Cybercriminals Exploit Popular Game Engine Godot to Distribute Cross-Platform Malware

November 28, 2024 at 05:06AM A malware campaign exploiting the Godot Engine has infected over 17,000 systems since June 2024, using crafted GDScript code. The attack employs 200+ bogus GitHub accounts to distribute GodLoader, targeting Windows and adaptable to other OS. This underscores the need for users to download from trusted sources. **Meeting Takeaways (Nov … Read more

Beware: Fake Google Meet Pages Deliver Infostealers in Ongoing ClickFix Campaign

October 18, 2024 at 07:00AM Threat actors are using fake Google Meet pages in the ClickFix malware campaign to deliver infostealers for Windows and macOS. Users are tricked into executing malicious PowerShell commands through deceptive error messages. The campaign is linked to two groups, raising concerns about unknown cybercrime services facilitating these operations. ### Meeting … Read more

Crypto-stealing malware campaign infects 28,000 people

October 9, 2024 at 05:25PM A malware campaign has affected over 28,000 individuals across Russia and neighboring countries, disguising itself as legitimate software. It uses infected downloads to intercept cryptocurrency transactions and mine digital currencies. The report urges caution when downloading software from unofficial sources and highlights significant financial losses associated with the attack. ### … Read more

AI ‘Nude Photo Generator’ Delivers Infostealers Instead of Images

October 3, 2024 at 02:53PM The FIN7 threat group is using artificial intelligence and social engineering in a provocative campaign, advertising a “DeepNude Generator” to trick users into downloading infostealing malware. It also targets corporate users with malvertising. FIN7’s sophisticated tactics demonstrate a persistent and evolving threat, requiring organizations to develop indicators of attack and … Read more

New Perfctl Malware Targets Linux Servers for Cryptocurrency Mining and Proxyjacking

October 3, 2024 at 10:45AM Linux servers are under attack by a persistent campaign delivering perfctl malware, aiming to run a cryptocurrency miner and proxyjacking software. The elusive and stealthy malware employs sophisticated techniques including exploiting a security flaw in Polkit. It’s recommended to keep systems updated, restrict file execution, and enforce network segmentation to … Read more

New Android SpyAgent Malware Uses OCR to Steal Crypto Wallet Recovery Keys

September 9, 2024 at 05:09AM A recent mobile malware campaign known as SpyAgent is targeting Android device users in South Korea and the U.K. Through deceptive apps, it aims to steal mnemonic keys and gain access to cryptocurrency wallets, potentially leading to fund theft. The campaign demonstrates sophisticated evasion techniques and marks a concerning trend … Read more

North Korean Hackers Targets Job Seekers with Fake FreeConference App

September 4, 2024 at 12:21PM North Korean threat actors have created a malicious campaign called Contagious Interview, using fake job interviews to distribute malware. They have now been using fake video conferencing applications to backdoor developer systems. This activity is attributed to the North Korean threat actor Famous Chollima. The campaign is targeting job seekers … Read more

Hackers Use Fake GlobalProtect VPN Software in New WikiLoader Malware Attack

September 4, 2024 at 01:42AM A new malware campaign is using a spoofed version of Palo Alto Networks’ GlobalProtect VPN software to distribute the WikiLoader malware through an SEO campaign. The malware campaign is a shift from previous tactics and involves malicious activities such as delivering malware via fake GlobalProtect download pages and anti-analysis checks … Read more

‘Voldemort’ Malware Curses Orgs Using Global Tax Authorities

August 30, 2024 at 01:13PM The “Voldemort” malware campaign impersonates tax authorities in Europe, Asia, and the US, targeting organizations worldwide. It has affected dozens of organizations, with 20,000+ phishing messages reported. The malware, using Google Sheets for command and control, is designed for data exfiltration and deploying malicious payloads. Experts advise organizations to enhance … Read more

Cyberattackers Exploit Google Sheets for Malware Control in Global Espionage Campaign

August 30, 2024 at 09:45AM Researchers have discovered a sophisticated malware campaign using Google Sheets for command-and-control activities. The campaign targets various organizations worldwide, impersonating tax authorities to distribute a bespoke information-gathering tool called Voldemort. The malware utilizes advanced techniques while also exhibiting characteristics of cybercrime activity. Proofpoint experts believe the campaign is likely espionage-driven … Read more