#MalwareThreat

This is why we update… Data-thief malware exploits unpatched Windows PCs

by

January 12, 2024 at 07:00PM Criminals exploit Windows Defender SmartScreen bypass vulnerability to spread Phemedrone Stealer malware, targeting sensitive data on PCs. The flaw CVE-2023-36025 was patched by Microsoft in November, but a proof-of-concept exploit has been created. The malware targets various browsers, applications, and cryptocurrency wallets, and uses obfuscation techniques to evade detection. Update … Read more

Google: Malware abusing API is standard token theft, not an API issue

by

January 6, 2024 at 11:46AM Malware is exploiting an undocumented Google Chrome API to generate new authentication cookies from stolen ones. Multiple malware operations are using this technique to gain access to users’ Google accounts through the API, and Google has downplayed the severity of the issue. The company urges affected users to take precautionary … Read more

New Sneaky Xamalicious Android Malware Hits Over 327,000 Devices

by

December 27, 2023 at 04:18AM A new Android backdoor, Xamalicious, has been uncovered by McAfee Mobile Research Team. It leverages accessibility permissions to execute malicious actions, including retrieving a second-stage payload and taking control of devices for fraudulent activities. The threat has been associated with 25 apps and is particularly prevalent in several countries, including … Read more

New Web injections campaign steals banking data from 50,000 people

by

December 19, 2023 at 03:40PM A new malware campaign, detected by IBM in March 2023, has targeted over 50,000 users across 40 banks globally, attempting to steal banking data. Using JavaScript web injections, the attackers intercepted user credentials and OTPs, gaining access to accounts, changing settings, and performing unauthorized transactions. The evasive campaign employs stealthy … Read more

Crypto Hardware Wallet Ledger’s Supply Chain Breach Results in $600,000 Theft

by

December 15, 2023 at 08:18AM Ledger, a crypto hardware wallet maker, faced a security breach after former employee fell victim to a phishing attack, leading to theft of $600,000 in virtual assets. Malicious code from the compromised npm account was used to propagate crypto drainer malware to other applications. Ledger has since removed the malicious … Read more

BazarCall attacks abuse Google Forms to legitimize phishing emails

by

December 13, 2023 at 03:41PM A recent surge in BazarCall attacks includes the exploitation of Google Forms to fabricate and dispatch fraudulent payment receipts, augmenting the appearance of authenticity. Initially surfaced in 2021, BazarCall employs phishing tactics via sham payment notifications from reputable companies. The updated method entails sending false payment confirmations using Google Forms, … Read more

Mirai-based Botnet Exploiting Zero-Day Bugs in Routers and NVRs for Massive DDoS Attacks

by

November 23, 2023 at 05:54AM An active malware campaign is using two zero-day vulnerabilities to create a Mirai-based DDoS botnet by targeting routers and network video recorders. Akamai has discovered the attacks and identified the malware variants involved. The flaws are being kept under wraps to allow vendors to patch them. The attacks utilize offensive … Read more

Beware, Developers: BlazeStealer Malware Discovered in Python Packages on PyPI

by

November 8, 2023 at 08:27AM A set of malicious Python packages, disguised as obfuscation tools, have been discovered on the Python Package Index (PyPI) repository. The packages contain a malware called BlazeStealer, which allows attackers to gain control over compromised systems. The campaign began in January 2023 and includes eight packages. The malware can steal … Read more