Security Affairs

SEPTEMBER 8, 2019

Security experts at Google have removed from Google Play 24 apps because they were infected with a new spyware tracked as “the Joker.” ” Google has removed from Google Play 24 apps because they were infected with a new spyware tracked as “the Joker.” continues the expert. ” states the analysis.

Spyware 111

Spyware Advertising Malware Cryptocurrency 111

Security Affairs

FEBRUARY 22, 2020

The infamous Joker malware has found a way to bypass the security checks to be published in the official Play Store, new clicker was found by experts. The spyware is able to steal SMS messages, contact lists, and device information and to sign victims up for premium service subscriptions. wpaper com. vailsmsplus.

Malware 145

Malware Spyware Advertising Mobile 145

Security Affairs

OCTOBER 19, 2020

Researchers spotted new variants of the Windows GravityRAT spyware that now can also infect Android and macOS devices. Researchers from Kaspersky Lab have spotted new variants of the GravityRAT malware that now can be also used to infect Android and macOS devices. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware 136

Malware Computers and Electronics Spyware Advertising 136

Security Affairs

JUNE 28, 2019

Allegedly Western nation-state actors breached the systems of Russian tech giant Yandex in 2018, the attack involved a new variant of the Regin malware. According to the Reuters, Western state-sponsored hackers breached the systems of the Russian tech giant Yandex in 2018, the attack involved a new variant of the Regin malware.

Spyware 107

Spyware Malware Advertising Authentication 107

Security Affairs

JULY 11, 2019

Malware researchers from Kaspersky have discovered new and improved versions of the infamous FinFisher spyware used to infect both Android and iOS devices. Experts at Kaspersky have discovered a new improved variant of the FinFisher spyware used to spy on both iOS and Android users in 20 countries. Pierluigi Paganini.

Spyware 111

Spyware Advertising Mobile Architecture 111

Security Affairs

MARCH 30, 2019

Security researchers have found a new government spyware, tracked as Exodus, that was distributed through the Google Play Store. The malware was tracked as Exodus, after the name of the command and control servers the malicious apps connected to.

Government 111

Government Malware Spyware Surveillance 111

Security Affairs

JUNE 15, 2020

The Earth Empusa threat group is distributing new Android spyware, dubbed ActionSpy, through watering hole attacks to targets Turkic minority group. ActionSpy, which may have been around since 2017, is an Android spyware that allows the attacker to collect information from the compromised devices,” reads the report published by Trend Micro.

Spyware 104

Spyware Advertising Encryption Phishing 104

Security Affairs

MAY 18, 2020

Security experts discovered a highly sophisticated Android spyware platform, dubbed Mandrake, that remained undetected for four years. Researchers from Bitdefender discovered a high-sophisticated Android spyware platform dubbed Mandrake, it was involved in highly targeted attacks against specific devices. ” continues the report.

Spyware 111

Spyware Malware Advertising Banking 111

Security Affairs

APRIL 9, 2020

Group-IB’s CERT-GIB analyzed hundreds of coronavirus -related phishing emails and discovered top malware strains in COVID-19 campaigns. Spyware turned out to be the most common malware class hiding in fraudulent COVID-19 emails, with AgentTesla topping the list of phishers’ favorite strains. Source: CERT-GIB. Source: CERT-GIB.

Phishing 141

Phishing Malware Spyware DDOS 141

Security Affairs

JUNE 21, 2020

Shlayer Mac malware is back, the Mac threat is now spreading through new black SEO operations. Researchers spotted a new version of the Shlayer Mac malware that is spreading via poisoned Google search results. The malware can be used to download other malicious payloads, including malware or adware. up to 10.14.3.

Engineering 145

Engineering Malware Adware Antivirus 145

Security Affairs

MARCH 8, 2020

Experts uncovered a new Coronavirus (COVID-19 ) -themed campaign that is distributing a malware downloader that delivers the FormBook information-stealing Trojan. Experts at MalwareHunterTeam uncovered a new malspam campaign exploiting the fear in the Coronavirus (COVID-19) to deliver malware. states the analysis published by FireEye.

Malware 145

Malware Scams Social Engineering Phishing 145

Security Affairs

JULY 20, 2023

China-linked group APT41 was spotted using two previously undocumented Android spyware called WyrmSpy and DragonEgg China-linked APT group APT41 has been observed using two previously undocumented Android spyware called WyrmSpy and DragonEgg. Upon installing the two spyware, they request extensive device permissions.

