The Hacker News

OCTOBER 22, 2024

Two malware families that suffered setbacks in the aftermath of a coordinated law enforcement operation called Endgame have resurfaced as part of new phishing campaigns. Tracked under the names BlackWidow, IceNova, Lotus,

Phishing 140

Phishing Malware 140

Krebs on Security

AUGUST 17, 2023

You’ve probably never heard of “ 16Shop ,” but there’s a good chance someone using it has tried to phish you. A 16Shop phishing page spoofing Apple and targeting Japanese users. Image: Akamai.com. The INTERPOL statement says the platform sold hacking tools to compromise more than 70,000 users in 43 countries.

Phishing 200

Phishing Passwords Internet Internet 200

Security Affairs

DECEMBER 29, 2023

Ukraine’s CERT (CERT-UA) warned of a new phishing campaign by the APT28 group to deploy previously undocumented malware strains. The group employed previously undetected malware such as OCEANMAP, MASEPIE, and STEELHOOK to steal sensitive information from target networks. file classified as MASEPIE.

Phishing 144

Phishing Malware Computers and Electronics Internet 144

Security Affairs

NOVEMBER 2, 2022

Four malicious Android apps uploaded by the same developer to Google Play totaled at least one million downloads. The apps are infected with the Android/Trojan.HiddenAds.BTGTHB malware, the apps totaled at least one million downloads. 50,000+ downloads Bluetooth Auto Connect (com.bluetooth.autoconnect.anybtdevices).

Adware 132

Adware Mobile Phishing Malware 132

Security Affairs

AUGUST 13, 2024

CERT-UA warned that Russia-linked actor is impersonating the Security Service of Ukraine (SSU) in a new phishing campaign to distribute malware. The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new phishing campaign targeting organizations in the country, including government entities.

Government 142

Government Phishing Malware Banking 142

CSO Magazine

JULY 25, 2022

Phishing , in which an attacker sends a deceptive email tricks the recipient into giving up information or downloading a file, is a decades-old practice that still is responsible for innumerable IT headaches. The fight against phishing is a frustrating one, and it falls squarely onto IT's shoulders.

Phishing 136

Phishing Passwords Malware 136

The Hacker News

MARCH 11, 2024

Users in Brazil are the target of a new banking trojan known as CHAVECLOAK that's propagated via phishing emails bearing PDF attachments. This intricate attack involves the PDF downloading a ZIP file and subsequently utilizing DLL side-loading techniques to execute the final malware," Fortinet FortiGuard Labs researcher Cara Lin said.

Banking 141

Banking Phishing Malware 141

Tech Republic Security

NOVEMBER 8, 2023

A new malware is bypassing an Android 13 security measure that restricts permissions to apps downloaded out of the legitimate Google Play Store.

Malware 198

Malware Phishing Software Mobile 198

Security Affairs

AUGUST 3, 2024

A Russia-linked APT used a car for sale as a phishing lure to deliver a modular Windows backdoor called HeadLace. The campaign began around March 2024, the attackers leveraged phishing tactics that have been effective against diplomats for years, exploiting themes that prompt targets to engage with malicious content.

Phishing 140

Phishing Malware Advertising Authentication 140

Security Affairs

DECEMBER 21, 2023

Threat actors are exploiting an old Microsoft Office vulnerability, tracked as CVE-2017-11882, to spread the Agent Tesla malware. Threat actors are exploiting an old Microsoft Office vulnerability, tracked as CVE-2017-11882 (CVSS score: 7.8), as part of phishing campaigns to spread the Agent Tesla malware.

Malware 139

Malware Phishing Spyware Cyber threats 139

Malwarebytes

OCTOBER 31, 2024

Last time FakeCall reared its head, BleepingComputer reported that the malware was being distributed as fake banking apps that impersonate large financial institutions, as well as being distributed in phishing emails. The FakeCall malware abuses this trust by hijacking the user’s call to a financial institution.

Banking 145

Banking Malware Phishing Risk 145

Krebs on Security

SEPTEMBER 27, 2023

The leaked data suggest that Snatch is one of several ransomware groups using paid ads on Google.com to trick people into installing malware disguised as popular free software, such as Microsoft Teams , Adobe Reader , Mozilla Thunderbird , and Discord. 226 , currently assigned to Matrix Telekom in Russia. com and www-discord[.]com.

