CyberSecurityBoard
Sponsor Register Login

New spyware strain steals data from Russian industrial companies | The Record from Recorded Future News

Around the same time, Russian cybersecurity firm F.A.C.C.T. linked a separate wave of attacks against the country’s chemical, food and pharmaceutical industry to a suspected state-backed group known as Rare Wolf, which has been active since 2018. In December, Kaspersky also reported that Russian businesses using unlicensed corporate software were being targeted with RedLine, a widely used information stealer distributed via local online forums frequented by accountants and entrepreneurs. Victims are urged to download a file via a malicious link, which infects their systems with previously unknown spyware dubbed Batavia, according to a new report by Moscow-based cybersecurity firm Kaspersky. Analysts previously warned that the recent spike in cyberespionage activity may be linked to escalating geopolitical tensions and increased targeting of critical sectors in both Russia and Ukraine. Kaspersky said the campaign has already affected over 100 victims across several dozen Russian organizations, but did not disclose the specific targets. Hackers are targeting Russia’s industrial sector with a new spyware strain that steals sensitive internal documents, local researchers warned. The firm has not attributed the operation to a specific threat actor, though the hackers’ tactics and targets suggest possible involvement of state-sponsored groups or organized cybercriminals. In February, local researchers reported a large-scale information-stealing campaign involving the Nova malware. The campaign, which began in July 2024 and remains active, uses phishing emails disguised as fake contracts. It also takes periodic screenshots and collects system information such as installed software, all of which is sent to a remote server controlled by the attackers. The Batavia campaign is one of the latest in a string of cyber operations against Russian organizations. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia.

This Cyber News was published on therecord.media. Publication date: Tue, 08 Jul 2025 13:45:13 +0000


Cyber News related to New spyware strain steals data from Russian industrial companies | The Record from Recorded Future News

