September 24, 2024 at 01:07PM HP identified a new email campaign distributing AI-generated malware. The malware involves an encrypted HTML attachment and employs uncommon techniques, indicating potential use of generative AI. Researchers found the malware payload to be basic, raising concerns that novice attackers are leveraging AI. This development signals the increasing threat of AI-generated … Read more
September 21, 2024 at 12:51PM A cybercriminal group named “Marko Polo” has executed a large-scale infostealer malware campaign, impacting thousands and potentially causing millions in financial losses. Using various distribution channels and targeting high-value individuals, the group distributes malicious software under legitimate guises, compromising both Windows and macOS systems. Mitigating these threats involves cautious online … Read more
August 22, 2024 at 03:12PM Cthulhu Stealer is a new Apple macOS malware designed to steal cryptocurrency and gaming credentials as well as browser data. It mimics the successful Atomic Stealer and is becoming prevalent. As macOS threats are increasing, organizations with macOS devices should enhance their security measures due to the lack of expertise … Read more
August 21, 2024 at 04:39PM Security researchers from Check Point Research discovered valuable information about the creator of Styx Stealer, a new malware tool, due to the threat actor’s operational security lapse. They were able to identify the malware author as an individual from Turkey with connections to the operator of an Agent Tesla campaign, … Read more
August 7, 2024 at 05:30PM The ‘CMoon’ self-spreading worm, discovered by Kaspersky researchers, targets high-value entities in Russia via a compromised gas supply company website. It employs malicious document links to distribute itself and exhibits various functionalities such as info-stealing, DDoS attacks, and self-propagation. Kaspersky advises vigilance due to its potential for further distribution. Based … Read more
August 1, 2024 at 03:03PM Attackers are using hijacked Facebook pages to lure victims into downloading a seemingly legitimate AI photo editor, but ultimately serving up a widely distributed infostealer, the Lumma stealer, to steal user credentials and sensitive information. The malvertising campaign exploits AI’s popularity and various tactics to deliver malware, with phishing being … Read more
July 30, 2024 at 04:56PM New research shows that cybercriminals are now selling Generative AI (GenAI) account credentials alongside other illegal goods on underground hacker markets. The credentials are for platforms like ChatGPT, Quillbot, and Huggingface, with roughly 400 accounts stolen per day and sold for $15 each. The researchers advise organizations to monitor employee … Read more
July 18, 2024 at 05:34PM Cybercriminal group Revolver Rabbit has registered over 500,000 domain names using a secret method called RDGAs to execute infostealer campaigns targeting Windows and macOS systems. Security researchers at Infoblox discovered this large-scale operation, estimating over $1 million in registration fees. The domains use a consistent pattern for easy readability and … Read more
July 16, 2024 at 05:15AM The Void Banshee APT group was discovered exploiting a zero-day vulnerability in the Microsoft MHTML browser engine to distribute the Atlantida information stealer. It was used in a multi-stage attack chain via specially crafted internet shortcut files. The group targets organizations globally and has a history of information theft and … Read more
July 15, 2024 at 07:09AM Cybersecurity threat actors are exploiting the cyber ecosystem, offering services ranging from developing and selling infostealer malware to spreading and monetizing stolen data. Specialization and market evolution have lowered the barrier of entry, providing opportunities for anyone to profit from cybercrime. The pervasive problem calls for vigilance and proactive measures … Read more