Ransomware 293

Ransomware Internet Internet Phishing 293

The Hacker News

APRIL 8, 2024

Threat hunters have discovered a new malware called Latrodectus that has been distributed as part of email phishing campaigns since at least late November 2023.

Malware 144

Malware Phishing 144

The Hacker News

JUNE 18, 2024

The Singapore Police Force (SPF) has announced the extradition of two men from Malaysia for their alleged involvement in a mobile malware campaign targeting citizens in the country since June 2023.

Malware 137

Malware Scams Mobile Phishing 137

Malwarebytes

FEBRUARY 13, 2024

By convincing employees to download and run these seemingly benign RMM applications under the guise of fixing non-existent issues, these fraudsters gain unfettered access to the company’s network. Attackers could trick them by sending them to a typical phishing page or making them download malware, all of which are good options.

Phishing 135

Phishing Software Scams Banking 135

eSecurity Planet

OCTOBER 22, 2024

One of the most concerning tactics currently on the rise is the ClickFix campaign — a sophisticated phishing scheme targeting unsuspecting Google Meet users. These malware scams lure individuals with fake conference invitations designed to mimic legitimate meeting requests and exploit users’ trust. What Are ClickFix Campaigns?

Scams 122

Scams Malware Social Engineering Phishing 122

Security Affairs

JULY 14, 2024

A Dark Gate malware campaign from March-April 2024 demonstrates how attackers exploit legitimate tools and services to distribute malware. Palo Alto Networks Unit 42 researchers shared details about a DarkGate malware campaign from March-April 2024. The malware is considered a sophisticated threat and is continuously improved.

Malware 139

Malware Cybercrime Software Phishing 139

The Hacker News

SEPTEMBER 30, 2023

Sophisticated cyber actors backed by Iran known as OilRig have been linked to a spear-phishing campaign that infects victims with a new strain of malware called Menorah.

Malware 138

Malware Phishing 138

Security Affairs

MAY 26, 2024

The government experts reported that the group carried out at least two massive campaigns since May 20, threat actors aimed at distributing SmokeLoader malware via email. “Starting from May 20th, hackers have launched at least two massive campaigns with emails containing the SmokeLoader malware.”

Malware 143

Malware Banking Accountability Phishing 143

The Last Watchdog

NOVEMBER 6, 2023

QR code phishing attacks started landing in inboxes around the world about six months ago. Related: ‘BEC’ bilking on the rise These attacks prompt the target to scan a QR code and trick them into downloading malware or sharing sensitive information.

Phishing 202

Phishing Scams Education Malware 202

Security Affairs

NOVEMBER 7, 2024

SentinelLabs observed North Korea-linked threat actor BlueNoroff targeting businesses in the crypto industry with a new multi-stage malware. SentinelLabs researchers identified a North Korea-linked threat actor targeting crypto businesses with new macOS malware as part of a campaign tracked as “Hidden Risk.”

Malware 131

Malware Architecture Risk Cryptocurrency 131

SecureList

OCTOBER 5, 2022

We are often asked how targets are infected with malware. Our answer is nearly always the same: (spear) phishing. Last month, we focused on infection methods used in various malware campaigns: methods that we do not see used very often. It used cracked games and software as bait to trick users into installing malware.

Malware 145

Malware Architecture Ransomware Spyware 145

Security Affairs

AUGUST 21, 2024

The Computer Emergency Response Team of Ukraine (CERT-UA) warned of new phishing attacks, carried out by the Vermin group, distributing a malware. The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new phishing campaign conducted by the Vermin group that distributed malware.

Malware 135

Malware Spyware Phishing Cyber threats 135

SecureList

JUNE 22, 2023

We wrote about malware targeting Brazil, about CEO fraud attempts, Andariel, LockBit and others. For this post, we selected three private reports, namely those related to LockBit and phishing campaigns targeting businesses, and prepared excerpts from these. The attackers target German-speaking companies in the DACH region.

Phishing 140

Phishing Encryption Cybercrime Ransomware 140

Security Affairs

JUNE 3, 2024

Russia-linked APT28 used the HeadLace malware and credential-harvesting web pages in attacks against networks across Europe. The experts observed the APT deploying Headlace in three distinct phases from April to December 2023, respectively, using phishing, compromised internet services, and living off the land binaries.