Spyware 98

Spyware Surveillance Mobile Malware 98

Security Affairs

JULY 18, 2019

Intezer spotted a new piece of Linux malware dubbed EvilGnome because it disguises as a Gnome extension. The researchers attribute the spyware to the Russia-linked and Gamaredon Group. The attack starts with spear-phishing emails containing weaponized attachments, the malware is distributed via Russian hosting providers.

Spyware 109

Spyware Malware Advertising Cyber Attacks 109

Security Affairs

JULY 25, 2019

Researchers at Lookout discovered a new mobile spyware dubbed Monokle that was developed by a Russian defense contractor. Experts at Lookout discovered a new Android mobile spyware in the wild, dubbed Monokle, that was developed by a Russian defense contractor named Special Technology Centre Ltd. ( Pierluigi Paganini.

Spyware 104

Spyware Surveillance Mobile Advertising 104

Security Affairs

JULY 16, 2020

Researchers spotted a new Android banking trojan dubbed BlackRock malware that steals credentials and credit card data from hundreds of apps. The BlackRock malware borrows the code from the Xerxes banking malware, which is a strain of the popular LokiBot Android trojan.

Malware 127

Malware Banking Mobile Advertising 127

Security Affairs

NOVEMBER 2, 2020

North Korea-linked APT group Kimsuky was recently spotted using a new piece of malware in attacks on government agencies and human rights activists. The new malware appears to have been developed recently, but threat actors might have used Backdating, or timestomping to thwart analysis attempts (anti-forensics).

Malware 132

Malware Advertising Spyware Government 132

Security Affairs

DECEMBER 21, 2023

Threat actors are exploiting an old Microsoft Office vulnerability, tracked as CVE-2017-11882, to spread the Agent Tesla malware. Threat actors are exploiting an old Microsoft Office vulnerability, tracked as CVE-2017-11882 (CVSS score: 7.8), as part of phishing campaigns to spread the Agent Tesla malware.

Malware 131

Malware Phishing Spyware Cyber threats 131

Security Affairs

AUGUST 22, 2019

The popular malware researcher Lukas Stefanko from ESET discovered that a malicious spyware, built on the AhMyth open-source espionage tool, was uploaded on Google Play twice over two weeks, bypassing Google security checks. “ ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Spyware 103

Spyware Advertising Malware Mobile 103

Heimadal Security

DECEMBER 14, 2021

Agent Tesla initially detected in late 2014, is a known spyware aimed at collecting sensitive data from a victim’s device, such as stored application credentials and keyboard inputs (keylogger). The post Agent Tesla Spyware Used in Phishing Campaign appeared first on Heimdal Security Blog.

Spyware 84

Spyware Phishing Internet Internet 84

Security Affairs

JULY 9, 2020

Check Point research discovered that the Joker (aka Bread) Android malware once again has bypassed protections implemented by Google for its Play Store. “Check Point’s researchers recently discovered a new variant of the Joker Dropper and Premium Dialer spyware in Google Play. . Pierluigi Paganini.

Malware 112

Malware Spyware Advertising Mobile 112

Security Affairs

AUGUST 12, 2020

Agent Tesla is a spyware that is used to spy on the victims by collecting keystrokes, system clipboard, screenshots, and credentials from the infected system. To do this, the spyware creates different threads and timer functions in the main function. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Passwords 144

Passwords Spyware VPN Malware 144

Security Affairs

APRIL 16, 2019

Scranos is a powerful cross-platform rootkit-enabled spyware discovered while investigating malware posing as legitimate software like video players, drivers and even anti-virus products. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – scranos malware, malware).

Spyware 102

Spyware Adware Malware Accountability 102

Security Affairs

JANUARY 12, 2020

Google revealed it successfully removed more than 1,700 apps from the Play Store over the past three years that had been infected with the Joker malware. Google provided technical details of its activity against the Joker malware (aka Bread) operation during the last few years.

Malware 101

Malware Spyware Advertising Mobile 101

Security Affairs

JULY 12, 2020

. “In August 2020, the Google Ads Enabling Dishonest Behavior policy will be updated to clarify restrictions on advertising for spyware and surveillance technology.”reads Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Surveillance 141

Surveillance Spyware Advertising Marketing 141

Security Affairs

OCTOBER 5, 2020

A China-linked threat actor used UEFI malware based on code from Hacking Team in attacks aimed at organizations with an interest in North Korea. Researchers from Kaspersky have spotted a UEFI malware that was involved in attacks on organizations with an interest in North Korea. Pierluigi Paganini. SecurityAffairs – hacking, UEFI).

