article thumbnail

PlugX malware deleted from thousands of systems by FBI

Malwarebytes

The FBI says it has removed PlugX malware from thousands of infected computers worldwide. The move came after suspicion that cybercriminals groups under control of the Peoples Republic of China (PRC) used a version of PlugX malware to control, and steal information from victims’ computers.

Malware 113
article thumbnail

A zero-day in Windows 7 and Windows Server 2008 has yet to be fixed

Security Affairs

Researcher discovers a zero-day vulnerability in Windows 7 and Windows Server 2008 while he was working on a Windows security tool. “If you have ever run this script on Windows 7 or Windows Server 2008 R2 , you probably noticed a weird recurring result and perhaps thought that it was a false positive just as I did.

Hacking 145
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Krebs on Security

This post is a deep dive on “ Megatraffer ,” a veteran Russian hacker who has practically cornered the underground market for malware focused code-signing certificates since 2015. More recently, it appears Megatraffer has been working with ransomware groups to help improve the stealth of their malware. ru in 2008.

Malware 299
article thumbnail

When Your Smart ID Card Reader Comes With Malware

Krebs on Security

The consensus seems to be that the ZIP file currently harbors a malware threat known as Ramnit , a fairly common but dangerous trojan horse that spreads by appending itself to other files. He said Saicoo did not address his concern that the driver package on its website was bundled with malware. Image: Virustotal.com.

Malware 353
article thumbnail

CIA Hacking unit APT-C-39 hit China since 2008

Security Affairs

” The US-linked hackers targeted the Chinese organizations between September 2008 and June 2019. The Chinese security firm also adds that the APT-C-39 hacking group employed several Vault 7 tools in its operations, including the Fluxwire backdoor, and the Grasshopper malware builder. Pierluigi Paganini.

Hacking 145
article thumbnail

PLAYFULGHOST backdoor supports multiple information stealing features

Security Affairs

PLAYFULGHOST is a new malware family with capabilities including keylogging, screen and audio capture, remote shell access, and file transfer/execution. The PLAYFULGHOST backdoor shares functionality with Gh0stRAT whose source code was publicly released in 2008. ” reads the report published by Google.

Malware 129
article thumbnail

Microsoft Patches ‘Wormable’ Flaw in Windows XP, 7 and Windows 2003

Krebs on Security

Microsoft today is taking the unusual step of releasing security updates for unsupported but still widely-used Windows operating systems like XP and Windows 2003 , citing the discovery of a “wormable” flaw that the company says could be used to fuel a fast-moving malware threat like the WannaCry ransomware attacks of 2017.

Malware 264