Top

Category: Malware


Cyber-crime, Malware

Researchers Warn of Cyber Criminals Using Go-based Aurora Stealer Malware

November 22, 2022

Via: The Hacker News

A nascent Go-based malware known as Aurora Stealer is being increasingly deployed as part of campaigns designed to steal sensitive information from compromised hosts. “These infection chains leveraged phishing pages impersonating download pages of legitimate software, including cryptocurrency wallets or […]


Cyber-crime, Malware

Microsoft Warns of Cybercrime Group Delivering Royal Ransomware, Other Malware

November 18, 2022

Via: Security Week

DEV-0569 has been relying on malicious ads (malvertising), blog comments, fake forum pages, and phishing links for the distribution of malware. Over the past few months, however, Microsoft noticed that the threat actor has started using contact forms to deliver […]


Cyber-crime, Malware

CERT-UA warns of multiple Somnia ransomware attacks against organizations in Ukraine

November 14, 2022

Via: Security Affairs

The Government Computer Emergency Response Team of Ukraine CERT-UA is investigating multiple attacks against organizations in Ukraine that involved a new piece of ransomware called Somnia. Government experts attribute the attacks to the group ‘From Russia with Love’ (FRwL) (aka […]


Cyber-crime, Malware

Over 250 US News Websites Deliver Malware via Supply Chain Attack

November 3, 2022

Via: Security Week

Cybersecurity company Proofpoint reported on Wednesday that a threat actor it tracks as TA569 appears to be behind the attack. The hackers have targeted an unnamed media company that serves many news outlets in the US. The service provider delivers […]


Cyber-crime, Malware

Researchers Uncover Stealthy Techniques Used by Cranefly Espionage Hackers

October 28, 2022

Via: The Hacker News

A recently discovered hacking group known for targeting employees dealing with corporate transactions has been linked to a new backdoor called Danfuan. This hitherto undocumented malware is delivered via another dropper called Geppei, researchers from Symantec, by Broadcom Software, said […]


Cyber-crime, Malware

Vice Society Hackers Are Behind Several Ransomware Attacks Against Education Sector

October 26, 2022

Via: The Hacker News

A cybercrime group known as Vice Society has been linked to multiple ransomware strains in its malicious campaigns aimed at the education, government, and retail sectors. The Microsoft Security Threat Intelligence team, which is tracking the threat cluster under the […]


Cyber-crime, Malware

Cybercriminals Used Two PoS Malware to Steal Details of Over 167,000 Credit Cards

October 25, 2022

Via: The Hacker News

Two point-of-sale (PoS) malware variants have been put to use by a threat actor to steal information related to more than 167,000 credit cards from payment terminals. According to Singapore-headquartered cybersecurity company Group-IB, the stolen data dumps could net the […]


Cyber-crime, Malware

Why Ransomware in Education on the Rise and What That Means for 2023

October 24, 2022

Via: The Hacker News

The breach of LA Unified School District (LAUSD) highlights the prevalence of password vulnerabilities, as criminal hackers continue to use breached credentials in increasingly frequent ransomware attacks on education. The Labor Day weekend breach of LAUSD brought significant districtwide disruptions […]


Cyber-crime, Malware

SideWinder APT Using New WarHawk Backdoor to Target Entities in Pakistan

October 24, 2022

Via: The Hacker News

SideWinder, a prolific nation-state actor mainly known for targeting Pakistan military entities, compromised the official website of the National Electric Power Regulatory Authority (NEPRA) to deliver a tailored malware called WarHawk. “The newly discovered WarHawk backdoor contains various malicious modules […]


Cyber-crime, Malware

Hackers Using New Version of FurBall Android Malware to Spy on Iranian Citizens

October 20, 2022

Via: The Hacker News

The Iranian threat actor known as Domestic Kitten has been attributed to a new mobile campaign that masquerades as a translation app to distribute an updated variant of an Android malware known as FurBall. “Since June 2021, it has been […]


