Security Affairs

FEBRUARY 13, 2025

Valve removed a game from Steam because it contained malware, the company also warned affected users to reformat their operating systems. The Steam account of the developer for this game uploaded builds to Steam that contained suspected malware. ” A game called PirateFi released on Steam last week and it contained malware.

Malware 109

Malware Antivirus Accountability Software 109

Security Affairs

APRIL 2, 2025

The threat actor FIN7 , also known as Savage Ladybug, has developed a new Python-based malware, named Anubis Backdoor, which allows attackers to gain full remote control over infected Windows systems. “The malware is distributed as a ZIP package, which includes a single Python script alongside multiple Python executables.

Antivirus 128

Antivirus Cybercrime Malware Encryption 128

Krebs on Security

MARCH 28, 2021

New data suggests someone has compromised more than 21,000 Microsoft Exchange Server email systems worldwide and infected them with malware that invokes both KrebsOnSecurity and Yours Truly by name. Oddly, none of the several dozen antivirus tools available to scan the file at Virustotal.com currently detect it as malicious.

Hacking 363

Hacking Cybercrime DNS Internet 363

Schneier on Security

OCTOBER 11, 2019

Kaspersky has uncovered an Uzbeki hacking operation, mostly due to incompetence on the part of the government hackers.

Government 240

Government Malware Antivirus Hacking 240

Security Affairs

DECEMBER 1, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 71

Malware Social Engineering Antivirus Engineering 71

Krebs on Security

FEBRUARY 28, 2024

But clicking the meeting link provided by the scammers prompts the user to run a script that quietly installs malware on macOS systems. It didn’t dawn on Doug until days later that the missed meeting with Mr. Lee might have been a malware attack. MacOS computers include X-Protect , Apple’s built-in antivirus technology.

Malware 323

Malware Cryptocurrency Software Phishing 323

eSecurity Planet

NOVEMBER 12, 2024

Norton 360 and McAfee Total Protection are device and user security solutions that focus on antivirus but also offer additional features like VPNs. 5 Customer support: 5/5 Norton Antivirus and Norton 360 are antivirus and security plans for consumers to protect up to 10 devices, including phones and tablets. 5 Pricing: 3.7/5

Antivirus 62

Antivirus Software Identity Theft VPN 62

Security Affairs

APRIL 2, 2025

The malware was discovered on counterfeit Android devices mimicking popular smartphone models. “The malware has broad functionality and gives attackers almost unlimited control over the gadget” The malware, embedded in the system framework, provides attackers full control over the device. 231 banking malware.

Malware 121

Malware Cryptocurrency Mobile Firmware 121

Security Affairs

APRIL 22, 2025

Japan s Financial Services Agency (FSA) warns of hundreds of millions in unauthorized trades linked to hacked brokerage accounts. Keeping devices updated and using reliable antivirus software also helps prevent malware-related data theft. from fake websites (phishing sites) disguised as websites of real securities companies.”

Financial Services 120

Financial Services Passwords Accountability Antivirus 120

Security Affairs

JANUARY 10, 2025

In August 2024, Russian crooks advertised a macOS malware called BANSHEE Stealer that can target both x86_64 and ARM64 architectures. The malware authors claimed it can steal a broad range of data from compromised systems, including browser data, cryptocurrency wallets, and around 100 browser extensions.

Malware 120

Malware Advertising Antivirus Cybercrime 120

Security Affairs

APRIL 24, 2024

A malware campaign has been exploiting the updating mechanism of the eScan antivirus to distribute backdoors and cryptocurrency miners. Avast researchers discovered and analyzed a malware campaign that exploited the update mechanism of the eScan antivirus to distribute backdoors and crypto miners.

Antivirus 131

Antivirus Malware DNS Cryptocurrency 131

Krebs on Security

NOVEMBER 14, 2024

That investigation detailed how the 38-year-old Shefel adopted the nickname Rescator while working as vice president of payments at ChronoPay , a Russian financial company that paid spammers to advertise fake antivirus scams, male enhancement drugs and knockoff pharmaceuticals. “I’m also godfather of his second son.”

Retail 253

Retail Advertising Cryptocurrency Cybercrime 253

Krebs on Security

JUNE 1, 2023

This post is a deep dive on “ Megatraffer ,” a veteran Russian hacker who has practically cornered the underground market for malware focused code-signing certificates since 2015. “Antivirus software trusts signed programs more. One of Megatraffer’s ads on an English-language cybercrime forum.