Firmware 145

Firmware Spyware Surveillance Hacking 145

Security Affairs

OCTOBER 10, 2019

NSO Group ‘s surveillance spyware made the headlines again, this time the malware was used to spy on 2 rights activists in Morocco according Amnesty International. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Spyware 77

Spyware Surveillance Advertising Malware 77

Security Affairs

SEPTEMBER 27, 2020

Experts from Amnesty International uncovered a surveillance campaign that targeted Egyptian civil society organizations with a new version of FinSpy spyware. The binaries are obfuscated and do some checks to detect if the spyware is running in a Virtual Machine. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Spyware 144

Spyware Surveillance Advertising Mobile 144

Security Affairs

AUGUST 23, 2018

Security researchers from Bitdefender have spotted a new Android spyware framework dubbed Triout that could be used to create malware with extensive surveillance capabilities. The malware was likely spread through third-party marketplaces or domains controlled by the attackers that host the malicious code. Pierluigi Paganini.

Spyware 71

Spyware Surveillance Advertising Malware 71

Security Affairs

AUGUST 30, 2018

Security experts from Kaspersky Lab have uncovered a new strain of Android malware dubbed BusyGasper that remained hidden for two years. The BusyGasper Android spyware has been active since May 2016, it implements unusual features for this type of malware. ” reads the report published by Kaspersky.

Spyware 72

Spyware Malware Advertising Banking 72

Krebs on Security

JANUARY 14, 2019

On Friday, a 34-year-old Connecticut man received a whopping 10-year prison sentence for carrying out distributed denial-of-service (DDoS) attacks against a number of hospitals in 2014. Daniel Kaye , an Israel-U.K. According to court testimony, Kaye was hired in 2015 to attack Lonestar , Liberia’s top mobile phone and Internet provider.

DDOS 221

DDOS Internet Internet Spyware 221

Security Affairs

APRIL 21, 2020

Hackers launched spear-phishing attacks against organizations in the oil and gas industry sector spreading the Agent Tesla info-stealer malware. The attacks aim at infecting victims with the infamous Agent Tesla info-stealer malware. To do this, the spyware creates different threads and timer functions in the main function.

Spyware 136

Spyware Manufacturing Malware Engineering 136

Security Affairs

OCTOBER 24, 2019

The Sweden government is going to authorize the use of spyware on suspects’ devices to spy on their communications and track them. Criminal organizations leverage encrypted messaging services for their communications, for this reason the Government decided to authorize the use of surveillance spyware against suspects of violent crimes.

Spyware 75

Spyware Government Surveillance Encryption 75

Security Affairs

APRIL 5, 2019

ZLab Yoroi-Cybaze dissected another attack wave of Ursnif Trojan, aka Gozi ISFB, an offspring of the original Gozi which source code was leaked in 2014. ZLab Yoroi-Cybaze dissected another attack wave of Ursnif Trojan, aka Gozi ISFB, an offspring of the original Gozi which source code was leaked in 2014. Introduction.

Banking 109

Banking Malware Cryptocurrency Advertising 109

Krebs on Security

APRIL 2, 2019

Canadian police last week raided the residence of a Toronto software developer behind “ Orcus RAT ,” a product that’s been marketed on underground forums and used in countless malware attacks since its creation in 2015. In 2014, the U.S. An advertisement for Orcus RAT.

Advertising 255

Advertising Malware Software Marketing 255

Security Affairs

SEPTEMBER 27, 2020

Google removed this week 17 Android apps from its Play Store because they were infected with the Joker (aka Bread) malware, Zscaler revealed. Security researchers from Zscaler spotter 17 apps in the Play Store that were infected with the Joker (Bread) malware. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware 145

Malware Advertising Spyware Encryption 145

Security Affairs

APRIL 28, 2020

The malware was an info stealer and according to the researchers, it was part of a long-term campaign, tracked as “PhantomLance” that has been active at least since December 2015. We informed Google of the malware, and it was removed from the market shortly after.” ” reads the analysis published by Kaspersky.

Malware 141

Malware Advertising Marketing Hacking 141

Security Affairs

DECEMBER 12, 2024

The Russia-linked APT Gamaredon used two new Android spyware tools calledBoneSpyandPlainGnome against former Soviet states. These are the first known mobile malware families linked to the Russian APT. Gamaredon has been launching cyber-espionage campaigns on Ukraine since at least 2014.

Mobile 97

Mobile Malware Surveillance Social Engineering 97