintech Sector
At its annual Cyber Security Weekend for the Middle East, Türkiye, and Africa (META) region, Kaspersky announced the discovery of GriffithRAT, a newly identified and sophisticated piece of malware. This tool has been used in cyber campaigns targeting fintech firms, online trading platforms, and foreign exchange services across the globe, with confirmed victims in the UAE, Egypt, Türkiye, and South Africa. The malware is distributed via Skype and Telegram, typically disguised as documents containing financial trend analyses or investment advice. These deceptive files are aimed at both corporate entities and individual traders, who may unknowingly install the malware. Once active on a device, GriffithRAT enables attackers to extract login credentials, take screenshots or webcam footage, record keystrokes, and monitor user activity. This information can then be exploited for various purposes, including corporate espionage and the tracking of individuals or valuable assets. Kaspersky researchers have been monitoring GriffithRAT for over a year and believe it is associated with cyber mercenary activity, where threat actors are contracted to carry out targeted attacks, often with financial or strategic motives. Technical analysis shows notable similarities between GriffithRAT and previous intrusions involving DarkMe, a known remote access trojan commonly used in mercenary-led cyber operations. 'This discovery highlights the growing sophistication and commercialisation of cyberthreats,' said Maher Yamout, Lead Security Researcher at Kaspersky. 'GriffithRAT is not the work of random hackers, it is a maintained piece of malware and part of a broader trend where cyber mercenaries are hired to collect sensitive information, often for financial or strategic advantage. The data harvested could offer visibility into the inner workings of major organisations, provide unethical competitive advantage, and may also be sold on the dark web. It is a reminder that in today's threat landscape, cybercrime is increasingly professional, targeted, and persistent.' To mitigate risks, Kaspersky recommends individuals exercise caution when downloading files, particularly from messaging platforms and social media, and to verify them with reliable cybersecurity tools. Users and organisations are encouraged to improve their awareness of cyber threats through regular training and to adopt safe digital practices, such as securing accounts with strong authentication measures. Additionally, tools like Kaspersky Threat Intelligence may help organisations better understand not just the malware, but the actors behind it, by offering access to a broad range of intelligence insights.
Express Tribune
24-05-2025
- Business
- Express Tribune
Pakistan among least affected by web threats
Listen to article At its annual Cyber Security Weekend for the Middle East, Turkiye and Africa (META) region, the Kaspersky Global Research and Analysis Team presented cybersecurity trends, including ransomware, advanced persistent threats (APTs), supply chain attacks, mobile threats, artificial intelligence and IoT developments. The first quarter of 2025 showed that Turkiye and Kenya had the highest number of users affected by web incidents (online threats). They were followed by Qatar, Nigeria and South Africa. Saudi Arabia had the lowest while Pakistan had the second lowest share of users attacked by web-born threats in the META region. Kaspersky experts constantly track highly sophisticated attacks. Specifically, they are monitoring 25 APT groups currently active in the META region, including well-known ones such as SideWinder, Origami Elephant and MuddyWater. The rise of creative exploits for mobile and the further development of techniques aimed at evading detection are among the trends Kaspersky is seeing in these targeted attacks. Ramsomware remains one of the most destructive cyberthreats. According to Kaspersky data, the share of users affected by ransomware attacks increased 0.02 percentage point to 0.44% from 2023 to 2024 globally. In the Middle East, the growth is 0.07 percentage point to 0.72%, in Africa, there was a 0.01-percentage-point growth to 0.41% while Turkiye has a zero-percentage-point growth to 0.46%. Attackers often don't distribute this type of malware on a mass scale, but prioritise high-value targets. In 2025, ransomware is expected to evolve by exploiting unconventional vulnerabilities. The proliferation of large language models (LLMs) tailored for cybercrime will further amplify the ransomware's reach and impact. "Ransomware is one of the most pressing cybersecurity threats facing organisations today, with attackers targeting businesses of all sizes and across every region, including META. Ransomware groups continue to evolve by adopting techniques, such as developing cross-platform ransomware, embedding self-propagation capabilities and even using zero-day vulnerabilities that were previously affordable only for APT actors," said Sergey Lozhkin, Head of META and APAC regions in the Global Research and Analysis Team at Kaspersky.
