In the landscape of cybersecurity and technology, Kaspersky’s recent reports highlight critical developments in cyber threats and the growing role of artificial intelligence in everyday applications.
From sophisticated malware campaigns targeting financial institutions to the resurgence of a notorious backdoor and the underutilized potential of AI in travel planning, Kaspersky’s insights offer a window into the challenges and opportunities shaping our digital environment.
Kaspersky’s Global Research and Analysis Team (GReAT) has uncovered a new remote access Trojan (RAT) dubbed “DarkMe,” which is infiltrating financial institutions through Skype Messenger.
This malware, linked to the infamous DeathStalker APT group, a hack-for-hire operation active since at least 2018, is designed to steal sensitive data and execute remote commands.
The campaign primarily targets fintech and trading sectors, leveraging Telegram channels to distribute the malware.
DarkMe’s sophisticated tactics include post-compromise cleanup to evade detection, such as deleting deployment files and inflating file sizes to hinder analysis.
Kaspersky advises heightened vigilance when using instant messaging apps like Skype and Telegram, emphasizing the need for robust endpoint detection and response (EDR) solutions to counter such threats.
This discovery underscores the growing audacity of cybercriminals exploiting trusted platforms for espionage and financial gain.
In another seemingly alarming development, Kaspersky, in collaboration with BI.ZONE Vulnerability Research, has reported renewed activity of the PipeMagic backdoor, first identified in 2022 during a RansomExx campaign targeting Southeast Asian industrial firms.
This plugin-based Trojan, which functions as both a backdoor and a network gateway, has expanded its reach to Saudi Arabia and Brazil, particularly targeting manufacturing companies.
The 2025 attacks exploit a Microsoft vulnerability (CVE-2025-29824), one of 121 patched in April 2025, to infiltrate systems.
A fake ChatGPT application, built with Rust and using the Tokio and Tauri frameworks, serves as the lure, concealing a 105,615-byte encrypted payload.
The malware’s enhancements improve persistence and enable lateral movement within networks, exploiting zero-day vulnerabilities in drivers like clfs.sys for privilege escalation.
Kaspersky recommends EDR tools and cautious software downloading practices to mitigate these risks, as the backdoor’s operators continue to refine their tactics for broader impact.
Shifting gears to consumer technology, Kaspersky’s survey reveals that only 28% of travelers use AI to plan trips, despite over 90% of users reporting satisfaction with AI-generated itineraries.
Conducted among 2,000 adults in the UK, the survey highlights AI’s ability to tailor travel plans based on preferences, budget, and schedules, often outperforming traditional travel agents in cost-effectiveness and personalization.
Younger travelers (18–24) are more likely to embrace AI, with 41% using it compared to just 17% of those over 55.
However, concerns about data privacy and a preference for human expertise deter wider adoption.
Kaspersky suggests that as AI tools become more integrated into travel platforms, their role will grow, offering seamless, budget-friendly planning options for tech-savvy explorers.
Kaspersky also warns of a 3.3% increase in phishing link clicks in Q2 2025, totaling over 142 million, driven by AI-enhanced deception techniques.
These attacks now exploit biometric data and digital signatures, posing risks to identity verification systems.
AI-generated deepfakes and synthetic identities make phishing harder to detect, with attackers using legitimate cloud services to mask malicious activities.
Kaspersky data shows a shift toward targeting biometric authentication, urging organizations to adopt multi-factor authentication and advanced threat detection to combat these evolving threats.
Kaspersky’s findings paint a dual picture: a world where cyber threats are growing in sophistication, exploiting trusted platforms and vulnerabilities, and where AI’s potential remains untapped in areas like travel planning.
For businesses, deploying EDR solutions and staying vigilant against social engineering are critical.
For consumers, embracing AI cautiously while prioritizing data security can potentially unlock new efficiencies.
As cybercriminals and technology evolve, Kaspersky’s insights may be useful in staying secure in an increasingly digital environment.