Schneier on Security

FEBRUARY 7, 2025

Based on their assessment, infected Google Play apps have been downloaded more than 242,000 times. The malware in question uses optical character recognition (OCR) to review a device’s photo library, seeking screenshots of recovery phrases for crypto wallets. ” That’s a tactic I have not heard of before.

Malware 240

Malware Spyware 240

Krebs on Security

FEBRUARY 6, 2025

New mobile apps from the Chinese artificial intelligence (AI) company DeepSeek have remained among the top three “free” downloads for Apple and Google devices since their debut on Jan. As of this writing, DeepSeek is the third most-downloaded “free” app on the Apple store, and #1 on Google Play.

Risk 287

Risk Artificial Intelligence Mobile Encryption 287

Malwarebytes

JANUARY 22, 2025

7-Zip does not have an auto-update function, so you will have to download the version that is suitable for your system from the 7-Zip downloads page. Always be careful when opening archived files that you downloaded from the internet. Keep threats off your devices by downloading Malwarebytes today.

Internet 143

Internet Internet Malware Risk 143

Security Affairs

MARCH 24, 2025

” Fake file converters and download tools may perform advertised tasks but can provide resulting files containing hidden malware, giving criminals access to victims’ devices. “To conduct this scheme, cyber criminals across the globe are using any type of free document converter or downloader tool. .

Malware 113

Malware Scams Identity Theft Antivirus 113

Malwarebytes

OCTOBER 30, 2024

If there is an update available, Chrome will notify you and start downloading it. This vulnerability, tracked as CVE-2024-10487 , can be used by cybercriminals as a drive-by download. Keep threats off your devices by downloading Malwarebytes today. To manually get the update, click Settings > About Chrome.

Spyware 144

Spyware Architecture Advertising Engineering 144

Malwarebytes

JANUARY 3, 2025

If interested, the victim will receive a download link and a password for the archive containing the promised installer. The archives are offered for download on various locations like Dropbox, Catbox, and often on the Discord content delivery network (CDN), by using compromised accounts which add extra credibility. fr leyamor[.]com

Scams 143

Scams Identity Theft Media Accountability 143

Security Affairs

MARCH 31, 2025

Russia-linked Gamaredon targets Ukraine with a phishing campaign using troop-related lures to deploy the Remcos RAT via PowerShell downloader. The threat actor is using troop-related lures to deploy the Remcos RAT via PowerShell downloader. Talos researchers warn that Russia-linked APT group Gamaredon (a.k.a.

Phishing 110

Phishing Antivirus Encryption Hacking 110

Security Affairs

JANUARY 10, 2025

CrowdStrike warns of a phishing campaign that uses its recruitment branding to trick recipients into downloading a fake application, which finally installs the XMRig cryptominer. “Victims are prompted to download and run a fake application, which serves as a downloader for the cryptominerXMRig.”

Phishing 110

Phishing Scams Malware Authentication 110

The Last Watchdog

MARCH 28, 2025

Ransomware attacks typically involve tricking victims into downloading and installing the ransomware, which copies, encrypts, and/or deletes critical data on the device, only to be restored upon the ransom payment. Traditionally, the primary target of ransomware has been the victims device. .

Antivirus 147

Antivirus Ransomware Social Engineering Engineering 147

Security Boulevard

APRIL 3, 2025

is the shady entity behind a clutch of free VPN appswith over a million downloads. Bad Apple: Chinese firm banned by the U.S. The post App Stores OKed VPNs Run by China PLA appeared first on Security Boulevard.

VPN 123

VPN Social Engineering Data privacy Engineering 123

Security Affairs

JANUARY 5, 2025

The backdoor is distributed through: Phishing emails with themes such as code of conduct to trick users into downloading the malware. Upon executing the archive, it drops a malicious Windows executable, which eventually downloads and executesthe PLAYFULGHOST payloadfrom a remote server. sys driver.

Malware 127

Malware Encryption Phishing Hacking 127

Security Affairs

FEBRUARY 4, 2025

XR500, the issue was fixed in firmware version 2.3.2.134 “NETGEAR strongly recommends that you download the latest firmware as soon as possible.” Download the latest firmware for your NETGEAR product from the official website: Visit NETGEAR Support. Click Downloads. Click Download. ” reads the advisory.

Firmware 106

Firmware Authentication Hacking Information Security 106

SecureList

APRIL 2, 2025

Subsequent telemetry analysis indicated that the TookPS downloader , a malware strain detailed in the article, was not limited to mimicking neural networks. We identified fraudulent websites mimic official sources for remote desktop and 3D modeling software, alongside pages offering these applications as free downloads. com as the C2.

Software 92

Software Malware Security Awareness Authentication 92

Malwarebytes

OCTOBER 16, 2024

If an update is available, it will be downloaded. You will be prompted when the download is complete, then click Restart to update Firefox/Tor Browser. Keep threats off your devices by downloading Malwarebytes today. The About Mozilla Firefox/About Tor Browser window will open.

Risk 124

Risk Cybersecurity 124

Malwarebytes

MARCH 17, 2025

But in the background, their system has hidden malware in the file the victim has downloaded, which is capable of gathering information from the affected device such as: Personal identifying information (PII) including Social Security Numbers (SSN). Usually, they will, and the victim will think nothing more of it. This is the actual malware.

