September 7, 2022 2:05 p.m.
Spam mails have evolved since the first one was sent back in 1978. Its evolutions span from the techniques, tactics, and the latest trends cybercriminals piggyback on to make it more legitimate-looking and urgent-sounding – an effective formula to prey upon an unsuspecting user.
One of Kaspersky’s elite researchers, Noushin Shabab, probed into the spam threat landscape in Asia Pacific (APAC) this year to answer – what if emails do not get opened?
Shabab, presented in front of selected media from the region during Kaspersky’s 8th APAC Cyber Security Weekend, revealed that the region received 24% of the global malicious spam mails being detected and blocked by Kaspersky solutions. This means one in four junk electronic messages were delivered to computers in APAC.
Noushin Shabab, Senior Security Researcher for Global Research and Analysis Team (GReAT) at Kaspersky
Malicious spam is not a technologically complex attack, but when done with sophisticated social engineering techniques, it poses a severe threat to individuals and enterprises alike. These junk mails are sent out in mass quantities by spammers and cybercriminals who are looking to do one or more of the following:
- Make money from the small percentage of recipients that actually respond to the message
- Run phishing scams – in order to obtain passwords, credit card numbers, bank account details, and more
- Spread malicious code onto recipients’ computers
In 2022, more than half (61.1%) of the malicious spam detected in the region targeted Kaspersky users from Vietnam, Malaysia, Japan, Indonesia, and Taiwan.
Shabab cited three main factors which cause the bulk of spam emails targeting APAC —- its population, the high adoption of e-services, and the pandemic lockdowns.
The APAC region has almost 60% of the world’s population and this means that there are more potential victims for scammers here compared to other parts of the world. The extensive use of online services such as online shopping and other online platforms for day-to-day activities here also makes individuals more susceptible to falling victim to scams. There is also the lingering pandemic aftermath which led to lockdowns and work-from-home set up in the region where people took their work computers home. Home networks are usually less protected from cyberattacks.
“Since 2018, the number of malicious spam mails detected by our solutions has seen a gradual decline after its peak in 2019. This, however, does not equate to our mailboxes being cleaner and safer. Our constant monitoring of the current and new Advanced Persistent Threats (APTs) operating in Asia Pacific showed that majority of these notorious threat actors use targeted phishing called spear phishing to crack into an organization’s systems,” reveals Noushin Shabab, Senior Security Researcher for Global Research and Analysis Team (GReAT) at Kaspersky.
The most recent example of an APT targeting key entities in APAC through sophisticated malicious mails is the “Sidewinder” threat actor. Since October 2021, the Sidewinder threat actor has been using new malicious JS code with recently created C2 server domains. The attacker, also known as Rattlesnake or T-APT4, targets victims with spear-phishing emails containing malicious RTF and OOXML files.
Known for targeting military, defense and law enforcement agencies, foreign affairs, IT, and aviation entities in Central and South Asia, Sidewinder is considered one of the most prolific threat actors monitored in the APAC region. Kaspersky experts also recently found spear phishing documents which appear to be aimed at future targets in Singapore.
Some of the main characteristics of this threat actor that make it stand out among the others are the sheer number, high frequency and persistence of their attacks, and the large collection of encrypted and obfuscated malicious components used in their operations. Kaspersky experts, who have been monitoring Sidewinder since 2012, have detected over a thousand spear phishing attacks by this APT actor since October 2020.
Sidewinder also continues to expand its victimology and to sharpen its phishing tactics.
For instance, to reduce the suspicion raised by some of their spear-phishing documents that had no text content, the group followed their first attempt to attack the victim – a spear-phishing email containing a malicious RTF exploit file – with another similar email, but in this case, the title of the malicious document was “_Apology Letter.docx”, and it contained some text explaining that the previous email was sent in error and that they are reaching out to apologize for that mistake.
“There are many more well-oiled APT groups like Sidewinder who are constantly upgrading their tools and tactics to target high-profile victims in APAC through believable spam and phishing emails. The implication for enterprises and government organizations here is that a single malicious email when clicked can crumble your most sophisticated defenses, and usually, APTs like Sidewinder just need one door to open, one machine to infect, and then it can hide and stay undetected for long,” Shabab adds.
