Malwarebytes

OCTOBER 31, 2024

Last time FakeCall reared its head, BleepingComputer reported that the malware was being distributed as fake banking apps that impersonate large financial institutions, as well as being distributed in phishing emails. The FakeCall malware abuses this trust by hijacking the user’s call to a financial institution.

Banking 144

Banking Malware Phishing Risk 144

Schneier on Security

SEPTEMBER 17, 2024

Interesting social engineering attack: luring potential job applicants with fake recruiting pitches, trying to convince them to download malware. The capacity for exploitation at that point is pretty much unlimited, due to the flexibility of Python and how it interacts with the underlying OS.

Malware 305

Malware Social Engineering Engineering Hacking 305

Security Affairs

OCTOBER 29, 2024

Suspected Russia-linked espionage group UNC5812 targets Ukraine’s military with Windows and Android malware via Telegram. Google TAG and Mandiant observed a Russia-linked group, tracked as UNC5812, targeting Ukraine’s military with Windows and Android malware via the Telegram channel “ Civil Defense.”

Malware 119

Malware Social Engineering Software Mobile 119

Schneier on Security

SEPTEMBER 12, 2022

It’s pretty nasty : The malware was dubbed “ Shikitega ” for its extensive use of the popular Shikata Ga Nai polymorphic encoder, which allows the malware to “mutate” its code to avoid detection.

Malware 310

Malware Backups IoT Software 310

Security Affairs

FEBRUARY 13, 2025

Valve removed a game from Steam because it contained malware, the company also warned affected users to reformat their operating systems. PCMag cited the case of a gamer who downloaded the game and reported that his accounts were hijacked using stolen cookies. SteamDB estimates that over 800 users may have downloaded the game.

Malware 110

Malware Antivirus Accountability Software 110

Krebs on Security

MARCH 12, 2020

In one scheme, an interactive dashboard of Coronavirus infections and deaths produced by John Hopkins University is being used in malicious Web sites (and possibly spam emails) to spread password-stealing malware. As long as this pandemic remains front-page news, malware purveyors will continue to use it as lures to snare the unwary.

Malware 364

Malware Passwords Cybercrime Software 364

eSecurity Planet

OCTOBER 22, 2024

These malware scams lure individuals with fake conference invitations designed to mimic legitimate meeting requests and exploit users’ trust. You are then guided to execute PowerShell code designed to “fix” the supposed problem, unwittingly allowing malware to infiltrate their systems.

Scams 124

Scams Malware Phishing Social Engineering 124

Krebs on Security

FEBRUARY 28, 2024

But clicking the meeting link provided by the scammers prompts the user to run a script that quietly installs malware on macOS systems. It didn’t dawn on Doug until days later that the missed meeting with Mr. Lee might have been a malware attack. ” Image: SlowMist. .

Malware 316

Malware Cryptocurrency Software Phishing 316

Schneier on Security

FEBRUARY 7, 2023

Criminals using Google search ads to deliver malware isn’t new, but Ars Technica declared that the problem has become much worse recently. The surge is coming from numerous malware families, including AuroraStealer, IcedID, Meta Stealer, RedLine Stealer, Vidar, Formbook, and XLoader.

Malware 283

Malware Phishing Cybercrime 283

Tech Republic Security

NOVEMBER 22, 2023

Atomic Stealer malware advertises itself through ClearFake browser updates disguised as Google's Chrome and Apple’s Safari.

Malware 200

Malware Advertising Cybersecurity 200

Malwarebytes

JANUARY 9, 2025

Small businesses and boutique organizations should use caution when leaning on browser-friendly artificial intelligence (AI) tools to generate ideas, content, and marketing copy, as a set of Google Chrome extensions were recently compromised to deliver info-stealing malware disguised as legitimate updates.

Malware 124

Malware Small Business Artificial Intelligence VPN 124

Malwarebytes

JANUARY 16, 2025

The FBI says it has removed PlugX malware from thousands of infected computers worldwide. The move came after suspicion that cybercriminals groups under control of the Peoples Republic of China (PRC) used a version of PlugX malware to control, and steal information from victims’ computers.

