New Warmcookie Windows backdoor pushed via fake job offers

June 11, 2024 at 11:20AM A new Windows malware called ‘Warmcookie’ is being spread through fake job offer phishing campaigns to infiltrate corporate networks. It is capable of machine fingerprinting, screenshot capturing, and deploying additional payloads. The threat actors create new domains weekly and utilize compromised infrastructure to send phishing emails. Warmcookie gathers victim information, … Read more

Fake Antivirus Websites Deliver Malware to Android and Windows Devices

May 24, 2024 at 09:51AM Threat actors are using fake websites posing as legitimate antivirus solutions like Avast, Bitdefender, and Malwarebytes to distribute malware targeting Android and Windows devices. The malware can steal sensitive information. The firms also observed a new Android banking trojan called Antidot, posing as a Google Play update, to facilitate information … Read more

North Korean Hackers Use New ‘KandyKorn’ macOS Malware in Attacks

November 4, 2023 at 12:30PM The North Korean hacking group, Lazarus, has been using new macOS and Windows malware in recent attacks, according to security researchers. In one attack, Lazarus targeted blockchain engineers at a cryptocurrency exchange platform by impersonating members of the blockchain community and convincing the victim to download an archive containing malicious … Read more

StripedFly malware framework infects 1 million Windows, Linux hosts

October 26, 2023 at 10:56AM StripedFly is a sophisticated cross-platform malware that infected over a million Windows and Linux systems for five years. Kaspersky discovered it in 2022 and found evidence of its activity since 2017. The malware features TOR-based traffic concealing mechanisms, automated updating, worm-like spreading, and an exploit created before it was publicly … Read more

Quasar RAT Leverages DLL Side-Loading to Fly Under the Radar

October 23, 2023 at 02:09PM The Quasar RAT malware is using DLL side-loading to steal data from compromised Windows hosts. The malware disguises itself as legitimate files, such as ctfmon.exe and calc.exe, to avoid detection. It can gather system information, execute commands, and establish remote access. The attack vector is likely phishing emails. Stay vigilant … Read more