November 6, 2024 at 04:28PM Hackers are increasingly using the Winos4.0 framework to target Windows users, especially in China, through game-related apps. The malware executes a multi-step infection process, collects system data, and can evade security tools. Fortinet and Trend Micro have noted its potent capabilities, indicating a rise in malicious campaigns. ### Meeting Takeaways … Read more
September 12, 2024 at 10:24AM A new malware named Vo1d has infected nearly 1.3 million Android-based TV boxes in 197 countries. It acts as a backdoor, secretly installing third-party software when commanded by attackers. The infection’s source is unknown, but it’s suspected to involve compromised instances or unofficial firmware versions. Budget device manufacturers may be … Read more
April 25, 2024 at 01:51PM The Lazarus Group utilized job lures to distribute the Kaolin RAT, enabling deployment of the FudModule rootkit. This advanced operation, deemed overkill by Avast, involves a multi-stage sequence to ultimately establish communications with the RAT’s C2 server. The malware is capable of various operations including file manipulation and process execution, … Read more
January 25, 2024 at 11:38AM Cybersecurity researchers have uncovered details about the SystemBC malware, noting its availability on underground markets and its capability to control compromised hosts, deliver various payloads, and use SOCKS5 proxies to mask network traffic. There is also insight into an updated version of the DarkGate remote access trojan, showcasing weaknesses in … Read more
November 24, 2023 at 05:36AM Researchers have discovered a Rust version of the cross-platform backdoor SysJoker, indicating its use by a Hamas-affiliated group to target Israel. The malware has undergone significant changes, using Rust language instead of its previous version. The threat actor has also switched from Google Drive to OneDrive for storing command-and-control server … Read more