WithSecure™ Labs: With great research comes great responsibility

The malware campaign targets cryptocurrency users, a user base estimated to be in the hundreds of millions which has emerged as a viable and effective lure to infect users and organizations across all sectors alike.

The campaign targets victims globally, with infections observed across each continent. Although the campaign targets cryptocurrency users, WithSecure has observed non-cryptocurrency-related organizations in Europe being infected by the malware due to cross-contamination introduced by personal browsing of victims on their corporate machines.

Don’t drop password managers (but password managers shouldn’t drop malware).

WithSecure detected an attack that first began with the exploitation of CVE-2025-31324 in March 2025, suggesting that this vulnerability has been known to criminals and exploited for some time. 

At WithSecure, we have the benefit of a comprehensive set of capabilities, allowing us to conduct research on how to better integrate our various services. One such topic has been the use of behavioral information provided by Endpoint Detection and Response (EDR) to detect potential privilege escalation vulnerabilities. 

Tim West, WithSecure’s Director, Threat Intelligence & Outreach, takes a deep dive in to the cyber threat landscape of the European mid-market, in order to discover what we should expect over the course of this year and where the key battlegrounds will be fought in 2025.