Kaspersky: new Rhysida ransomware and two other unknown threats

A recent report by Kaspersky has highlighted some threats that worry computer security experts quite a bit.

We are talking, for example, about the fearsome ransomware Rhysida. This, detected through Kaspersky telemetry data in May and operates as Ransomware-as-a-Service (RaaS), acting through an exclusive self-elimination mechanism. This malicious agent is characterized by being compatible with Windows 10 and with previous versions of the operating system Microsoft.

Rhysida is written in C++ and compiled with MinGW and shared libraries, the ransomware has already demonstrated a high level of adaptability, as the cybercriminals running it have already updated and improved it over the past few months.

No less dangerous is the stealer Lumbera multipurpose malicious tool, first appeared online in July 2023.

This malware displays impressive features, such as the acquisition of Telegram sessionsil theft of passwords and cookiesas well as the file recovery from infected computers. Among all the functions, one of the most dangerous is undoubtedly Lumar’s ability to steal cryptocurrencies kept in crypto wallets.

From Rhysida to GoPIX: all the recent threats discovered by Kaspersky

The third malicious agent identified by Kaspersky is called GoPIX. We are talking about a malware which is attributed to a first campaign in December 2023 and which focuses on payment systems PIX (mostly used in Brazil).

Its strategy begins when users search for “WhatsApp web” on search engines and are faced with misleading ads. Improperly using tools to locate Real IP dai botGoPIX can only collect potential victims, limiting the risk of analysis by security experts.

The malware, designed to steal and manipulate transaction data, once infected the device, gains access to it using a command and control server.

Per Jornt van der WielSenior Security Researcher at Kaspersky GReAT “As financial cyber threats increase, our commitment to protecting digital ecosystems remains steadfast“.

The same expert then continued by stating “We closely follow the evolving cyber threat landscape, creating security solutions to proactively thwart attacks. To ensure security, we strongly encourage the adoption of a robust cybersecurity strategy that effectively mitigates these threats“.


Please enter your comment!
Please enter your name here