2013, Malware and Spyware - Cyber Security Informer

Sextortion campaign uses Goontact spyware to target Android and iOS users

Security Affairs

DECEMBER 16, 2020

Security experts spotted a new malware strain, named Goontact, that allows its operators to spy on both Android and iOS users. Security researchers from Lookout have discovered new spyware, dubbed Goontcat, that could target both Android and iOS users. The spyware is likely used as part of a sextortion campaign.

Spyware

Spyware Mobile Surveillance Malware

Experts spotted two Android spyware used by Indian APT Confucius

Security Affairs

FEBRUARY 11, 2021

Lookout researchers provided details about two Android spyware families employed by an APT group tracked as Confucius. Researchers at mobile security firm Lookout have provided details about two recently discovered Android spyware families, dubbed Hornbill and SunBird, used by an APT group named Confucius.

Spyware

Spyware Surveillance Malware Mobile

New Android Spyware Tools Emerge in Widespread Surveillance Campaign

Threatpost

JULY 1, 2020

Never-before-seen Android spyware tools have been used in a widespread APT campaign to spy on the Uyghur ethnic minority group - since 2013.

Spyware

Spyware Surveillance Malware Hacking

Hackers exploit old Microsoft Vulnerability to drop Zloader Malware

CyberSecurity Insiders

JANUARY 5, 2022

Hackers are found inducing Zloader Malware into Windows machines since November last year and reports are in that the malicious software tool has already targeted over 2,848 victims from 111 countries so far. Highly placed sources say that the malware has been distributed via phishing campaign by a cyber threat group named MalSmoke.

Malware

Malware Spyware Antivirus Cyber threats

Going Down the Spyware Rabbit Hole with SilkBean Mobile Malware

Threatpost

JULY 22, 2020

An Android spyware attack was recently discovered that targeted the Uyghur ethnic minority group - since 2013.

Spyware

Spyware Mobile Malware

Experts spotted a rare Linux Desktop spyware dubbed EvilGnome

Security Affairs

JULY 18, 2019

Intezer spotted a new piece of Linux malware dubbed EvilGnome because it disguises as a Gnome extension. The researchers attribute the spyware to the Russia-linked and Gamaredon Group. The attack starts with spear-phishing emails containing weaponized attachments, the malware is distributed via Russian hosting providers.

Spyware

Spyware Malware Advertising Cyber Attacks

North Korea-Linked APT Group Kimsuky spotted using new malware

Security Affairs

NOVEMBER 2, 2020

North Korea-linked APT group Kimsuky was recently spotted using a new piece of malware in attacks on government agencies and human rights activists. The new malware appears to have been developed recently, but threat actors might have used Backdating, or timestomping to thwart analysis attempts (anti-forensics).

Malware

Malware Advertising Spyware Government

CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 1, 2023

CISA has added nine flaws to its Known Exploited Vulnerabilities catalog, including bugs exploited by commercial spyware on mobile devices. The exploits were used to install commercial spyware and malicious apps on targets’ devices. The threat actors behind the attacks used both zero-day and n-day exploits in their exploits.

Spyware

Spyware Surveillance Mobile Education

The Most Common Types of Malware in 2021

CyberSecurity Insiders

JANUARY 31, 2021

Regardless of how familiar you are with Information Security, you’ve probably come across the term ‘malware’ countless times. From accessing your business-critical resources and sensitive information to halting business operations and services, a malware infection can quickly become an organization’s worst nightmare come true.

Malware

Malware Computers and Electronics Adware Spyware

A week in security (June 27 – July 3)

Malwarebytes

JULY 4, 2022

Last week on Malwarebytes Labs: Ransomware review: June 2022 AstraLocker 2.0

Spyware

Spyware Ransomware Internet Internet

PhantomLance, a four-year-long cyberespionage spying campaign

Security Affairs

APRIL 28, 2020

The malware was an info stealer and according to the researchers, it was part of a long-term campaign, tracked as “PhantomLance” that has been active at least since December 2015. We informed Google of the malware, and it was removed from the market shortly after.” ” reads the analysis published by Kaspersky.

Malware

Malware Advertising Marketing Hacking

The Belgacom hack was the work of the UK GCHQ intelligence agency

Security Affairs

OCTOBER 28, 2018

Back to September 2013, Belgacom (now Proximus), the largest telecommunications company in Belgium and primarily state-owned, announced its IT infrastructure had suffered a malware-based attack. Specifically, these are IP addresses of computers where the spyware software communicated from Belgacom. ” wrote The Intercept.

Hacking

Hacking Spyware Malware Advertising

GUEST ESSAY. Everyone should grasp these facts about cyber threats that plague digital commerce

The Last Watchdog

FEBRUARY 28, 2021

Regardless of how familiar you are with Information Security, you’ve probably come across the term ‘malware’ countless times. From accessing your business-critical resources and sensitive information to halting business operations and services, a malware infection can quickly become an organization’s worst nightmare come true.

Cyber threats

Cyber threats Computers and Electronics Adware Spyware

Anti-Debugging Techniques from a Complex Visual Basic Packer

Security Affairs

JULY 17, 2019

Hawkeye Keylogger” is an info-stealing malware for sale in the dark-web. Anyone can easily subscribe to the malware service by paying a fee. It has been in continuous development at least since 2013 and the malware authors behind Hawkeye have improved the malware service adding new capabilities and techniques.

Spyware

Spyware Malware Passwords Accountability

Russia-linked InvisiMole APT targets state organizations of Ukraine

Security Affairs

MARCH 21, 2022

Then the backdoor contacts the command-and-control (C2) server to downloads and executes other malicious payloads, including the TunnelMole, malware that abuses the DNS protocol to establish a tunnel for malicious purposes, and RC2FM and RC2CL. The LoadEdge backdoor maintains persistence through the Windows registry.

