September 5, 2024 at 06:24AM Hackers deceive other hackers by distributing a fake tool for OnlyFans, infecting them with Lumma stealer malware. This exemplifies the blurred lines in cybercrime. Lumma is an info-stealing malware, with the capability to spread additional payloads and regain expired Google tokens. Veriti’s findings also uncover a broader operation targeting Disney+ … Read more
August 29, 2024 at 12:24PM Cybersecurity researchers discovered in-the-wild exploit campaigns using patched flaws in Apple Safari and Google Chrome to infect mobile users with malware, attributed to a Russian state-backed threat actor. The campaigns were observed between November 2023 and July 2024, featuring watering hole attacks on Mongolian government websites. N-day exploits were effectively … Read more
July 31, 2024 at 01:48PM Google’s ad platform has been manipulated by threat actors to display fake Google Authenticator ads, distributing the DeerStealer malware. Malicious ads impersonate trusted sites, presenting a challenge for detection. Despite efforts to block malicious advertisers, threat actors continue to evade detection through URL cloaking. Clicking on the ads leads to … Read more
July 29, 2024 at 03:42AM Stargazer Goblin operates a network of inauthentic GitHub accounts, distributing malware and earning $100,000 in illicit profits. The “Ghost” accounts engage in various activities to appear legitimate, making them resistant to takedowns. The scheme propagates malware families such as Atlantida Stealer and involves social engineering attacks, targeting GitHub repositories and … Read more
July 25, 2024 at 07:09AM A threat actor known as Stargazer Goblin has built a network of over 3,000 GitHub accounts to distribute malware and perform malicious activities. Operating since August 2022, the network has earned over $100,000. The accounts, collectively named Stargazers Ghost Network, distribute information-stealing malware and use various tactics to evade detection … Read more
April 20, 2024 at 05:07PM Threat actors are exploiting a GitHub flaw to distribute malware through URLs connected to a Microsoft repository, giving the files an appearance of legitimacy. This vulnerability can be abused with any public repository on GitHub, allowing for convincing lures. Despite attempts by McAfee and others to address this issue, the … Read more
November 6, 2023 at 01:00PM An updated version of the information stealer malware Jupyter has resurfaced with new tactics to establish a persistent presence on compromised systems. The malware leverages PowerShell command modifications and signatures of private keys to appear as a legitimately signed file. It utilizes manipulated search engine optimization and malvertising to trick … Read more
October 17, 2023 at 11:54AM The Android ‘SpyNote’ malware was recently observed in attacks in Italy. The malware disguised itself as a fake ‘IT-alert’ public alert service, infecting visitors with information-stealing capabilities. The malware is distributed through a website that mimics the real IT-alert site, urging users to install the app for updates on an … Read more
October 16, 2023 at 04:37AM Discord’s content delivery network (CDN) is being exploited by threat actors to distribute the Lumma Stealer malware, which steals user credentials. The malware is spread through direct messages, offering victims Discord Nitro boost in exchange for assistance and prompting them to download a file. Lumma Stealer can steal cryptocurrency wallets … Read more