Latest news with #MaherYamout


Channel Post MEA
03-06-2025
- Business
- Channel Post MEA
Kaspersky Discovers Malware Targeting Fintech Platforms
At its annual Cyber Security Weekend for the Middle East, Turkiye and Africa (META) region, Kaspersky revealed the discovery of GriffithRAT – a new and highly sophisticated malware used in campaigns targeting fintech companies, online trading platforms, and Forex exchange services worldwide, with victims in the UAE, Egypt, Turkiye, and South Africa. Distributed via Skype and Telegram channels, GriffithRAT is typically disguised as files containing financial trend analysis or investment advice. These deceptive tactics target both organizations and individual traders who unknowingly download the malware. Once downloaded, it enables attackers to steal login credentials, capture screenshots/webcam stream, log keystrokes, and monitor user activity. The stolen data can be exploited in a variety of ways, ranging from gathering competitive business intelligence to tracking individuals or valuable assets – highlighting the broad potential for misuse. Kaspersky researchers have been monitoring GriffithRAT for over a year and link it to cyber mercenary operations, where threat actors are contracted by third parties to conduct targeted attacks – often driven by motives such as corporate espionage. This connection is reinforced by technical analysis, which shows strong similarities between GriffithRAT and DarkMe intrusions, a known remote access Trojan (RAT) commonly used in mercenary-led cyber campaigns. 'This discovery highlights the growing sophistication and commercialization of cyberthreats,' said Maher Yamout, Lead Security Researcher at Kaspersky. 'GriffithRAT is not the work of random hackers, it is a maintained piece of malware and part of a broader trend where cyber mercenaries are hired to collect sensitive information, often for financial or strategic advantage. The data harvested could offer visibility into the inner workings of major organizations, provide unethical competitive advantage, and may also be sold on the dark web. It is a reminder that in today's threat landscape, cybercrime is increasingly professional, targeted, and persistent.' To stay protected, Kaspersky advises individuals to: Be attentive to the files you download, check them with reputable cybersecurity software, such as Kaspersky Premium for individual users and Kaspersky Next for businesses, that helps detect complex threats, respond automatically, and manage security across all devices, networks, and cloud systems from one place. Be extra cautious when dealing with social media and instant messaging apps; hackers use such mediums to deliver malware in addition to the common phishing emails. Use Kaspersky Threat Intelligence to go beyond the malware and understand the threat actors behind it. By combining diverse data sources and expert research, the portal offers actionable insights – giving access to tactical, operational, and strategic intelligence to stay secure in a dynamic threat landscape. Improve your and your employees' security awareness on a regular basis and encourage safe practices, such as proper account protection. 0 0


Fintech News ME
03-06-2025
- Business
- Fintech News ME
Kaspersky Uncovers GriffithRAT Malware Targeting Global Fintech Sector
At its annual Cyber Security Weekend for the Middle East, Türkiye, and Africa (META) region, Kaspersky announced the discovery of GriffithRAT, a newly identified and sophisticated piece of malware. This tool has been used in cyber campaigns targeting fintech firms, online trading platforms, and foreign exchange services across the globe, with confirmed victims in the UAE, Egypt, Türkiye, and South Africa. The malware is distributed via Skype and Telegram, typically disguised as documents containing financial trend analyses or investment advice. These deceptive files are aimed at both corporate entities and individual traders, who may unknowingly install the malware. Once active on a device, GriffithRAT enables attackers to extract login credentials, take screenshots or webcam footage, record keystrokes, and monitor user activity. This information can then be exploited for various purposes, including corporate espionage and the tracking of individuals or valuable assets. Kaspersky researchers have been monitoring GriffithRAT for over a year and believe it is associated with cyber mercenary activity, where threat actors are contracted to carry out targeted attacks, often with financial or strategic motives. Technical analysis shows notable similarities between GriffithRAT and previous intrusions involving DarkMe, a known remote access trojan commonly used in mercenary-led cyber operations. 'This discovery highlights the growing sophistication and commercialisation of cyberthreats,' said Maher Yamout, Lead Security Researcher at Kaspersky. 'GriffithRAT is not the work of random hackers, it is a maintained piece of malware and part of a broader trend where cyber mercenaries are hired to collect sensitive information, often for financial or strategic advantage. The data harvested could offer visibility into the inner workings of major organisations, provide unethical competitive advantage, and may also be sold on the dark web. It is a reminder that in today's threat landscape, cybercrime is increasingly professional, targeted, and persistent.' To mitigate risks, Kaspersky recommends individuals exercise caution when downloading files, particularly from messaging platforms and social media, and to verify them with reliable cybersecurity tools. Users and organisations are encouraged to improve their awareness of cyber threats through regular training and to adopt safe digital practices, such as securing accounts with strong authentication measures. Additionally, tools like Kaspersky Threat Intelligence may help organisations better understand not just the malware, but the actors behind it, by offering access to a broad range of intelligence insights.