APTs target any sensitive data; one doesn’t need to be a government agency, major financial institution, or energy company to become a victim.
The major danger of APT attacks is that even when they are discovered and the immediate threat appears to be gone, the hackers may have left multiple backdoors open that allow them to return when they choose. This increases the importance of guarding mailboxes – an entry point they usually exploit to get a foothold of an organization’s networks.
Employees across all ranks need to be aware of the threats, such as the possibility of bogus emails landing in their inboxes. Besides education, technology that focuses on email security is necessary.
To be able to search for potential spear-phishing signs without diminishing the company’s actual security, Kaspersky suggests private and public companies to install protective anti phishing solutions on mail servers as well as on employee workstations.
Enterprises should also utilize advanced security software that can detect sophisticated APT attacks.
For governments, Shabab suggests defining better spam regulations to curb spam risks. “Fewer spam emails from legitimate organizations means people are less used to receiving unexpected emails every day and are more vigilant when they are being targeted with malicious spear phishing emails,” she adds.
Kaspersky reports more than 340, 000 attacks with new malicious WhatsApp mod
November 20, 2023 8:52 p.m.
Kaspersky researchers recently uncovered a new malicious WhatsApp spy mod, which is now proliferating within another popular messenger, Telegram.
While the modification serves its intended purpose by extending user experience, it also clandestinely harvests personal information from its victims. With an extensive reach surpassing 340,000 in just one month, this malware predominantly targets users who communicate in Arabic and Azeri, though victims have been identified globally.
Users often turn to third-party mods for popular messaging apps to add extra features. However, some of these mods, while enhancing functionality, also come with hidden malware. Kaspersky has identified a new WhatsApp mod offering not only additions like scheduled messages and customizable options, but it also contains a malicious spyware module.
The modified WhatsApp client’s manifest file includes suspicious components (a service and a broadcast receiver) not present in the original version. The receiver initiates a service, launching the spy module when the phone is powered on or charging. Once activated, the malicious implant sends a request with device information to the attacker’s server. This data covers IMEI, phone number, country and network codes, and more. It also transmits the victim’s contacts and account details every five minutes as well as being able to set up microphone recordings and exfiltrate files from external storage.
The malicious version found its way through popular Telegram channels, predominantly targeting Arabic and Azeri speakers, with some of these channels boasting nearly two million subscribers. Kaspersky researchers alerted Telegram about the issue. Kaspersky’s telemetry identified over 340,000 attacks involving this mod in just October. This threat emerged relatively recently, becoming active in mid-August 2023.
Examples of Telegram channels distributing malicious mods
Azerbaijan, Saudi Arabia, Yemen, Turkey, and Egypt witnessed the highest attack rates. While the preference leans towards Arabic and Azerbaijani-speaking users, it also impacts individuals from the US, Russia, UK, Germany and beyond.
Kaspersky products detect the Trojan with the following verdict Trojan-Spy.AndroidOS.CanesSpy.
“People naturally trust apps from highly followed sources, but fraudsters exploit this trust. The spread of malicious mods through popular third-party platforms highlights the importance of using official IM clients. However, if you need some extra features not presented in the original client, you should consider employing a reputable security solution before installing third-party software, as it will protect your data from being compromised. For robust personal data protection, always download apps from official app stores or official websites,” comments Dmitry Kalinin, security expert at Kaspersky.
To stay safe, Kaspersky experts recommend:
- Use Official Marketplaces: Download apps and software from reputable and official sources. Avoid third-party app stores, as the risk that may host malicious or compromised apps is higher.
- Use reputable security software: Install and maintain reputable antivirus and anti-malware software on your devices. Regularly scan your devices for potential threats and keep your security software up to date. Kaspersky Premium protects its users from known and unknown threats.
- Educate yourself about common scams: Stay informed about the latest cyber threats, techniques, and tactics. Be cautious of unsolicited requests, suspicious offers, or urgent demands for personal or financial information.
- Third-party software from popular sources often comes with zero warranty. Keep in mind that such apps can contain malicious implants, e. g. because of supply chain attacks.
Globe’s next-gen leaders delve into AI and humanity at International Design Conference
October 27, 2023 3:45 p.m.
