#CompromisedWebsites

Hackers Exploit Legitimate Websites to Deliver BadSpace Windows Backdoor

by

June 17, 2024 at 03:00AM Legitimate-but-compromised websites are being used to distribute a Windows backdoor called BadSpace via fake browser updates. The attack involves infected websites, a command-and-control server, fake browser updates, and a JScript downloader. This backdoor, capable of anti-sandbox checks and system information harvesting, is being distributed through compromised sites. Key Takeaways from … Read more

Meet VexTrio, a network of 70K hijacked websites crooks use to sling malware, fraud

by

February 9, 2024 at 10:39PM Over 70,000 legitimate websites have been compromised to form VexTrio, a network utilized by cybercriminals for distributing malware and conducting phishing activities. The operation has been growing in sophistication since its establishment in 2017. Check Point and Infoblox have both flagged VexTrio as a significant security threat, emphasizing its impact … Read more

Millions at Risk As ‘Parrot’ Web Server Compromises Take Flight

by

January 23, 2024 at 02:16PM Threat actors operating Parrot TDS have intensified their efforts to avoid detection and potentially target millions of people through compromised websites. Researchers from Unit 42 have been tracking this traffic redirect system, which injects malicious scripts into existing JavaScript code. The researchers have also provided mitigation strategies and indicators of … Read more

Hackers Using MSIX App Packages to Infect Windows PCs with GHOSTPULSE Maware

by

October 30, 2023 at 12:42AM A cyber attack campaign has been using MSIX Windows app package files to distribute a new malware loader named GHOSTPULSE. The attack targets popular software like Google Chrome, Microsoft Edge, Brave, Grammarly, and Cisco Webex. Potential victims are enticed to download the packages through compromised websites, SEO poisoning, or malvertising. … Read more