Malware 141

Malware Adware Education Phishing 141

Security Affairs

FEBRUARY 24, 2025

CYFIRMA researchers discovered that the SpyLend Android malware was downloaded 100,000 times from the official app store Google Play. The Finance Simplified app is still available on Google Play at the time of this reports publication, with downloads doubling to 100,000 in a week. ” reads the report published by CYFIRMA.

Malware 115

Malware Marketing Hacking Mobile 115

Security Affairs

JANUARY 4, 2025

The campaign is still ongoing and the malicious packages collectively totaled more than one thousand downloads. The attack has led to the identification of 20 malicious packages published by three primary authors, with the most downloaded package, @nomicsfoundation/sdk-test , accumulating 1,092 downloads.”

Encryption 131

Encryption Hacking Cybercrime Information Security 131

SecureList

OCTOBER 15, 2024

The document or LNK file starts a multi-stage infection chain with various JavaScript and.NET downloaders, which ends with the installation of the StealerBot espionage tool. All the documents use the remote template injection technique to download an RTF file that is stored on a remote server controlled by the attacker.

Malware 143

Malware Encryption Architecture Phishing 143

Malwarebytes

NOVEMBER 15, 2024

Physical letters that contain a QR code to trick people into downloading malware are being sent through the mail, according to a warning issued by The Swiss National Cyber Security Centre (NCSC). Some QR code scanner apps may have a feature that automatically executes actions like opening a website or downloading a file.

Malware 139

Malware Banking Mobile Software 139

Malwarebytes

MARCH 26, 2025

Should you happen to click the download button, you will receive a Trojan programmed in Microsoft Intermediate Language (MSIL), which the Artificial Intelligence (AI) module in Malwarebytes/ThreatDown products detects as Malware.AI.1323738514. Keep threats off your devices by downloading Malwarebytes today. 1323738514.

Artificial Intelligence 123

Artificial Intelligence Advertising Malware Risk 123

Security Affairs

MARCH 15, 2025

The attack involves executing a cmd script followed by a PowerShell script, which downloads three executables, including the Amadey botnet and two.NET executables (32-bit and 64-bit). The malware, dubbed PackerE, downloads an encrypted DLL (PackerD1) that employs multiple anti-analysis techniques.

Software 115

Software Cryptocurrency Malware Encryption 115

Schneier on Security

APRIL 15, 2025

As AI coding assistants invent nonexistent software libraries to download and use, enterprising attackers create and upload libraries with those names—laced with malware, of course.

Malware 231

Malware Software 231

SecureList

APRIL 8, 2025

Instead of the description copied from GitHub, the visitor is presented with an imposing list of office applications complete with version numbers and “Download” buttons. io/download. Page for downloading the suspicious archive Clicking that button finally downloads a roughly seven-megabyte archive named vinstaller.zip.

Passwords 84

Passwords Cryptocurrency Software Antivirus 84

Krebs on Security

JANUARY 25, 2024

Google continues to struggle with cybercriminals running malicious ads on its search platform to trick people into downloading booby-trapped copies of popular free software applications. 252 do serve actual software downloads, but none of them are likely to be malicious if one visits the sites through direct navigation.

Software 322

Software Advertising Malware Accountability 322

Malwarebytes

APRIL 3, 2025

If you do not trust the URL, dont allow your device to open the link, and look for another way to get the information or download you want. Some QR code scanner apps may have a feature that automatically executes actions like opening a website or downloading a file. Disable features like these.

Phishing 140

Phishing Banking Mobile Accountability 140

SecureList

NOVEMBER 29, 2024

The group’s victims according to its DLS as a percentage of all groups’ published victims during the period under review ( download ) Number of new modifications In Q3 2024, we detected three new ransomware families and 2109 new variants, or half of what we discovered in the previous reporting period. 2 China 0.95 3 Libya 0.68

Mobile 106

Mobile Adware Ransomware Malware 106

Krebs on Security

SEPTEMBER 19, 2024

Those who clicked the link for details were asked to distinguish themselves from bots by pressing a combination of keyboard keys that causes Microsoft Windows to download password-stealing malware. Executing this series of keypresses prompts the built-in Windows Powershell to download password-stealing malware.

Phishing 328

Phishing Scams Malware Passwords 328

Malwarebytes

FEBRUARY 11, 2025

The lure that convinces people to download these apps varies. Before downloading any apps, you should look at the number of reviews. Most people will only ever need to download Android apps directly from the Google Play Store. Be wary of other app stores or marketplaces, and never download a mobile app directly from a website.

Phishing 132

Phishing Passwords Mobile Authentication 132

SecureList

OCTOBER 29, 2024

Inside this content is an obfuscated PowerShell script that ultimately downloads the malicious payload. Payload: Lumma stealer Initially, the malicious PowerShell script downloaded and executed an archive with the Lumma stealer. One of the modules can also take screenshots.

Adware 130

Adware Malware Cryptocurrency Password Management 130

Security Affairs

NOVEMBER 26, 2024

We’ve archived the leak and made it available for download on GitHub.” We've archived the leak and made it available for download on GitHub. ” Yesterday Banshee Stealer, the MacOS-based Malware-as-a-Service infostealer, had their source code leaked online.

Malware 142

Malware Cryptocurrency Encryption Passwords 142

Penetration Testing

APRIL 6, 2025

This campaign leverages fake CAPTCHAs and CloudFlare Turnstile to trick victims into downloading malware, which ultimately leads to the installation of a malicious browser extension. Netskope Threat Labs has uncovered a new malicious campaign that employs deceptive tactics to distribute the LegionLoader malware.

Malware 99

Malware Phishing Cybersecurity 99