<ul data-eligibleForWebStory="false"><li>A new spyware named Batavia is being spread through fake contract-themed emails targeting Russian organizations since March 2025.</li><li>The spyware includes a VBA script and two executables, detected by Kaspersky as Trojan.Batavia variants, designed to steal internal documents.</li><li>The attack involves multiple stages where the malware collects system info, spies on the system by capturing screenshots and exfiltrating data to a command-and-control server.</li><li>The victims of the Batavia spyware campaign are Russian industrial enterprises, with over 100 users across multiple organizations falling prey to the phishing messages.</li></ul>

New Batavia spyware targets Russian industrial enterprises

Discover more