Malware 299

Malware Cybercrime Software Accountability 299

Security Affairs

MARCH 26, 2025

New ReaderUpdate malware variants, now written in Crystal, Nim, Rust, and Go, targets macOS users, SentinelOne warns. SentinelOne researchers warn that multiple versions of the ReaderUpdate malware written in Crystal, Nim, Rust, and Go programming languages, are targeting macOS users. The malware maintains persistence via a.plist file.

Malware 71

Malware Adware Antivirus Marketing 71

Krebs on Security

MAY 17, 2022

Out of an abundance of caution, Mark submitted Saicoo’s drivers file to Virustotal.com , which simultaneously scans any shared files with more than five dozen antivirus and security products. He said Saicoo did not address his concern that the driver package on its website was bundled with malware.

Malware 353

Malware Government Internet Internet 353

Security Affairs

JANUARY 25, 2025

Cisco ClamAV (Clam AntiVirus) is an open-source antivirus engine designed to detect malware, viruses, and other malicious threats. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,ClamAV)

Antivirus 133

Antivirus Software Engineering Malware 133

Security Affairs

FEBRUARY 4, 2025

Threat actors target Brazilian users by stealing financial data, the malware can harvest sensitive information from over 70 financial applications and numerous websites. The script retrieved from the remote server contains encoded data segments, which are decoded and executed to advance the malware’s operation.

Banking 118

Banking Malware Antivirus Cyber threats 118

The Hacker News

APRIL 24, 2024

A new malware campaign has been exploiting the updating mechanism of the eScan antivirus software to distribute backdoors and cryptocurrency miners like XMRig through a long-standing threat codenamed GuptiMiner targeting large corporate networks.

Antivirus 137

Antivirus Cryptocurrency Malware Hacking 137

Schneier on Security

APRIL 2, 2021

News article : Most troublingly, Activision says that the “cheat” tool has been advertised multiple times on a popular cheating forum under the title “new COD hack.” “Guides for cheats will typically ask users to disable or uninstall antivirus software and host firewalls, disable kernel code signing, etc.”

Software 229

Software Malware Advertising Antivirus 229

Security Affairs

NOVEMBER 5, 2024

The ToxicPanda Android malware has infected over 1,500 devices, enabling attackers to perform fraudulent banking transactions. Cleafy researchers spotted a new Android banking malware, dubbed ToxicPanda, which already infected over 1,500 Android devices. ” continues the report.

Banking 121

Banking Malware Accountability Authentication 121

Security Affairs

DECEMBER 22, 2024

Panev and other developers were tasked to create and maintain the malware and infrastructure, while affiliates executed attacks and extorted ransoms, splitting the proceeds. He developed the code to disable antivirus software, deploy malware, and print ransom notes to all printers connected to a victim network.

Ransomware 120

Ransomware Small Business Antivirus Malware 120

eSecurity Planet

NOVEMBER 7, 2022

Kaspersky researchers recently found evidence of an advanced threat group continuously updating its malware to evade security products, similar to a release cycle for developers. The sophisticated malware was hidden in malicious Word file attachments. However, the same also goes for antivirus software and other anti-malware solutions.

Antivirus 117

Antivirus Software Malware Security Awareness 117

Security Affairs

NOVEMBER 24, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Android Malware Detection Based on Behavioral-Level Features with Graph Convolutional Networks.

Malware 63

Malware Spyware Antivirus VPN 63

Security Affairs

NOVEMBER 22, 2020

Two Romanians arrested for running three malware services. Two Romanians have been arrested for running two malware crypter services called CyberSeal and DataProtector, and the CyberScan malware testing service. SecurityAffairs – hacking, cybercrime). ” reads the press release published by the Europol.

Malware 142

Malware Antivirus Cybercrime Software 142

Security Affairs

OCTOBER 20, 2024

CISA adds Microsoft Windows Kernel, Mozilla Firefox and SolarWinds Web Help Desk bugs to its Known Exploited Vulnerabilities catalog GitHub addressed a critical vulnerability in Enterprise Server A new Linux variant of FASTCash malware targets financial systems WordPress Jetpack plugin critical flaw impacts 27 million sites Pokemon dev Game Freak discloses (..)

