Batavia Spyware Hits Russian Firms in Contract Scam

A new cyber-espionage campaign targeting Russian companies has been linked to a previously unknown Windows-based malware strain named Batavia. According to cybersecurity firm Kaspersky, the operation has remained active since July 2024. The Batavia Spyware Hits Russian firms through emails disguised as contract-related communications, embedding malicious links that initiate the infection process.

Researchers said attackers use these links to deploy spyware designed to extract sensitive documents from compromised systems. Once inside the network, the malware operates stealthily, exfiltrating data without triggering immediate detection. Analysts noted that the campaign shows signs of being highly targeted and methodically executed.

Kaspersky described the spyware’s primary objective as data theft, adding that the full extent of the breach remains under investigation. Batavia Spyware Hits Russian organizations at a time when concerns over cyberattacks on domestic firms continue to mount, highlighting the need for stronger email filtering and endpoint security controls.

Read the full report here:
https://thehackernews.com/2025/07/researchers-uncover-batavia-windows.html