New RedLine Stealer Variant Disguised as Game Cheats Using Lua Bytecode for Stealth

April 21, 2024 at 05:15AM A new information stealer using Lua bytecode was found by McAfee Labs, identified as a variant of RedLine Stealer. It targets cryptocurrency wallets, VPN software, and web browsers, spreading through GitHub by masquerading as game cheats. The malware functions as a backdoor, exfiltrating data to its command-and-control server. It’s part … Read more

New IDAT Loader Attacks Using Steganography to Deploy Remcos RAT

February 26, 2024 at 10:45AM Ukrainian entities based in Finland are targeted in a malicious campaign distributing the Remcos RAT using the IDAT Loader. The attack utilizes steganography and has been attributed to the threat actor UAC-0184. Other loaders like Hijack Loader have been used to distribute additional payloads. CERT-UA disclosed a phishing campaign involving … Read more

New Malvertising Campaign Uses Fake Windows News Portal to Distribute Malicious Installers

November 9, 2023 at 09:09AM A malvertising campaign is targeting users searching for CPU-Z by serving malicious ads that redirect them to a fake Windows news portal. The campaign also cloaks itself by showing innocuous content to those not targeted. The rogue website contains a malicious script that deploys RedLine Stealer. Similar deceptive Google Ads … Read more