Cyber-Threat Report regarding December 2020 cyber attacks in Italy

Available new December 2020 Report on Cyber threats and attacks in Italy by TG Soft's Anti-Malware Research Center


Overview of threats in Italy in December

In December, the arrest of two italian people, involved in an internal cyber espionage attack at Leonardo S.p.A. that took place between May 2015 and January 2017, caused a stir. The cyber-espionage attack was reportedly carried out through a RAT with exfiltration of no less than one hundred thousand files, totaling more than 10 GB of stolen data.
Leonardo S.p.A.'s black month continued with a ransomware attack that took place on Dec. 4, against the  Kopter Group company belonging to Leonardo Company. The cyber-criminal group behind the LockBit ransomware claimed the attack.
Emotet returned to strike over the Christmas vacations. AgentTesla, LokiBot, and Ursnif campaigns continued.

Ursnif was very active with numerous campaigns in December. This month saw ransomware attacks continued, many of them carried via RDP or VPN. Among them we can count Phobos, Makop, and Ranzy Locker.



To keep up to date with TG Soft news , please subscribe to the newsletter 

Integrate the defense of your PC/ SERVER to detect attacks from actually circulating viruses/malware


We report that all really circulating viruses/malware are identified and, in many cases, even removed by Vir.IT eXplorer Lite -FREE Edition- thanks to the following special features:
  • freely usable in both private and corporate environments with Engine+Signature updates without time limitation;
  • Interoperable with any other AntiVirus, AntiSpyware, AntiMalware or Internet Security already present on PCs and SERVERs.We recommend to use it as a supplement to the AntiVirus already in use as it does not conflict or slow down the system but allows to significantly increase security in terms of identification and remediation of infected files;
  • Identifies and, in many cases, even removes most of the actual circulating viruses/malware or, alternatively, allows them to be sent to the C.R.A.M. Anti-Malware Research Centert for further analysis to update Vir.IT eXplorer;
  • Through Intrusion Detection technology, also made available in the Lite version of Vir.IT eXplorer, the software is able to report any new-generation viruses/malware that have set in automatically and proceed to send the reported files to TG Soft's C.R.A.M..
  • Proceed to  download Vir.IT eXplorer Lite from the official distribution page of TG Soft's website..
TG Soft's AntiMalware Research Center.
Back to Top of Page

Any information published on our site may be used and published on other websites, blogs, forums, facebook and/or in any other form both in paper and electronic form as long as the source is always and in any case cited explicitly “Source: CRAM by TG Soft www.tgsoft.it” with a clickable link to the original information and / or web page from which textual content, ideas and / or images have been extrapolated.
It will be appreciated in case of use of the information of C.R.A.M. by TG Soft www.tgsoft.it in the report of summary articles the following acknowledgment/thanks “Thanks to Anti-Malware Research Center C.R.A.M. by TG Soft of which we point out the direct link to the original information: [direct clickable link]”

Vir.IT eXplorer PRO is certified by the biggest international organisation: