Malwarebytes

FEBRUARY 16, 2021

Today, we are showing readers just what that evolution looked like, in our State of Malware 2021 report. This report provides our most comprehensive analysis of last year’s malware trends, with breakdowns by malware category, malware type, operating system, region, industry, and more.

Malware 132

Malware Scams Spyware Healthcare 132

SecureList

DECEMBER 16, 2021

In June 2021, Kaspersky ICS CERT experts identified malware whose loader has some similarities to the Manuscrypt malware, which is part of the Lazarus APT group’s arsenal. We dubbed the newly-identified malware PseudoManuscrypt. In 2020, the group used Manuscrypt in attacks on defense enterprises in different countries.

Spyware 136

Spyware Energy and Utilities Malware VPN 136

SecureList

MARCH 20, 2024

Introduction Malware for mobile devices is something we come across very often. million malware, adware, and riskware attacks on mobile devices. Last month, we wrote a total of four private crimeware reports on Android malware, three of which are summarized below. In 2023 , our technologies blocked 33.8 and sends it to the C2.

Malware 129

Malware Mobile Firmware Spyware 129

Security Affairs

APRIL 11, 2021

More than 500,000 Huawei users have been infected with the Joker malware after downloading apps from the company’s official Android store. More than 500,000 Huawei users were infected with the Joker malware after they have downloaded tainted apps from the company’s official Android store. ” reads the post published by Dr. Web.

Malware 145

Malware Spyware Mobile Antivirus 145

Security Affairs

MAY 22, 2020

ZLab researchers spotted a new malicious espionage activity targeting Italian companies operating worldwide in the manufacturing sector. This actor was first spotted by PaloAlto’s UNIT42 in 2018 during wide scale operations against technology, retail, manufacturing, and local government industries in the US, Europe and Asia.

Manufacturing 144

Manufacturing Malware Spyware Cyber threats 144

Security Affairs

JUNE 15, 2020

The Earth Empusa threat group is distributing new Android spyware, dubbed ActionSpy, through watering hole attacks to targets Turkic minority group. ActionSpy, which may have been around since 2017, is an Android spyware that allows the attacker to collect information from the compromised devices,” reads the report published by Trend Micro.

Spyware 104

Spyware Advertising Encryption Phishing 104

Security Affairs

JUNE 17, 2022

Experts uncovered an enterprise-grade surveillance malware dubbed Hermit used to target individuals in Kazakhstan, Syria, and Italy since 2019. Lookout Threat Lab researchers uncovered enterprise-grade Android surveillance spyware, named Hermit, used by the government of Kazakhstan to track individuals within the country.

Spyware 105

Spyware Surveillance Telecommunications Mobile 105

eSecurity Planet

JULY 21, 2021

Reports that the NSO Group’s Pegasus spyware was used by governments to spy on Apple iPhones used by journalists, activists, government officials and business executives is becoming a global controversy for NSO, Apple and a number of governments at the center of the scandal. The impact of the burgeoning scandal continues to ripple.

Spyware 126

Spyware Mobile Government Surveillance 126

Security Affairs

MAY 29, 2023

Cisco Talos and the Citizen Lab researchers have published a technical analysis of the powerful Android spyware Predator. Security researchers at Cisco Talos and the Citizen Lab have shared technical details about a commercial Android spyware named Predator that is sold by the surveillance firm Intellexa (formerly known as Cytrox).

Spyware 98

Spyware Surveillance Media Malware 98

Security Affairs

DECEMBER 16, 2021

Tens of thousands of devices worldwide, including many industrial control systems (ICS), have been hit by the PseudoManuscrypt spyware. Kaspersky researchers reported that tens of thousands of devices belonging to industrial and government organizations worldwide have been hit by the PseudoManuscrypt spyware.

Spyware 138

Spyware Energy and Utilities Malware Engineering 138

Malwarebytes

AUGUST 25, 2022

September 2021 saw a huge spike of exploit detections against the manufacturing industry, with a distributed spread between California, Florida, Ohio, and Missouri. This is combined with heavy detections of unseen malware, identified through our AI engine, spiking in May as well as September 2021.

Manufacturing 84

Manufacturing Scams Phishing Malware 84

Security Affairs

NOVEMBER 11, 2022

The threat actors behind the campaigns used two Android spyware to spy on the victims and steal sensitive information. The campaigns involved a new piece of malware called BadBazaar and new variants of the MOONSHINE surveillance software discovered by Citizen Lab in 2019 and employed in attacks against Tibetan activists. .