Malware 112

Malware DNS Internet Internet 112

Webroot

OCTOBER 31, 2024

In our annual “Nastiest Malware” report, now in its sixth year, we’ve observed a steady increase in both the number and sophistication of malware attacks. Now let’s take a look at this year’s Nastiest Malware. It is the most successful and lucrative avenue for monetizing a breach of a victim.

Malware 104

Malware Ransomware Passwords Healthcare 104

Security Affairs

FEBRUARY 17, 2025

Microsoft Threat Intelligence discovered a new variant of the macOS malware XCSSET in attacks in the wild. XCSSET is a sophisticated modular macOS malware that targets users by infecting Xcode projects, it has been active since at least 2022. Microsoft observed that the malware was employed in limited attacks.

Malware 70

Malware Hacking Software 70

Troy Hunt

AUGUST 29, 2023

Today, the US Justice Department announced a multinational operation involving actions in the United States, France, Germany, the Netherlands, and the United Kingdom to disrupt the botnet and malware known as Qakbot and take down its infrastructure.

Malware 329

Malware Passwords Password Management Antivirus 329

Security Affairs

DECEMBER 27, 2024

North Korea-linked threat actors were spotted using new malware called OtterCookie as part of the Contagious Interview campaign that targets software developer community with fake job offers. Since November 2024, threat actors employed the malware OtterCookie, alongside BeaverTail and InvisibleFerret, in the campaign.

Malware 88

Malware Cryptocurrency Software Hacking 88

The Hacker News

JULY 3, 2024

The loader-as-a-service (LaaS) known as FakeBat has become one of the most widespread loader malware families distributed using the drive-by download technique this year, findings from Sekoia reveal.

Malware 133

Malware 133

Security Affairs

NOVEMBER 26, 2024

Banshee Stealer, a MacOS Malware-as-a-Service, shut down after its source code leaked online. In August 2024, Russian hackers promoted BANSHEE Stealer, a macOS malware targeting x86_64 and ARM64, capable of stealing browser data, crypto wallets, and more. We’ve archived the leak and made it available for download on GitHub.”

Malware 143

Malware Cryptocurrency Encryption Passwords 143

Security Affairs

JANUARY 5, 2025

PLAYFULGHOST is a new malware family with capabilities including keylogging, screen and audio capture, remote shell access, and file transfer/execution. The backdoor is distributed through: Phishing emails with themes such as code of conduct to trick users into downloading the malware. sys driver.

Malware 130

Malware Encryption Phishing Hacking 130

Schneier on Security

MARCH 8, 2023

Researchers have discovered malware that “can hijack a computer’s boot process even when Secure Boot and other advanced protections are enabled and running on fully updated versions of Windows.” ” Dubbed BlackLotus, the malware is what’s known as a UEFI bootkit. This is impressive stuff.

Malware 284

Malware Firmware Software Hacking 284

Malwarebytes

JANUARY 3, 2025

If interested, the victim will receive a download link and a password for the archive containing the promised installer. The archives are offered for download on various locations like Dropbox, Catbox, and often on the Discord content delivery network (CDN), by using compromised accounts which add extra credibility. fr leyamor[.]com

Scams 141

Scams Identity Theft Media Accountability 141

The Hacker News

OCTOBER 8, 2024

Users searching for game cheats are being tricked into downloading a Lua-based malware that is capable of establishing persistence on infected systems and delivering additional payloads.

Engineering 132

Engineering Malware 132

Malwarebytes

JANUARY 22, 2025

The MotW is what triggers warnings that opening or running such files could lead to potentially dangerous behavior, including installing malware on their devices. 7-Zip does not have an auto-update function, so you will have to download the version that is suitable for your system from the 7-Zip downloads page.

Internet 141

Internet Internet Malware Risk 141

Tech Republic Security

JANUARY 18, 2023

The volume of cloud-based malware tripled in 2022 over the prior year, says Netskope, with 30% of the malicious downloads coming from Microsoft OneDrive. The post Rise of cloud-delivered malware poses key security challenges appeared first on TechRepublic.

Malware 208

Malware Cybersecurity 208

SecureList

OCTOBER 15, 2024

The document or LNK file starts a multi-stage infection chain with various JavaScript and.NET downloaders, which ends with the installation of the StealerBot espionage tool. All the documents use the remote template injection technique to download an RTF file that is stored on a remote server controlled by the attacker.

Malware 143

Malware Encryption Architecture Phishing 143

Schneier on Security

JUNE 9, 2023

The code within the exploit downloads several subsequent stages from the C&C server, that include additional exploits for privilege escalation. After successful exploitation, a final payload is downloaded from the C&C server, that is a fully-featured APT platform.

Malware 277

Malware Backups Mobile 277

Security Affairs

JANUARY 10, 2025

CrowdStrike warns of a phishing campaign that uses its recruitment branding to trick recipients into downloading a fake application, which finally installs the XMRig cryptominer. “Victims are prompted to download and run a fake application, which serves as a downloader for the cryptominerXMRig.”

Phishing 113

Phishing Scams Malware Authentication 113

Malwarebytes

FEBRUARY 19, 2025

These findings come from the 2025 State of Malware report. The threat of info stealers Info stealers are a type of malware that do exactly as they saythey steal information from peoples devices. But the variety of information that these pieces of malware can steal makes them particularly dangerous.

Malware 125

Malware Software Passwords Cryptocurrency 125

Tech Republic Security

NOVEMBER 8, 2023

A new malware is bypassing an Android 13 security measure that restricts permissions to apps downloaded out of the legitimate Google Play Store.

Malware 197

Malware Phishing Software Mobile 197

Krebs on Security

JUNE 21, 2023

If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or “crypt” your malware so that it appears benign to antivirus and security products. ru , which for many years was a place to download pirated e-books. WHO RUNS CRYPTOR[.]BIZ?

Malware 261

Malware Antivirus Cybercrime Hacking 261

Security Affairs

MARCH 10, 2025

Kaspersky researchers discovered a mass malware campaign spreading SilentCryptoMiner by disguising it as a tool to bypass internet restrictions. While investigating the increased use of Windows Packet Divert ( WPD ) tools by crooks to distribute malware under this pretense, the researchers spotted the campaign.

Cryptocurrency 92

Cryptocurrency Malware Social Engineering Antivirus 92

The Hacker News

AUGUST 23, 2024

Cybersecurity researchers have uncovered a never-before-seen dropper that serves as a conduit to launch next-stage malware with the ultimate goal of infecting Windows systems with information stealers and loaders. This memory-only dropper decrypts and executes a PowerShell-based downloader," Google-owned Mandiant said.

Malware 131

Malware Cybersecurity 131

SecureList

OCTOBER 29, 2024

Attackers are increasingly distributing malware through a rather unusual method: a fake CAPTCHA as the initial infection vector. As with the previous stage, the victim doesn’t always encounter malware. Inside this content is an obfuscated PowerShell script that ultimately downloads the malicious payload.

Adware 124

Adware Malware Cryptocurrency Password Management 124

Krebs on Security

SEPTEMBER 19, 2024

Those who clicked the link for details were asked to distinguish themselves from bots by pressing a combination of keyboard keys that causes Microsoft Windows to download password-stealing malware. This malware attack pretends to be a CAPTCHA intended to separate humans from bots.

Phishing 318

Phishing Scams Malware Passwords 318

SecureList

NOVEMBER 29, 2024

The group’s victims according to its DLS as a percentage of all groups’ published victims during the period under review ( download ) Number of new modifications In Q3 2024, we detected three new ransomware families and 2109 new variants, or half of what we discovered in the previous reporting period. 2 China 0.95 3 Libya 0.68

Mobile 106

Mobile Adware Ransomware Malware 106

SecureList

MARCH 5, 2025

Dynamics of Windows Packet Divert detections ( download ) The growing popularity of tools using Windows Packet Divert has attracted cybercriminals. They started distributing malware under the guise of restriction bypass programs and injecting malicious code into existing programs. com , which hosted the infected archive.

Malware 102

Malware Cryptocurrency Antivirus Technology 102

Krebs on Security

JUNE 1, 2023

This post is a deep dive on “ Megatraffer ,” a veteran Russian hacker who has practically cornered the underground market for malware focused code-signing certificates since 2015. More recently, it appears Megatraffer has been working with ransomware groups to help improve the stealth of their malware. WHO IS MEGATRAFFER?

Malware 290

Malware Cybercrime Software Accountability 290