Business Recorder
30-05-2025
- Business
- Business Recorder
Highly sophisticated malware used in campaigns discovered
ISLAMABAD: A global cybersecurity company has discovered a new and highly sophisticated malware used in campaigns targeting fintech companies, online trading platforms and firms worldwide. According to the report released by Kaspersky on Thursday, distributed via Skype and Telegram channels, GriffithRAT is typically disguised as files containing financial trend analysis or investment advice. These deceptive tactics target both organizations and individual traders who unknowingly download the malware. Once downloaded, it enables attackers to steal login credentials, capture screenshots/webcam stream, log keystrokes, and monitor user activity. The stolen data can be exploited in a variety of ways, ranging from gathering competitive business intelligence to tracking individuals or valuable assets – highlighting the broad potential for misuse. Kaspersky researchers have been monitoring GriffithRAT for over a year and link it to cyber mercenary operations, where threat actors are contracted by third parties to conduct targeted attacks - often driven by motives such as corporate espionage. This connection is reinforced by technical analysis, which shows strong similarities between GriffithRAT and DarkMe intrusions, a known Remote Access Trojan (RAT) commonly used in mercenary-led cyber campaigns. 'This discovery highlights the growing sophistication and commercialization of cyberthreats,' said Maher Yamout, Lead Security Researcher at Kaspersky. 'GriffithRAT is not the work of random hackers, it is a maintained piece of malware and part of a broader trend where cyber mercenaries are hired to collect sensitive information, often for financial or strategic advantage. The data harvested could offer visibility into the inner workings of major organizations, provide unethical competitive advantage, and may also be sold on the dark web. It is a reminder that in today's threat landscape, cybercrime is increasingly professional, targeted, and persistent.' To stay protected, Kaspersky advises individuals to be attentive to the files you download, check them with reputable cybersecurity software, such as Kaspersky Premium for individual users and Kaspersky Next for businesses, that helps detect complex threats, respond automatically, and manage security across all devices, networks, and cloud systems from one place. Be extra cautious when dealing with social media and instant messaging apps; hackers use such mediums to deliver malware in addition to the common phishing emails. Copyright Business Recorder, 2025


Tahawul Tech
28-05-2025
- Business
- Tahawul Tech
Kaspersky uncovers sophisticated malware targeting online trading platforms
Kaspersky revealed the discovery of GriffithRAT – a new and highly sophisticated malware used in campaigns targeting fintech companies, online trading platforms, and Forex exchange services worldwide, with victims in the UAE, Egypt, Turkiye, and South Africa. Distributed via Skype and Telegram channels, GriffithRAT is typically disguised as files containing financial trend analysis or investment advice. These deceptive tactics target both organisations and individual traders who unknowingly download the malware. Once downloaded, it enables attackers to steal login credentials, capture screenshots/webcam stream, log keystrokes, and monitor user activity. The stolen data can be exploited in a variety of ways, ranging from gathering competitive business intelligence to tracking individuals or valuable assets – highlighting the broad potential for misuse. Kaspersky researchers have been monitoring GriffithRAT for over a year and link it to cyber mercenary operations, where threat actors are contracted by third parties to conduct targeted attacks – often driven by motives such as corporate espionage. This connection is reinforced by technical analysis, which shows strong similarities between GriffithRAT and DarkMe intrusions, a known remote access Trojan (RAT) commonly used in mercenary-led cyber campaigns. 'This discovery highlights the growing sophistication and commercialisation of cyberthreats', said Maher Yamout, Lead Security Researcher at Kaspersky. 'GriffithRAT is not the work of random hackers, it is a maintained piece of malware and part of a broader trend where cyber mercenaries are hired to collect sensitive information, often for financial or strategic advantage. The data harvested could offer visibility into the inner workings of major organisations, provide unethical competitive advantage, and may also be sold on the dark web. It is a reminder that in today's threat landscape, cybercrime is increasingly professional, targeted, and persistent'. To stay protected, Kaspersky advises individuals to: Be attentive to the files you download, check them with reputable cybersecurity software, such as Kaspersky Premium for individual users and Kaspersky Next for businesses, that helps detect complex threats, respond automatically, and manage security across all devices, networks, and cloud systems from one place. Be extra cautious when dealing with social media and instant messaging apps; hackers use such mediums to deliver malware in addition to the common phishing emails. Use Kaspersky Threat Intelligence to go beyond the malware and understand the threat actors behind it. By combining diverse data sources and expert research, the portal offers actionable insights – giving access to tactical, operational, and strategic intelligence to stay secure in a dynamic threat landscape. Improve your and your employees' security awareness on a regular basis and encourage safe practices, such as proper account protection. Image Credit: Stock Image


