August 15, 2024 at 03:21AM A new threat actor, known as Actor240524, has launched cyber attacks targeting Azerbaijan and Israel to steal sensitive data, using spear-phishing emails and malware like ABCloader and ABCsync. The attacks aim to avoid detection through anti-sandbox and anti-analysis techniques. NSFOCUS attributes the attacks to disrupt the cooperative relationship between the … Read more
June 18, 2024 at 09:00PM Singapore police made significant arrests of two men accused of running servers for cybercrimes against Singaporeans. About 2,000 victims downloaded malicious Android apps, leading to the theft of valuable data. After deep analysis, authorities in Singapore, Hong Kong, and Malaysia dismantled the entire criminal organization, leading to further arrests and … Read more
April 25, 2024 at 03:22PM Researchers sinkholed a PlugX malware server, logging over 2.5 million unique IP connections from 170 countries in six months. Sekoia obtained control of the server and observed self-spreading capabilities, indicating global infections. They aim to disinfect impacted computers with self-delete commands, but highlight the challenge of re-infection via USB devices. … Read more
April 9, 2024 at 12:02AM A new cybercrime group, CoralRaider, linked to Vietnam, targets individuals and organizations in Asia to steal social media account information and user data. The group relies on social engineering and legitimate services for data exfiltration but has made mistakes. CoralRaider prioritizes financial gain and does not appear to be working … Read more
December 4, 2023 at 05:05PM New variants of the P2Pinfect botnet target 32-bit MIPS processor devices, exploiting weak credentials and using sophisticated evasion techniques. Initial focus was on Redis servers, but the scope has expanded to include routers and IoT devices globally. Objectives of the malware operators remain unclear. **Meeting Takeaways: Focus on P2Pinfect Botnet … Read more