August 7, 2024 at 01:37AM Hunters International, a ransomware-as-a-service gang suspected of rebranding from the Hive crew, has been targeting network admins with malware disguised as Angry IP Scanner. The group’s use of double extortion attacks and rise to the top ten most detected ransomware mobs has positioned them as a significant threat, having been … Read more
July 23, 2024 at 10:36AM CrowdStrike warns of a new Daolpu malware, falsely distributed as a Windows recovery tool after the recent Falcon update struggles. This stealer targets account credentials and browser data from Chrome, Edge, Firefox, and Cốc Cốc. Attackers use malicious document macros to trigger the malware. CrowdStrike advises vigilance against phishing and … Read more
July 11, 2024 at 06:39AM A new email phishing campaign targeting Spanish language victims delivers a remote access trojan called Poco RAT since February 2024. The attacks primarily aim at mining, manufacturing, hospitality, and utilities sectors. The malware uses various tactics such as finance-themed lures and legitimate services abuse to evade detection. Additionally, the article … Read more
July 4, 2024 at 09:10AM Conceptworld Corporation, an India-based software company, was found to be distributing information-stealing malware with its software products. Researchers from Rapid7 discovered that the installation packages of their tools, Notezilla, RecentX, and Copywhiz, had been Trojanized. Despite replacing the malicious installers, users were unknowingly exposed to the dllFake malware, capable of … Read more
June 20, 2024 at 04:21AM A new Rust-based malware, Fickle Stealer, is observed being delivered through various attack chains to harvest sensitive data. It uses different distribution methods, including PowerShell scripts, to bypass security measures and exfiltrate data to a remote server. Fickle Stealer targets information from crypto wallets, web browsers, and applications while also … Read more
March 22, 2024 at 09:54AM Security firm Sucuri warns that over 39,000 websites have been infected with new malware called Sign1, which redirects visitors to scam domains and displays unwanted ads. The JavaScript-based malware is injected into compromised websites, hidden with obfuscation, and conditionally executed based on specific visitor and website conditions. The firm has … Read more
March 19, 2024 at 10:36AM A new destructive malware named AcidPour was identified, targeting Linux x86 IoT and networking devices. It shares characteristics with AcidRain, a data-wiping malware, potentially pointing to an evolution or different origin. The malware’s expanded reach raises concerns, and public collaboration in analyzing and verifying its impact is encouraged by security … Read more
February 15, 2024 at 04:34AM ‘Gold Pickaxe’ is a new iOS and Android trojan employing social engineering to trick victims into providing their faces and ID documents. Developed by the ‘GoldFactory’ Chinese threat group, it’s part of a suite of malware and targets Asia-Pacific. It uses fraudulent apps and webpages to capture sensitive information and … Read more
January 23, 2024 at 04:11PM Fresh malware targeting Apple users in the US and Germany is infecting Bitcoin and Exodus cryptowallet applications through pirated software. Kaspersky researchers state that the malware can replace these applications with infected versions to steal recovery phrases and passwords, allowing attackers to control victims’ digital wallets. They advise against downloading … Read more
January 17, 2024 at 01:21PM The FBI and CISA have issued an alert about a malware campaign targeting Apache webservers and websites using the Laravel Web application framework. The campaign aims to steal credentials for high-profile applications such as AWS, Microsoft 365, Twilio, and SendGrid. The threat actors use a known malware called “Androxgh0st” to … Read more