Spyware

Spyware DNS Phishing Government

InvisiMole group targets military sector and diplomatic missions in Eastern Europe

Security Affairs

JUNE 18, 2020

The group was first spotted by ESET in 2018, when the experts detected a sophisticated piece of spyware, tracked as InvisiMole, used in targeted attacks in Russia and Ukraine in the previous five years.

DNS

DNS Advertising Spyware Software

Former NSA TAO hacker sentenced to 66 months in prison over Kaspersky Leak

Security Affairs

SEPTEMBER 26, 2018

According to the telemetry logs collected by the Russian firm, the staffer temporary switched off the antivirus protection on the PC, and infected his personal computer with a spyware from a product key generator while trying to use a pirated copy of Office. Once the antivirus was turned on again, it detected the malware.

Antivirus

Antivirus Hacking Software Government

Security Affairs newsletter Round 177 – News of the week

Security Affairs

AUGUST 26, 2018

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Banking

Banking Spyware Advertising DNS

IT threat evolution Q3 2023

SecureList

DECEMBER 1, 2023

To exfiltrate data and deliver next-stage malware, the attackers abuse cloud-based data storage, such as Dropbox or Yandex Disk, as well as a temporary file sharing service. However, they included an additional module that constantly monitored the messenger and sent data to the spyware creator’s C2 server.

Malware

Malware Ransomware Encryption Energy and Utilities

Cyber Security Roundup for May 2021

Security Boulevard

MAY 3, 2021

Millions in the UK Targeted by Malware via a DHL Scam Text Message. That link would attempt to install spyware called Flubot, malware designed to steal online banking data from Andriod devices. . That link would attempt to install spyware called Flubot, malware designed to steal online banking data from Andriod devices. .

Ransomware

Ransomware Passwords Scams Government

The Ups and Downs of 0-days: A Year in Review of 0-days Exploited In-the-Wild in 2022

Google Security

JULY 27, 2023

Anyone who visits that site is then exploited and delivered the final payload (usually spyware). At the end of 2021, Citizen Lab captured a 0-click exploit targeting iMessage, CVE-2023-30860, used by NSO in their Pegasus spyware. In 2021, we generally saw a move to 1-click links as the initial attack vector.

Spyware

Spyware Manufacturing Internet Internet

Australian man charged with creating and selling the Imminent Monitor spyware

Security Affairs

AUGUST 1, 2022

An Australian national has been charged for the creation and sale of the Imminent Monitor (IM) spyware, which was also used for criminal purposes. The 24-year-old Australian national Jacob Wayne John Keen has been charged for his alleged role in the development and sale of spyware known as Imminent Monitor (IM).

Spyware

Spyware Malware Hacking Cybercrime

APT trends report Q1 2021

SecureList

APRIL 27, 2021

In our initial report on Sunburst , we examined the method used by the malware to communicate with its C2 (command-and-control) server and the protocol used to upgrade victims for further exploitation. This campaign made use of a previously unknown malware family we dubbed FourteenHi.

Malware

Malware Government Spyware Social Engineering

FinSpy: unseen findings

SecureList

SEPTEMBER 28, 2021

Kaspersky has been tracking deployments of this spyware since 2011. The Pre-Validator ensures that the victim machine is not used for malware analysis. The nature of these shellcodes indicates that they are used to fingerprint the system and verify that it is not used for malware analysis. MacOS Infection.

Encryption

Encryption Malware Spyware Architecture

Cyber CEO: The History Of Cybercrime, From 1834 To Present

Herjavec Group

AUGUST 26, 2021

After being released in 2003, he uses WiFi to commit attacks, program malware and steal credit card information. 2008 — Heartland Payment Systems — 134 million credit cards are exposed through SQL injection to install spyware on Heartland’s data systems. 2013 — Credit Card Fraud Spree — In the biggest cybercrime case filed in U.S.

Cybercrime

Cybercrime Computers and Electronics Banking Hacking

Cyber Security Informer

Sextortion campaign uses Goontact spyware to target Android and iOS users

Experts spotted two Android spyware used by Indian APT Confucius

Trending Sources

New Android Spyware Tools Emerge in Widespread Surveillance Campaign

Hackers exploit old Microsoft Vulnerability to drop Zloader Malware

Going Down the Spyware Rabbit Hole with SilkBean Mobile Malware

Experts spotted a rare Linux Desktop spyware dubbed EvilGnome

North Korea-Linked APT Group Kimsuky spotted using new malware

CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog

The Most Common Types of Malware in 2021

A week in security (June 27 – July 3)

PhantomLance, a four-year-long cyberespionage spying campaign

The Belgacom hack was the work of the UK GCHQ intelligence agency

GUEST ESSAY. Everyone should grasp these facts about cyber threats that plague digital commerce

Anti-Debugging Techniques from a Complex Visual Basic Packer

Russia-linked InvisiMole APT targets state organizations of Ukraine

InvisiMole group targets military sector and diplomatic missions in Eastern Europe

Former NSA TAO hacker sentenced to 66 months in prison over Kaspersky Leak

Security Affairs newsletter Round 177 – News of the week

IT threat evolution Q3 2023

Cyber Security Roundup for May 2021

The Ups and Downs of 0-days: A Year in Review of 0-days Exploited In-the-Wild in 2022

Australian man charged with creating and selling the Imminent Monitor spyware

APT trends report Q1 2021

FinSpy: unseen findings

Cyber CEO: The History Of Cybercrime, From 1834 To Present

Stay Connected