Cyber-crime, Malware

Chinese Hackers Targeting Online Casinos with GamePlayerFramework Malware

October 19, 2022

Via: The Hacker News

An advanced persistent threat (APT) group of Chinese origin codenamed DiceyF has been linked to a string of attacks aimed at online casinos in Southeast Asia for years. Russian cybersecurity company Kaspersky said the activity aligns with another set of […]


Cyber-crime, Malware

Chinese ‘Spyder Loader’ Malware Spotted Targeting Organizations in Hong Kong

October 18, 2022

Via: The Hacker News

The China-aligned espionage-focused actor dubbed Winnti has set its sights on government organizations in Hong Kong as part of an ongoing campaign dubbed Operation CuckooBees. Active since at least 2007, Winnti (aka APT41, Barium, Bronze Atlas, and Wicked Panda) is […]


Cyber-crime, Malware

New Prestige Ransomware Targeting Polish and Ukrainian Organizations

October 17, 2022

Via: The Hacker News

A new ransomware campaign targeted the transportation and logistics sectors in Ukraine and Poland on October 11 with a previously unknown payload dubbed Prestige. “The activity shares victimology with recent Russian state-aligned activity, specifically on affected geographies and countries, and […]


Cyber-crime, Malware

Criminal multitool LilithBot arrives on malware-as-a-service scene

October 10, 2022

Via: The Register

A Russia based threat group that set up a malware distribution shop earlier this year is behind a Swiss Army knife-like botnet that comes with a range of other malicious capabilities, from stealing information to mining cryptocurrency. That’s according to […]


Cyber-crime, Malware

A look at the 2020–2022 ATM/PoS malware landscape

October 6, 2022

Via: Securelist

During the pandemic, lockdowns forced people to stay at home and do their shopping online, which was mirrored in point-of-sale (PoS) and ATM malware activity, as certain regions saw malicious transactions drop significantly. Now, as we predicted in last year’s […]


Cyber-crime, Malware

Hackers Using PowerPoint Mouseover Trick to Infect System with Malware

September 28, 2022

Via: The Hacker News

The Russian state-sponsored threat actor known as APT28 has been found leveraging a new code execution method that makes use of mouse movement in decoy Microsoft PowerPoint documents to deploy malware. The technique “is designed to be triggered when the […]


Cyber-crime, Malware

BlackCat Ransomware Attackers Spotted Fine-Tuning Their Malware Arsenal

September 26, 2022

Via: The Hacker News

The BlackCat ransomware crew has been spotted fine-tuning their malware arsenal to fly under the radar and expand their reach. “Among some of the more notable developments has been the use of a new version of the Exmatter data exfiltration […]


Cyber-crime, Malware, Mobile, Mobile security

Fake Indian Banking Rewards Apps Targeting Android Users with Info-stealing Malware

September 23, 2022

Via: The Hacker News

An SMS-based phishing campaign is targeting customers of Indian banks with information-stealing malware that masquerades as a rewards application. The Microsoft 365 Defender Research Team said that the messages contain links that redirect users to a sketchy website that triggers […]


Cyber-crime, Malware

Emotet Botnet Started Distributing Quantum and BlackCat Ransomware

September 19, 2022

Via: The Hacker News

The Emotet malware is now being leveraged by ransomware-as-a-service (RaaS) groups, including Quantum and BlackCat, after Conti’s official retirement from the threat landscape this year. Emotet started off as a banking trojan in 2014, but updates added to it over […]


Cyber-crime, Malware

North Korean Hackers Spreading Trojanized Versions of PuTTY Client Application

September 16, 2022

Via: The Hacker News

A threat with a North Korea nexus has been found leveraging a “novel spear phish methodology” that involves making use of trojanized versions of the PuTTY SSH and Telnet client. Google-owned threat intelligence firm Mandiant attributed the new campaign to […]