September 24, 2024 at 12:42PM Altered versions of popular Android apps linked to Spotify, WhatsApp, and Minecraft have been distributing a new iteration of Necro, a known malware loader, with some of these apps even present on the Google Play Store. This sophisticated malware is designed to carry out various malicious activities on infected devices, … Read more
September 23, 2024 at 05:38PM The Necro trojan is targeting Android users, potentially affecting millions. Kaspersky discovered the Necro campaign in 2019, exposing numerous devices to malware. Popular apps like Wuta Camera and Max Browser were affected, prompting Google to take action. Malicious modifications for apps like WhatsApp and children’s games are also concerning. Kaspersky … Read more
May 7, 2024 at 07:45AM A ‘Thank you’ comment on a retailer’s page concealed a malicious vulnerability, allowing hackers to steal shoppers’ personal information. The continuously updated web threat management solution from Reflectiz detected and mitigated the threat. Regulatory compliance such as GDPR is crucial to avoid hefty fines and reputational damage. Protect your website … Read more
April 16, 2024 at 10:36AM Russian cybersecurity company, Positive Technologies, revealed that the threat actor TA558 is using steganography to distribute various malware like Agent Tesla, FormBook, and LokiBot. Termed SteganoAmor, the attacks mainly target Latin American sectors but have also impacted companies in Russia, Romania, and Turkey. The group is also deploying Venom RAT … Read more
April 15, 2024 at 04:36PM TA558 hacking group’s “SteganoAmor” campaign uses steganography to conceal and deliver various malware tools, targeting hospitality and tourism organizations worldwide. The campaign involves sending malicious emails with document attachments exploiting a Microsoft Office vulnerability. This leads to the download of various malware families, including spyware, info-stealers, RATs, and downloaders. Over … Read more
February 26, 2024 at 05:57PM The hacking group UAC-0184 utilized steganographic images to deploy the Remcos remote access trojan onto a Ukrainian entity in Finland. The group expanded to target organizations outside Ukraine. The attack involves phishing emails, a modular loader, and executing malware disguised in a PNG image. Details are available in the CERT-UA … Read more
February 26, 2024 at 10:45AM Ukrainian entities based in Finland are targeted in a malicious campaign distributing the Remcos RAT using the IDAT Loader. The attack utilizes steganography and has been attributed to the threat actor UAC-0184. Other loaders like Hijack Loader have been used to distribute additional payloads. CERT-UA disclosed a phishing campaign involving … Read more
November 17, 2023 at 06:00AM An unidentified threat actor has been uploading malware-laden fake Python libraries to the PyPI repository for the past six months. Disguised as legitimate packages, these 27 libraries have attracted thousands of downloads from various countries. The attacker used steganography to hide malicious payloads within innocent-looking image files. The packages included … Read more