Data breaches 117

Data breaches Cybercrime Cyber Insurance Marketing 117

Security Affairs

DECEMBER 17, 2024

The FBI warned of a fresh wave of HiatusRAT malware attacks targeting internet-facing Chinese-branded web cameras and DVRs. The Federal Bureau of Investigation (FBI) released a Private Industry Notification (PIN) to warn of HiatusRAT malware campaigns targeting Chinese-branded web cameras and DVRs. ” reads the PIN report.

Architecture 108

Architecture Internet Internet Malware 108

Security Affairs

MAY 25, 2024

Threat actors used fake AV websites masquerading as legitimate antivirus products from Avast, Bitdefender, and Malwarebytes to distribute malware. The fake websites were masquerading as legitimate antivirus products from Avast, Bitdefender, and Malwarebytes. exe.zip), malwarebytes.pro (MBSetup.rar). bitdefender-app[.]com

Malware 138

Malware Antivirus Cryptocurrency Hacking 138

Krebs on Security

FEBRUARY 9, 2023

Initially a stealthy trojan horse program delivered via email and used to steal passwords, Trickbot evolved into “a highly modular malware suite that provides the Trickbot Group with the ability to conduct a variety of illegal cyber activities, including ransomware attacks,” the Treasury Department said. The Forbes.ru

Hacking 235

Hacking Cybercrime Ransomware Government 235

Security Affairs

MARCH 10, 2025

Kaspersky researchers discovered a mass malware campaign spreading SilentCryptoMiner by disguising it as a tool to bypass internet restrictions. While investigating the increased use of Windows Packet Divert ( WPD ) tools by crooks to distribute malware under this pretense, the researchers spotted the campaign.

Cryptocurrency 91

Cryptocurrency Malware Social Engineering Antivirus 91

Hacker's King

JANUARY 8, 2025

You may also like to read: How Hackers Spy On Hacked Phone? How To Detect and Secure Yourself Hacker's Most Preferred Hacking Techniques These techniques can be described as the most liked techniques of users to hack Android devices. By using this technique, hackers extract any information required to hack your Android device.

Hacking 52

Hacking Spyware Antivirus Passwords 52

Security Affairs

JULY 26, 2021

Researchers demonstrated how to hide malware inside an image classifier within a neural network in order to bypass the defense solutions. Researchers Zhi Wang, Chaoge Liu, and Xiang Cui presented a technique to deliver malware through neural network models to evade the detection without impacting the performance of the network.

Malware 140

Malware Antivirus Artificial Intelligence Engineering 140

Security Affairs

SEPTEMBER 13, 2024

Researchers uncovered an Android malware, dubbed Vo1d, that has already infected nearly 1.3 Doctor Web researchers uncovered a malware, tracked as Vo1d , that infected nearly 1.3 In August 2024, several users reported that Dr.Web antivirus detected changes in their TV box system files. million Android devices in 197 countries.

Malware 140

Malware Firmware Antivirus Manufacturing 140

The Last Watchdog

JUNE 21, 2020

Balaban This ransomware was doing the rounds over spam generated by the Gameover ZeuS botnet, which had been originally launched in 2011 as a toolkit for stealing victim’s banking credentials and was repurposed for malware propagation. These included PClock, CryptoLocker 2.0, Crypt0L0cker, and TorrentLocker.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

Security Affairs

JULY 22, 2021

CISA released an alert today about several stealth malware samples that were found on compromised Pulse Secure devices. Cybersecurity and Infrastructure Security Agency (CISA) published a security alert related to the discovery of 13 malware samples on compromised Pulse Secure devices, many of which were undetected by antivirus products.

Malware 140

Malware Antivirus Passwords Firewall 140

Security Affairs

JANUARY 14, 2022

A weakness in the Microsoft Defender antivirus can allow attackers to retrieve information to use to avoid detection. Threat actors can leverage a weakness in Microsoft Defender antivirus to determine in which folders plant malware to avoid the AV scanning. SecurityAffairs – hacking, malware). Pierluigi Paganini.

Malware 145

Malware Antivirus Hacking Information Security 145

The Hacker News

JUNE 25, 2021

A previously undocumented Windows malware has infected over 222,000 systems worldwide since at least June 2018, yielding its developer no less than 9,000 Moneros ($2 million) in illegal profits.

Antivirus 142

Antivirus Hacking Malware Software 142

Security Affairs

SEPTEMBER 19, 2024

This week, the Russian anti-malware firm Doctor Web (Dr.Web) announced that it had disconnected all servers following a cyberattack on Saturday, September 14. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Doctor Web )

Antivirus 137

Antivirus Malware Hacking Information Security 137