Globe’s next generation leaders shared invaluable insights on the blend of Artificial Intelligence (AI) and the human experience at the 7th International Design Conference, an event that marked the 50th anniversary of the Design Center of the Philippines.
Returning with more disruptive design concepts and an immersive environment that encouraged attendees to rethink limits, the two-day conference, held in cooperation with Globe, unveiled the evolving landscape and transformative potential of design.
Design luminaries and game-changers from the design sector and the Philippine creative economy collaborated to captivate audiences with immersive keynote presentations, provocative fireside chats, inspiring case studies, future-focused visioning, and an industry meet-up.
Globe’s Wil Sarmiento, Director and Head of Customer Lifecycle, and Paolo Toledo, Director and Head of Creatives, stood out with their forward-thinking perspectives. They joined world-renowned personalities such as award-winning design critic and author Alice Rawsthorn, program director of the Danish Design Centre Christina Melander; Sarah ichioka, founding director of Desire Lines; Dr. Anna Whicher, Policy Consultant of the “Making Design Count: The Value and Impact of Design on the Philippine Economy”; and Professor Daniela Bohlinger, Sustainability Design Pioneer.
Sarmiento, delivered a keynote that delved into the future skills in the age of human-machine collaboration, underscoring the potential of a symbiotic relationship that harnesses the strengths of both.
“Being human is the greatest design of all. While technology provides efficient solutions, it simply answers “what’s right” or “what’s needed”. BUT it’s us humans who trigger innovation and purpose. We hold the power to ask “what’s next?” and more importantly, “what for?” he said.
The International Design Conference, with its rich legacy of championing design innovation, is a thought leadership platform that celebrates the intersection of design, business, technology, and policy while thriving at the edge of disciplines to remain provocative and to use design and creativity to ask difficult questions and to take the audience to new territories.
Globe’s design leaders not only contributed to this dialogue but also illuminated the path forward, emphasizing a future where technology and human ingenuity seamlessly converge.
For more information about the International Design Conference and its key takeaways, please visit www.facebook.com/DTI.DesignCenterPH.
To learn more about Globe, go to https://www.globe.com.ph/.
LG honored with multiple awards for Innovative Product Design at IDEA 2023
September 4, 2023 3:11 p.m.
LG Electronics (LG) has once again been recognized for outstanding product design, earning 13 awards at the International Design Excellence Awards (IDEA) 2023, announced at the International Design Conference in New York, New York.
The LG PuriCare AeroTower, an air purifier that can also be used as a side table and mood lamp, was honored with a Bronze Award at yesterday’s conference. Offering personalized performance and design options, as well as a compact form factor, LG’s air purifier can be tailored to match any home interior and is ideal for smaller spaces. With its latest win, the LG PuriCare AeroTower has now been recognized by all three of the world’s top industrial design award programs: IDEA, the Red Dot Award and iF Design Award.
Another IDEA 2023 honoree, the LG OLED Flex (model LX3) is an innovative TV featuring the world’s first bendable 42-inch OLED screen. The LX3, which made its international debut at IFA last year, offers a new level of screen customizability – its self-lit display able to go from completely flat to spectacularly curved with the push of a button.
“The achievement from this year’s IDEA is the result of the synergy between customer experience-centered technology and aesthetics,” said Hwang Sung-gyul, head of the Design Management Center at LG Electronics. “We will continue to improve the level of perfection by reflecting innovative customer experiences beyond the existing framework in product design by constantly communicating and empathizing with customers.”
Organized annually by the Industrial Designers Society of America (IDSA), IDEA is one of the world’s leading design award programs, recognizing exceptional achievements in the area of industrial design while taking into consideration various factors relating to design strategy, digital interaction, the environment, and social impact, when selecting award recipients.
Life’s about more than having the latest technology, rather, it’s about the experiences technology creates that impact our lives. LG Electronics Philippines delivers consumer electronics through top-of-the-line home entertainment appliances that prepare Filipinos for their greatest moments. LG promises to bring “Innovation for a Better Life” nationwide – from Luzon, to Visayas, and Mindanao. LG products are available via lg.com/ph and through its flagship stores in Lazada and Shopee. For more information, visit and follow their social media channels on Facebook, Instagram, Tiktok and Youtube (@lgphilippines).