Surveillance 98

Surveillance Spyware Malware Mobile 98

Security Affairs

AUGUST 7, 2022

Greek intelligence service used surveillance malware to spy on a journalist, Reuters reports Slack resets passwords for about 0.5% Greek intelligence service used surveillance malware to spy on a journalist, Reuters reports Slack resets passwords for about 0.5%

Spyware 141

Spyware Manufacturing Small Business Surveillance 141

eSecurity Planet

FEBRUARY 16, 2021

Malware, short for “malicious software,” is any unwanted software on your computer that, more often than not, is designed to inflict damage. Since the early days of computing, a wide range of malware types with varying functions have emerged. Best Practices to Defend Against Malware. Jump ahead: Adware. RAM scraper.

Malware 105

Malware Adware Spyware Antivirus 105

SecureList

NOVEMBER 28, 2024

Most of the infections were still at financial institutions in Vietnam, with one victim active in the manufacturing industry. We also found Cobalt Strike beacons and several traces tying this actor to the ShadowPad malware and UNC2643 activity, which is in turn associated with the HAFNIUM threat actor.

Malware 116

Malware Government Software Spyware 116

SecureList

MARCH 1, 2021

The word “covid” in various combinations was typically used in the names of packages hiding spyware and banking Trojans, adware or Trojan droppers. The mobile malware Trojan-Ransom.AndroidOS.Agent.aq Last year was notable for both malware and adware, the two very close in terms of capabilities. More on that later.

Mobile 145

Mobile Malware Adware Banking 145

Security Affairs

APRIL 21, 2020

Hackers launched spear-phishing attacks against organizations in the oil and gas industry sector spreading the Agent Tesla info-stealer malware. The attacks aim at infecting victims with the infamous Agent Tesla info-stealer malware. To do this, the spyware creates different threads and timer functions in the main function.

Spyware 136

Spyware Manufacturing Malware Engineering 136

Security Affairs

SEPTEMBER 16, 2024

Apple drops its lawsuit against commercial spyware vendor NSO Group, due to the risk of “threat intelligence” information exposure. Apple is seeking to drop its lawsuit against Israeli spyware company NSO Group , citing the risk of “threat intelligence” information exposure. ” reads the court filing.

Surveillance 118

Surveillance Spyware Risk Hacking 118

Security Boulevard

MARCH 17, 2025

Vulnerabilities and Malware Primarily includes severe and exploited vulnerabilities in devices or software used by end users (ex: a major router firmware flaw). Malware campaigns covered generally target/affect the end user. In theory, these could be abused for malicious actions.

Surveillance 59

Surveillance Data breaches Spyware Malware 59

Security Affairs

FEBRUARY 9, 2023

Researchers reported that the top-of-the-line Android mobile devices sold in China are shipped with malware. Chinese manufacturers have yet to comment on the research. In China, phone numbers are registered under a citizen ID, which means that was possible to link the device to the real identity of the owners.

Mobile 98

Mobile Malware Surveillance Spyware 98

Security Affairs

SEPTEMBER 14, 2024

CISA adds SonicWall SonicOS, ImageMagick and Linux Kernel bugs to its Known Exploited Vulnerabilities catalog Electronic payment gateway Slim CD disclosed a data breach impacting 1.7M

Data breaches 121

Data breaches Computers and Electronics Spyware Cybercrime 121

The Last Watchdog

MAY 20, 2019

Malware deliveries Upon reviewing Android usage data for all of 2018, Google identified a rise in the number of “potentially harmful apps” that were preinstalled or delivered through over-the-air updates. Here are a few key developments everyone should know about. Why did they go there?

Mobile 138

Mobile Spyware Banking Manufacturing 138

SecureList

DECEMBER 9, 2024

Other notable supply chain attacks in 2024 include: Hackers injected malware directly into the source code of the largest Discord bot platform. The packages imitated libraries for LLMs, whereas in fact they downloaded the JarkaStealer malware to the victim’s system.

Internet 106

Internet Internet Risk Social Engineering 106

SiteLock

AUGUST 27, 2021

In the three years since those first IoT botnet attacks, threats to IoT security have increased to include crypto-jacking , denial of service (DDoS) attacks, and various other types of malware and online malfeasance. Most manufacturers of IoT enabled devices update their firmware frequently. Update, Update, Update.

IoT 98

IoT Spyware VPN Passwords 98

Security Affairs

FEBRUARY 28, 2021

Bug bounty hacker earned $5,000 reporting a Stored XSS flaw in iCloud.com Experts warn of threat actors abusing Google Alerts to deliver unwanted programs FBI warns of the consequences of telephony denial-of-service (TDoS) attacks An attacker was able to siphon audio feeds from multiple Clubhouse rooms Georgetown County has yet to recover from a sophisticated (..)