Citizen Lab details ongoing battle against spyware vendors - Citizen Lab senior researcher Bill Marczak said that while the organization has achieved some important wins against spyware proliferation, the progress is inevitably hindered by vendors that continually adapt their technologies and practices. The ...
1 year ago Techtarget.com
Spyware isn't going anywhere, and neither are its tactics - The illegal use of spyware to target high-profile or at-risk individuals is a global problem, as highlighted by this article from The Register that Talos' Nick Biasini just contributed to. As we've written about, many Private Sector Offensive Actors ...
1 year ago Blog.talosintelligence.com CVE-2024-23222
How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
9 months ago Aws.amazon.com
Intellexa and Cytrox: From fixer-upper to Intel Agency-grade spyware - Cisco Talos has a new, in-depth analysis of timelines, operating paradigms and procedures adopted by spyware vendor Intellexa. Talos' analysis revealed that rebooting an iOS or Android device may not always remove the Predator spyware produced by ...
1 year ago Blog.talosintelligence.com
US Uses Visa Restrictions in Struggle Against Spyware - The United States will impose visa restrictions on foreign individuals who have been involving the misuse of spyware, the latest effort by the Biden Administration to address the dangers of the commercial software that often is used by governments ...
1 year ago Securityboulevard.com
Intellexa Spyware Adds Persistence with iOS or Android Device - In the shadowy realm of commercial spyware, the spotlight turns to the notorious Intellexa spyware and its Predator/Alien solution, as dissected by Cisco Talos in their comprehensive May 2023 report. This expose navigates the labyrinthine intricacies ...
1 year ago Gbhackers.com
New spyware strain steals data from Russian industrial companies | The Record from Recorded Future News - Around the same time, Russian cybersecurity firm F.A.C.C.T. linked a separate wave of attacks against the country’s chemical, food and pharmaceutical industry to a suspected state-backed group known as Rare Wolf, which has been active since 2018. ...
1 week ago Therecord.media
ICE Signs $2 Million Contract With Spyware Maker Paragon Solutions | WIRED - Measures have included placing spyware vendors like NSO Group and Intellexa on the so-called Entity List to prevent any US companies from doing business with them; enacting a visa restriction policy against multiple individuals “who have been ...
9 months ago Wired.com
Who is the DOGE and X Technician Branden Spikes? – Krebs on Security - Branden Spikes California Russian Association Congress of Russian Americans Constellation of Humanity Cyberinc Department of Government Efficiency Diana Fishman Donald J. Prior to founding Spikes Security, Branden Spikes was married to a native ...
4 months ago Krebsonsecurity.com
What is Spyware? How It Works and How to Protect Yourself Against It - Spyware is a type of malicious software that is designed to collect sensitive data from victims without their knowledge or consent. It is typically installed on computers without the user’s knowledge or consent, and collects sensitive information ...
2 years ago Heimdalsecurity.com
Is Your Organization Infected by Mobile Spyware? - The surge in mobile device usage within organizations has inevitably opened the floodgates to a new kind of cyber threat-mobile spyware. The growing dependence on mobile technology has made it imperative for organizations to recognize and mitigate ...
1 year ago Blog.checkpoint.com
Kaspersky Details Method for Detecting Spyware in iOS - Researchers with cybersecurity firm Kaspersky are detailing a lightweight method for detecting the presence of spyware, including The NSO Group's notorious Pegasus software, in Apple iOS devices. The new method, which calls for looking for traces of ...
1 year ago Securityboulevard.com
US to sign Pall Mall pact aimed at countering spyware abuses | The Record from Recorded Future News - The announcement comes nearly a week after 21 countries signed a voluntary and non-binding Code of Practice outlining how they intend to jointly regulate commercial cyber intrusion capabilities (CCICs) and combat spyware companies whose products have ...
3 months ago Therecord.media
'Sex life data' stolen from UK government among record number of ransomware attacks - Data on the sex lives of up to 10,000 people was stolen from a British government department in one of the record number of ransomware attacks to have hit Westminster in the first half of this year. It is not known which department the information ...
1 year ago Therecord.media
US announces visa ban on those linked to commercial spyware - Secretary of State Antony J. Blinken announced today a new visa restriction policy that will enable the Department of State to ban those linked to commercial spyware from entering the United States. As part of this effort, the Biden Administration ...
1 year ago Bleepingcomputer.com
U.S. rolls out visa restriction policy on people who misuse spyware to target journalists, activists - WASHINGTON - The Biden administration announced Monday it is rolling out a new policy that will allow it to impose visa restrictions on foreign individuals involved in the misuse of commercial spyware. The administration's policy will apply to people ...
1 year ago Pbs.org
Recapping Cisco industrial IoT's journey: A year of security, simplification and innovation - In this blog, we'll take a look back at the key topics and trends that defined the industrial IoT journey in 2023. Empowering our industrial customers to digitize and secure operations at the same time has been prevalent in every conversation this ...
1 year ago Feedpress.me
Siberia's largest dairy plant reportedly disrupted with LockBit variant | The Record from Recorded Future News - During the attack on the Semyonishna plant, which occurred earlier in December, the unidentified hacker group encrypted the company’s systems with a LockBit ransomware strain, the regional office of Russia’s security service (FSB) said in a ...
4 months ago Therecord.media LockBit
Paragon Spyware Exploited WhatsApp Zero-day Vulnerability to Attack High-value Targets - Researchers have uncovered extensive evidence linking Israeli firm Paragon Solutions to a sophisticated spyware operation that exploited a zero-day vulnerability in WhatsApp to target journalists and civil society members. The investigation confirmed ...
3 months ago Cybersecuritynews.com
Vendor Penalized by New York Attorney General for Advertising Unlawful Spyware - The New York Office of the Attorney General has taken action against Patrick Hinchy and the 16 companies he owns for illegally selling and promoting spyware. Since 2011, Hinchy has been running these companies, which offer spyware for Android and iOS ...
2 years ago Securityweek.com
Hackers Attacking Industrial Automation Systems With 11,600+ Malware Families - Industrial automation systems worldwide are facing an unprecedented scale of cyber threats, with security researchers detecting a staggering 11,679 distinct malware families targeting critical infrastructure in the first quarter of 2025. Securelist ...
1 month ago Cybersecuritynews.com
US to Roll Out Visa Restrictions on People Who Misuse Spyware to Target Journalists, Activists - The Biden administration announced Monday it is rolling out a new policy that will allow it to impose visa restrictions on foreign individuals involved in the misuse of commercial spyware. The administration's policy will apply to people who've been ...
1 year ago Securityweek.com
Google says spyware vendors behind most zero-days it discovers - Commercial spyware vendors were behind 80% of the zero-day vulnerabilities Google's Threat Analysis Group discovered in 2023 and used to spy on devices worldwide. Zero-day vulnerabilities are security flaws the vendors of impacted software do not ...
1 year ago Bleepingcomputer.com
Russia tightens cybersecurity measures as financial fraud hits record high | The Record from Recorded Future News - Earlier in March, Russian internet users faced widespread outages that regulators attributed to issues with “foreign server infrastructure.” However, local experts suggested the disruptions stemmed from Russia’s blocking of Cloudflare, a ...
3 months ago Therecord.media
Ransomware, Data Breaches Inundate OT & Industrial Sector - Three-quarters of industrial firms suffered a ransomware attack in the past year, with far more compromises affecting operational technology than ever before - representing a surge in attacks driven by both the industrial sector's vulnerability and ...
1 year ago Darkreading.com LockBit

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)