Faux ChatGPT, Claude API Packages Deliver JarkaStealer

November 22, 2024 at 05:08PM Two malicious Python packages falsely marketed as tools for ChatGPT and Claude contained an infostealer named “JarkaStealer.” Designed to lure developers, they masqueraded as legitimate APIs but ultimately compromised users’ data. Over 1,700 downloads occurred before the packages were removed following discovery by Kaspersky researchers. Here are the key takeaways … Read more

New Glove infostealer malware bypasses Chrome’s cookie encryption

November 14, 2024 at 04:05PM The new Glove Stealer malware can bypass Google Chrome’s App-Bound encryption to steal cookies and sensitive information from various browsers and applications. It employs social engineering tactics similar to ClickFix infections and requires local admin privileges to operate. Analysts note its basic methods indicate it remains in early development. ### … Read more

‘SteelFox’ Miner and Information Stealer Bundle Emerges

November 7, 2024 at 07:59AM The SteelFox crimeware bundle masquerades as legitimate software like Foxit PDF Editor and AutoCAD to steal user information. This emerging threat poses significant risks to users seeking these applications. The information was reported by SecurityWeek. **Meeting Takeaways:** 1. **Threat Overview**: The SteelFox crimeware bundle impersonates legitimate software, specifically Foxit PDF … Read more

Fake Copyright Infringement Emails Spread Rhadamanthys

November 6, 2024 at 05:56PM Check Point Research has tracked a spear-phishing campaign, “CopyR(ight)hadamantys,” targeting hundreds of companies globally with emails claiming copyright infringement. The emails deliver the sophisticated infostealer Rhadamanthys, capable of stealing sensitive data. Attackers use automation to send these messages, often impersonating known brands in technology and entertainment industries. ### Key Takeaways … Read more

Cybercrooks are targeting Bengal cat lovers in Australia for some reason

November 6, 2024 at 04:51PM Sophos reports that the Gootloader malware, known for SEO poisoning tactics, targets niche victims, including Australian Bengal cat enthusiasts. As an infostealer or malware dropper, it exploits search queries to deliver malicious payloads. The use of malvertising is rising, connecting cybercrime to ransomware operations, prompting action from cybersecurity agencies. ### … Read more

Suspect behind Snowflake data-theft attacks arrested in Canada

November 5, 2024 at 10:22AM Canadian authorities arrested Alexander “Connor” Moucka for allegedly stealing data from hundreds of millions by targeting over 165 organizations using compromised customer credentials via malware. This attack, affecting major companies, highlights vulnerabilities in multi-factor authentication at Snowflake, which has since implemented stricter security measures. Moucka awaits extradition hearing. **Meeting Takeaways:** … Read more

Russian charged by U.S. for creating RedLine infostealer malware

October 29, 2024 at 09:07AM The U.S. charged Russian national Maxim Rudometov, a key figure in the RedLine malware operation, which stole credentials and financial data. Part of an international crackdown, authorities disrupted the malware platform and arrested two in Belgium. Rudometov faces multiple charges with potential maximum sentences totaling 35 years in prison. ### … Read more

New tool bypasses Google Chrome’s new cookie encryption system

October 28, 2024 at 05:08PM A cybersecurity researcher, Alexander Hagenah, has released a tool that bypasses Google’s App-Bound encryption, enabling the extraction of saved credentials from Chrome. While it reflects a method similar to existing infostealer malware, its public availability increases risks for users storing sensitive data in the browser. Google is aware of the … Read more

Swarms of Fake WordPress Plug-ins Infect Sites With Infostealers

October 22, 2024 at 01:01PM Threat actors have intensified their campaign using fake browser updates to spread malware, targeting over 6,000 WordPress sites via compromised plugins. GoDaddy reports that the ClickFix variant employs social engineering tactics to deceive users, leading to malware installation. Automated processes facilitate the creation of these malicious plugins, enhancing detection challenges. … Read more

Infostealer malware bypasses Chrome’s new cookie-theft defenses

September 24, 2024 at 01:35PM Infostealer malware developers claimed to bypass Google Chrome’s App-Bound Encryption feature, aiming to protect sensitive data like cookies. While the model prevents infostealer malware from stealing secrets stored in Chrome, security researchers observed multiple developers boasting about implementing a working bypass. Latest tests confirmed some malware variants can bypass the … Read more