Malware 144

Malware Phishing Surveillance Internet 144

Krebs on Security

JULY 10, 2024

The Russia-based cybercrime group dubbed “ Fin7 ,” known for phishing and malware attacks that have cost victim organizations an estimated $3 billion in losses since 2013, was declared dead last year by U.S. Among the new Fin7 domains Silent Push found are several sites phishing people seeking tickets at the Louvre.

Phishing 294

Phishing Cybercrime Malware Software 294

SecureList

JUNE 28, 2023

Introduction Andariel, a part of the notorious Lazarus group, is known for its use of the DTrack malware and Maui ransomware in mid-2022. Their campaign introduced several new malware families, such as YamaBot and MagicRat, but also updated versions of NukeSped and, of course, DTrack.

Malware 145

Malware Cybercrime Ransomware Phishing 145

Malwarebytes

FEBRUARY 13, 2024

By convincing employees to download and run these seemingly benign RMM applications under the guise of fixing non-existent issues, these fraudsters gain unfettered access to the company’s network. Attackers could trick them by sending them to a typical phishing page or making them download malware, all of which are good options.

Phishing 125

Phishing Software Scams Banking 125

Security Affairs

NOVEMBER 17, 2022

A China-based financially motivated group, tracked as Fangxiao, is behind a large-scale phishing campaign dating back as far as 2019. Researchers from Cyjax reported that a China-based financially motivated group, dubbed Fangxiao, orchestrated a large-scale phishing campaign since 2017. SecurityAffairs – hacking, phishing).

Phishing 137

Phishing Adware Retail Malware 137

Malwarebytes

MAY 30, 2022

Intuit released a warning about a phishing email being sent to its customers. The phishing emails tell recipients that their account has been put on hold, and try to trick users into “validating their account” to release it again. Image of phishing email courtesy of Intuit. Delete any downloaded files immediately.

Phishing 142

Phishing Accountability Small Business Malware 142

SecureList

DECEMBER 17, 2024

The attackers would then send what appeared to be the photo itself but was actually a malware installer. In reality, this was malware with no parcel-tracking functionality whatsoever. The link directed users to a phishing site offering to download Mamont for Android ( 12936056e8895e6a662731c798b27333 ).

Scams 72

Scams Malware Social Engineering Banking 72

SecureList

FEBRUARY 16, 2023

Short-lived phishing sites often offered to see the premieres before the eagerly awaited movie or television show was scheduled to hit the screen. At the beginning of that year, we still observed phishing attacks that used the themes of infection and prevention as the bait.

Phishing 127

Phishing Scams Accountability Energy and Utilities 127

Malwarebytes

SEPTEMBER 11, 2023

Researchers have found a new method by which cybercriminals are spreading the DarkGate Loader malware. Until now, DarkGate was typically distributed via phishing emails. The malspam campaign used stolen email threads to lure victims into clicking a hyperlink, which downloaded the malware. exe and a bundled script.

Malware 141

Malware Social Engineering Cryptocurrency Cybercrime 141

Krebs on Security

JUNE 7, 2021

In the process of doing so, I encountered a small snag: The FSB’s website said in order to communicate with them securely, I needed to download and install an encryption and virtual private networking (VPN) appliance that is flagged by at least 20 antivirus products as malware. The FSB headquarters at Lubyanka Square, Moscow.

Antivirus 336

Antivirus VPN Encryption Malware 336

The Hacker News

OCTOBER 2, 2024

A spear-phishing email campaign has been observed targeting recruiters with a JavaScript backdoor called More_eggs, indicating persistent efforts to single out the sector under the guise of fake job applicant lures. "A

Phishing 134

Phishing Malware 134

Adam Levin

MARCH 17, 2022

Unfortunately, brackets create opportunities for a wide array of phishing and hacking campaigns, particularly in workplaces where a lot of brackets are distributed. March Madness brackets are a reliable delivery method for hackers to deliver malware. The outcome of over 60 games is wagered on through shared files or online services. .

Cyber threats 229

Cyber threats Phishing Passwords Malware 229

Krebs on Security

AUGUST 30, 2019

But when accounts at those CRM providers get hacked or phished, the results can be damaging for both the client’s brand and their customers. Here’s a look at a recent CRM-based phishing campaign that targeted customers of Fortune 500 construction equipment vendor United Rentals. Stamford, Ct.

Phishing 219

Phishing Marketing Accountability DNS 219