Spyware 110

Spyware Backups Manufacturing Data breaches 110

Security Affairs

OCTOBER 1, 2023

million newborns and pregnancy care patients Xenomorph malware is back after months of hiatus and expands the list of targets Smishing Triad Stretches Its Tentacles into the United Arab Emirates Crooks stole $200 million worth of assets from Mixin Network A phishing campaign targets Ukrainian military entities with drone manual lures Alert!

Artificial Intelligence 127

Artificial Intelligence Firmware Data breaches Hacking 127

SecureList

SEPTEMBER 13, 2023

Percentage of ICS computers on which malicious objects were blocked in Africa and regions of Asia Individual industries In H1 2023, the percentage of ICS computers on which malicious objects were blocked increased in engineering and ICS integration (by 2 pp), manufacture (by 1.9 pp) and energy (by 1.5

Spyware 136

Spyware Internet Internet Manufacturing 136

Security Affairs

SEPTEMBER 12, 2019

“The main Simjacker attack involves an SMS containing a specific type of spyware-like code being sent to a mobile phone, which then instructs the SIM Card within the phone to ‘take over’ the mobile phone to retrieve and perform sensitive commands.” ” continues the post. ” states the post. .”

Hacking 112

Hacking Mobile Spyware Manufacturing 112

Security Affairs

MARCH 22, 2021

of computers in the ICS engineering and integration sector protected by Kaspersky were targeted by malware, an increase compared with detections for H1 2020 (31.5%). Building automation, automotive manufacturing, energy and oil & gas, suffered major increases in the ICS engineering sector. In H2 2020, 39.3%

Engineering 141

Engineering VPN Accountability Software 141

Security Affairs

OCTOBER 8, 2024

Please contact your device manufacturer for more information on the patch status about specific devices.” ” The researchers haven’t published details about the attacks exploiting the CVE-2024-43047, however, the reporting organizations are known for investigating cyberattacks linked to commercial spyware vendors.

Mobile 118

Mobile Spyware Manufacturing Hacking 118

Security Affairs

MAY 24, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Data breaches 101

Data breaches Advertising Spyware Hacking 101

Security Affairs

JULY 3, 2019

The spyware, called Feng Cai (??) Researchers at German cybersecurity firm Cure53 found evidence that the app was developed by a unit of FiberHome, a Chinese telecom manufacturer that is partly owned by the government. Beijing believes that Uighurs are responsible for Islamic extremism and terrorist attacks on Chinese targets.

Surveillance 94

Surveillance Spyware Advertising Government 94

SecureList

NOVEMBER 18, 2022

Rootkits are malware implants that are installed deep in the operating system. However, on one of the infected machines, we found malware that we think is probably related to CosmicStrand. This malware creates a user named “aaaabbbb” in the operating system with local administrator rights. Other malware.

Malware 123

Malware Computers and Electronics Adware Cryptocurrency 123

Pen Test Partners

JANUARY 14, 2025

Researching them online was difficult as manufacturer and product names are chaotic. The ability to manipulate partitions on the device is especially concerning because it allows for a wide range of malicious activities, including rooting the device, installing spyware or creating backdoors for further exploitation.

Firmware 75

Firmware Malware Manufacturing Mobile 75

SecureList

DECEMBER 1, 2023

To exfiltrate data and deliver next-stage malware, the attackers abuse cloud-based data storage, such as Dropbox or Yandex Disk, as well as a temporary file sharing service. However, they included an additional module that constantly monitored the messenger and sent data to the spyware creator’s C2 server.

Malware 137

Malware Ransomware Encryption Energy and Utilities 137

Security Affairs

JANUARY 10, 2021

The Brazilian aerospace giant Embrarer manufactures commercial, executive and military aircraft and are the world’s third largest aircraft manufacturer after Boeing and Airbus. For more information on this, see: Manchester United Football Club Cyber Attack. 30 th November 2020 – Embrear ( www.embrear.com ).

Cyber Attacks 124

Cyber Attacks Government Software Surveillance 124

Security Boulevard

NOVEMBER 20, 2023

And it will proactively manufacture - not just require you to self-discover - custom insights aligned with your adversaries and your interests. HYAS Malware Detonations The milestone we’ve achieved this month is the re-tooling of our malware detonation infrastructure and the data pipeline that feeds many parts of HYAS Insight.

Malware 72

Malware Spyware DNS Architecture 72