Security Research

AVLab, an AMTSO member and independent testing laboratory based in Poland, evaluated Acronis True Image in their March 2023 test series. We’re pleased to announce that our solution landed in the top three tested products with regards to the "pre-launch score" — measuring malware detection rates before execution — and took the top spot in remediation speed with a time of only four seconds.

Raccoon Stealer, also known as Mohazo or Racealer, is an info-stealer malware that first appeared in 2019, and is available as malware-as-a-service (MAAS). Available as MaaS, it has already infected over 100,000 devices in the wild, across organizations and individuals, and became one of the most-mentioned attacks on underground forums.

The purpose of Money Message ransomware is to encrypt files on a targeted computer, rendering the victim's system unusable. It was first reported on Twitter by the Zscaler ThreatLabZ research team.

Maui is a wiper that is designed to delete or overwrite data on a computer or digital device, causing damage and disrupting operations. This malware was first discovered by the FBI in May 2021, and is presumed to have been developed under the guidance of North Korea.

On January 25, 2023, ESET Research found a new data wiper in the network of Ukrinform, Ukraine’s national news agency. Later, the Computer Emergency Response Team of Ukraine (CERT-UA) added that as of January 27, five additional, different malware samples were spotted in the network.

IcedID, also known as BokBot, was initially a banking trojan when it was discovered in 2017. Now it is mostly used as an initial access broker for other malware. This malware typically uses malicious email attachments to infect victims' machines. It has been known to use various types of attachments — such as archives, Word and Excel files — but the latest attacks used OneNote files.

CaddyWiper is an example of data-wiping malware, whose purpose is to corrupt the operating system and leave the targeted device unusable. It was first spotted in Ukraine in mid-March 2022 by the ESET research team.

The DoubleZero wiper — so named for its tactic of zeroing files — was first discovered on March 17, 2022 by CERT-UA (the Computer Emergency Response Team of Ukraine). The malware was designed in order to wipe out system files, non-system files and entire registry branches, and was spread by spear phishing emails with an attached ZIP that contains the malware file.

Vawtrak is a banking trojan — a form of malware that attempts to steal credentials from banks. It spreads via phishing emails and spam emails that contain a malicious document, loaded with a macro. The primary target of this malware are banks and insurance companies, mainly in Germany.

Royal ransomware was first spotted in January 2022, targeting different corporations. This group does not provide ransomware-as-a-service. The attackers demand figures ranging from $250,000 to over $2 million from their victims.

Acronis Cyber Protect with the Advanced Security pack successfully passed the rigorous test criteria established by AV-Comparatives for their Advanced Threat Protection test, and was certified as an advanced threat prevention solution recommended for use by any business, including enterprise-level companies.

On November 10, 2022, the Akamai Security Intelligence Response Team published an article with the description of the newly spotted KmsdBot, which infected their honeypot. Gaming company FiveM, which provides software for GTA V for hosting custom private servers (and happens to be Akamai’s client), became the first victim. During their investigation, researchers found many samples that were built for different architectures.