Channel Post MEA
12-05-2025
- Business
- Channel Post MEA
Significant Rise In Targeted Ransomware Activity
Kaspersky experts have reported a significant rise in targeted ransomware activity at GISEC Global 2025, with the number of active ransomware groups increasing by 35% between 2023 and 2024 – reaching 81 groups globally. Despite this surge, the number of infected victims dropped by 8% during the same period, reaching an estimated 4,300 victims worldwide. The UAE, South Africa, Saudi Arabia, and Turkiye emerged as the most frequently targeted countries in the region. According to Kaspersky research of data leak sites of targeted ransomware groups, the number of ransomware groups continued to rise for the second consecutive year, despite two major disruptions targeting LockBit and BlackCat in 2024 – indicating that such attacks remain highly lucrative for cybercriminals. Targeted ransomware groups use techniques such as exploiting vulnerable internet-exposed services, social engineering, and leveraging traded initial access on the dark web to infiltrate victims. There is also growing evidence also suggests increased collaboration among these groups, including the exchange of malware and hacking tools to achieve their objectives. His Excellency Dr. Mohamed Al Kuwaiti, Head of Cybersecurity for the UAE Government, affirmed: 'In light of the accelerating pace of cyberattacks globally, it has become imperative to adopt proactive policies that leverage artificial intelligence and advanced analytics to detect threats and respond to them effectively'. He emphasized the importance of GISEC Global 2025 at this critical time and its role in bringing together cybersecurity experts, specialists, and leaders to showcase and discuss evolving threats. The event serves as a vital platform for enhancing collaboration and developing innovative, forward-looking solutions to ensure a secure cyber environment that supports sustainable development and the digital economy. Maher Yamout, Lead Security Researcher for the Middle East, Turkiye and Africa at Kaspersky, suggest some plans to protect institutions. He said: 'By identifying and securing your corporate network's entry points and understanding the tactics used by ransomware groups, companies can better protect their digital assets against targeted ransomware attacks. Failing to address both aspects, significantly increases a company's vulnerability.' To help organizations strengthen their defenses, Kaspersky recommends the following: Employee education and cybersecurity training is necessary as human error is a common cause for cybersecurity breach and can serve as an initial point of access for ransomware attacks. The Kaspersky Threat Intelligence is an essential tool which provides in-depth threat intelligence and real-time insights on the history, motivations and operations of targeted ransomware groups. In addition, Kaspersky's Digital Footprint Intelligence monitors external threats for companies' assets in Surface, Deep and Dark web, strengthening defense against credential leaks. Keep all devices and systems updated to prevent attackers from exploiting known vulnerabilities. Set up offline backups that intruders cannot misuse, and make sure you can access it quickly in an emergency. Kaspersky's multi-layered, next generation protection detects ransomware at both the delivery stage and execution stage of the attack. Kaspersky Next , which combines exploit prevention, behavior-based detection, and a powerful remediation engine capable of rolling back malicious actions. It also features built-in self-defense mechanisms to prevent tampering or removal by attackers. 0 0