SecureWorld News

MAY 9, 2025

Google's Threat Intelligence Group (GTIG) has identified a new malware strain, dubbed "LOSTKEYS," attributed to the Russian state-sponsored hacking group COLDRIVER. The introduction of LOSTKEYS signifies a strategic shift towards deploying malware for direct data exfiltration.

Malware 89

Malware Social Engineering Engineering Government 89

Security Affairs

FEBRUARY 3, 2025

The Russian-speaking Crazy Evil group runs over 10 social media scams, tricking victims into installing StealC, AMOS, and Angel Drainer malware. Since 2021, the Crazy Evil gang has become a major cybercriminal group, using phishing, identity fraud, and malware to steal cryptocurrency.

Scams 83

Scams Media Cryptocurrency Cybercrime 83

The Last Watchdog

APRIL 7, 2025

Despite advanced AI detection and telemetry analysis offered in todays EDR solutions, modern infostealer malware is designed to evade even the most sophisticated defenses, using tactics like polymorphic malware, memory-only execution, and exploitation of zero-day vulnerabilities or outdated software.

Antivirus 113

Antivirus Malware Cybercrime Identity Theft 113

Krebs on Security

JANUARY 31, 2025

The FBI and authorities in The Netherlands this week seized dozens of servers and domains for a hugely popular spam and malware dissemination service operating out of Pakistan. The proprietors of the service, who use the collective nickname “ The Manipulaters ,” have been the subject of three stories published here since 2015.

Phishing 254

Phishing Cybercrime Advertising Malware 254

Krebs on Security

NOVEMBER 1, 2024

” “That said, the phishing attacks stem from partners’ machines being compromised with malware, which has enabled them to also gain access to the partners’ accounts and to send the messages that your reader has flagged,” they continued. A scan of social media networks showed this is not an uncommon scam.

Phishing 263

Phishing Accountability Artificial Intelligence Cybercrime 263

Malwarebytes

JANUARY 3, 2025

The Nova Stealer and the Ageo Stealer are a Malware-as-a-Service (MaaS) stealer where criminals rent out the malware and the infrastructure to other criminals. Another campaign uses blogspot to host their malware. Protect your social media accounts by using Malwarebytes Identity Theft Protection. fr leyamor[.]com

Scams 142

Scams Identity Theft Media Accountability 142

Krebs on Security

APRIL 18, 2023

For the past seven years, a malware-based proxy service known as “ Faceless ” has sold anonymity to countless cybercriminals. The proxy lookup page inside the malware-based anonymity service Faceless. as a media sharing device on a local network that was somehow exposed to the Internet. Image: spur.us.

Malware 293

Malware Passwords Accountability Advertising 293

SecureList

APRIL 23, 2025

We found that the malware was running in the memory of a legitimate SyncHost. Although the exact method by which Cross EX was exploited to deliver malware remains unclear, we believe that the attackers escalated their privileges during the exploitation process as we confirmed the process was executed with high integrity level in most cases.

Malware 144

Malware Software Encryption Internet 144

Security Affairs

OCTOBER 11, 2024

The group used the chatbot to receive support in Android malware development and to create a scraper for the social media platform Instagram. “This actor used our models to debug malware, for coding assistance in creating a basic scraper for Instagram, and to translate LinkedIn profiles into Persian.

Malware 136

Malware Social Engineering Engineering Hacking 136

Malwarebytes

MARCH 26, 2025

Our free Digital Footprint scan searches the dark web, social media, and other online sources, to tell you where your data has been exposed. Sure, its more convenient to get sites to remember your card details for you, but we highly recommend not storing that information. Find out what information is already out there.

Phishing 129

Phishing Malware Passwords Password Management 129

Schneier on Security

SEPTEMBER 19, 2024

The FBI has shut down a botnet run by Chinese hackers: The botnet malware infected a number of different types of internet-connected devices around the world, including home routers, cameras, digital video recorders, and NAS drives.

Telecommunications 305

Telecommunications Media Malware Internet 305

Security Affairs

OCTOBER 29, 2024

RedLine and META targeted millions of victims worldwide, according to Eurojust it was one of the largest malware platforms globally. Authorities discovered that over 1 200 servers in dozens of countries were running the malware. ESET released a free online scanner for Redline and META that can help users detect and remove malware.

Identity Theft 124

Identity Theft Passwords Malware Banking 124

Security Affairs

DECEMBER 1, 2024

Deepfakes are media content—such as videos, images, or audio—created using GAI to realistically manipulate faces, voices, or even entire events. For example, these campaigns leverage fake social media accounts to post questions and comments about divisive internal issues in the U.S.

Artificial Intelligence 133

Artificial Intelligence Phishing Media Cyber threats 133

Security Affairs

MARCH 2, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 62

Malware Architecture IoT Ransomware 62

SecureList

MARCH 25, 2025

In mid-March 2025, Kaspersky technologies detected a wave of infections by previously unknown and highly sophisticated malware. Our research is still ongoing, but judging by the functionality of the sophisticated malware used in the attack, it seems the attackers’ goal was espionage. Generic Trojan.Win64.Agent Agent Trojan.Win64.Convagent.gen

Malware 143

Malware Education Technology Media 143

Malwarebytes

DECEMBER 5, 2024

Volt Typhoon made headlines earlier this year when the FBI removed their malware from hundreds of routers across the US. We don’t just report on threats – we help protect your social media Cybersecurity risks should never spread beyond a headline.

Encryption 142

Encryption Identity Theft Media Telecommunications 142

Security Affairs

APRIL 23, 2025

New malware campaign targets Docker environments using unknown methods to secretly mine cryptocurrency, researchers warn. Researchers from Darktrace and Cado Security have spotted a malware campaign that targets Docker environments with a novel technique to mine cryptocurrency. These points can be converted to $TENEO tokens.

Cryptocurrency 114

Cryptocurrency Malware Media Hacking 114

Malwarebytes

FEBRUARY 4, 2025

These agents could even hold people for ransom by matching stolen data online with publicly known email addresses or social media accounts, composing messages and holding entire conversations with victims who believe a human hacker out there has access to their Social Security Number, physical address, credit card info, and more.

Artificial Intelligence 144

Artificial Intelligence Small Business Malware Technology 144

Security Affairs

AUGUST 4, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 139

Malware Spyware Media Phishing 139

Trend Micro

JULY 31, 2024

We uncovered a malvertising campaign where the threat actor hijacks social media pages, renames them to mimic popular AI photo editors, then posts malicious links to fake websites.

Media 138

Media Cyber threats Phishing Malware 138

SecureWorld News

APRIL 22, 2025

Attack methodology: a step-by-step breakdown The Elusive Comet campaign begins with cybercriminals impersonating venture capitalists, media representatives, or business partners to lure cryptocurrency professionals into Zoom meetings.

Cryptocurrency 94

Cryptocurrency Social Engineering Cybercrime Engineering 94

Security Affairs

MARCH 27, 2025

Cybercriminals are exploiting the popularity of DeepSeek by using fake sponsored Google ads to distribute malware. While DeepSeek is rising in popularity, threat actors are attempting to exploit it by using fake sponsored Google ads to distribute malware, Malwarebytes researchers warn. ” reads the alert published by Malwarebytes.

Malware 67

Malware Data collection Advertising Media 67

Security Affairs

APRIL 25, 2025

The attackers used multiple hacking tools and malware, including ThreatNeedle , Agamemnon downloader, wAgent , SIGNBT, and COPPERHEDGE. We found that the malware was running in the memory of a legitimateSyncHost.exeprocess, and was created as a subprocess of Cross EX, legitimate software developed in South Korea.”

Malware 92

Malware Software Encryption Hacking 92

Krebs on Security

NOVEMBER 28, 2022

But that story omitted an important historical detail about Pushwoosh: In 2013, one of its developers admitted to authoring the Pincer Trojan , malware designed to surreptitiously intercept and forward text messages from Android mobile devices. But Reuters found that while Pushwoosh’s social media and U.S.

Mobile 285

Mobile Malware Technology Government 285

Krebs on Security

NOVEMBER 9, 2024

A review of EDR vendors across many cybercrime forums shows that some fake EDR vendors sell the ability to send phony police requests to specific social media platforms, including forged court-approved documents. “Unfortunately, a lot of this is phishing or malware campaigns,” Donahue said. dot-gov emails get hacked.

Hacking 280

Hacking Accountability Government Social Engineering 280

Schneier on Security

JUNE 23, 2021

To evade detection, the malware makes use of the company’s so-called “invisible low stealth technology” and its Android product is advertised as having “low data and battery consumption” to prevent people from suspecting their phone or tablet has been infected.

Manufacturing 295

Manufacturing Spyware Surveillance Marketing 295

Malwarebytes

MAY 1, 2025

Whereas early phishing scams arrived almost entirely through emails, modern phishing scams can reach victims through malicious websites, text messages, social media, and even mobile app downloads. Social media account hacks are not only a risk to content creatorstheyre a risk to any business with a legitimate online audience.

Small Business 82

Small Business Cybersecurity Passwords Scams 82

Krebs on Security

SEPTEMBER 17, 2020

The government alleges the men used malware-laced phishing emails and “supply chain” attacks to steal data from companies and their customers. APT41 was known to hide its malware inside fake resumes that were sent to targets. APT41’s activities span from the mid-2000s to the present day.

Antivirus 363

Antivirus Hacking Software Government 363

Security Affairs

NOVEMBER 1, 2024

LightSpy can steal files from multiple popular applications like Telegram, QQ, and WeChat, as well as personal documents and media stored on the device. Destructive plugin: capable of deleting media files from the device PushMessage 1.0.0 Destructive plugin: capable of deleting media files from the device PushMessage 1.0.0

Spyware 142

Spyware Media Malware Hacking 142

Adam Levin

MARCH 31, 2022

Backups are inherently fallible, and can fall prey to malware, ransomware, power surges, and hardware failure. The only way to make sure your data is truly secured is by having backups of your backups.

Backups 293

Backups Media Malware Internet 293

Malwarebytes

FEBRUARY 19, 2025

These findings come from the 2025 State of Malware report. The threat of info stealers Info stealers are a type of malware that do exactly as they saythey steal information from peoples devices. But the variety of information that these pieces of malware can steal makes them particularly dangerous.

Malware 136

Malware Software Passwords Cryptocurrency 136

Security Affairs

NOVEMBER 5, 2024

” UNC5537 used stolen credentials obtained via infostealer malware. Independent news outlet 404 Media also confirmed Krebs’s findings 404 Media in September 2024. This led to extensive data theft, with the attackers later attempting to extort victims and sell stolen data on criminal forums.

Unstructured Data 120

Unstructured Data Media Cybercrime Hacking 120

The Hacker News

FEBRUARY 2, 2025

A Russian-speaking cybercrime gang known as Crazy Evil has been linked to over 10 active social media scams that leverage a wide range of tailored lures to deceive victims and trick them into installing malware such as StealC, Atomic macOS Stealer (aka AMOS), and Angel Drainer.

Malware 123

Malware Cryptocurrency Scams Cybercrime 123

Joseph Steinberg

NOVEMBER 30, 2021

Initiate contact with a charity via its website/listed phone number/physical address/official social media accounts; never send payment details to anyone who initiates contact with you and claims to represent a charity. Also, keep in mind that image links could point to malware-spreading sites. Always use outbound communications.

Scams 363

Scams Artificial Intelligence Media Cryptocurrency 363

SecureList

NOVEMBER 29, 2024

Kaspersky solutions worldwide detected this type of malware on 297,485 unique user devices. This malware also possessed the capability to install a backdoor on compromised systems. User-generated content platforms, such as forums, and compromised legitimate websites are both susceptible to malware infection. 2 Tajikistan 1.63

Mobile 106

Mobile Adware Ransomware Malware 106

Security Affairs

OCTOBER 13, 2024

The Mexican Drug Cartels Want You Casio: Notice of Partial Service Outage and Information Leak Caused by Ransomware Attack He founded a “startup” to access sanctioned Russian websites: the cyber police of Khmelnytskyi region exposed the hacker Hacked ‘AI Girlfriend’ Data Shows Prompts Describing Child Sexual Abuse Malware Over 300,000!

Data breaches 116

Data breaches Cryptocurrency Cybercrime Artificial Intelligence 116

The Hacker News

APRIL 10, 2024

Cybersecurity researchers have discovered a new Raspberry Robin campaign wave that propagates the malware through malicious Windows Script Files (WSFs) since March 2024.

Malware 134

Malware Media Cybersecurity 134