Malware and Technology - Cyber Security Informer

TP-Link Router Botnet

Schneier on Security

MARCH 14, 2025

There is a new botnet that is infecting TP-Link routers: The botnet can lead to command injection which then makes remote code execution (RCE) possible so that the malware can spread itself across the internet automatically. Details.

Manufacturing

Manufacturing Healthcare Malware Internet

FBI Raids Chinese Point-of-Sale Giant PAX Technology

Krebs on Security

OCTOBER 26, 2021

federal investigators today raided the Florida offices of PAX Technology , a Chinese provider of point-of-sale devices used by millions of businesses and retailers globally. FBI agents entering PAX Technology offices in Jacksonville today. Headquartered in Shenzhen, China, PAX Technology Inc. organizations. Source: WOKV.com.

Technology

Technology Retail Computers and Electronics Malware

Govt. Services Firm Tyler Technologies Hit in Apparent Ransomware Attack

Krebs on Security

SEPTEMBER 23, 2020

Tyler Technologies , a Texas-based company that bills itself as the largest provider of software and technology services to the United States public sector, is battling a network intrusion that has disrupted its operations. Tyler Technologies declined to say how the intrusion is affecting its customers.

Technology

Technology Ransomware Software Government

Ransomware attack hit Indian multinational Tata Technologies

Security Affairs

FEBRUARY 1, 2025

Indian multinational technology company Tata Technologies suspended some IT services following a ransomware attack. Indian multinational Tata Technologies , a Tata Motors subsidiary, suspended some IT services following a ransomware attack. Threat actors hit the company’s information technology (IT) infrastructure.

Technology

Technology Ransomware Engineering Manufacturing

New VPN Backdoor

Schneier on Security

JANUARY 27, 2025

A newly discovered VPN backdoor uses some interesting tactics to avoid detection: When threat actors use backdoor malware to gain access to a network, they want to make sure all their hard work can’t be leveraged by competing groups or detected by defenders.

VPN

VPN Encryption Malware Technology

News alert: CyTwist launches threat detection engine tuned to identify AI-driven malware in minutes

The Last Watchdog

JANUARY 7, 2025

Ramat Gan, Israel, January 7th, 2025, CyberNewswire — CyTwist , a leader in advanced next-generation threat detection solutions, has launched its patented detection engine to combat the insidious rise of AI-generated malware. This simulation underscored the importance of adopting advanced technologies to address modern cyber challenges.

Threat Detection

Threat Detection Engineering Malware Artificial Intelligence

J-magic malware campaign targets Juniper routers

Security Affairs

JANUARY 24, 2025

Lumen Technologies researchers reported that the J-magic campaign targets Juniper routers with a custom backdoor using a passive agent based on the cd00r variant (an open-source backdoor by fx ). The J-magic campaign is notable for targeting JunoOS, a FreeBSD-based operating system that threat actors rarely target in malware attacks.

Malware

Malware VPN Encryption Hacking

ChatGPT-Written Malware

Schneier on Security

JANUARY 10, 2023

I don’t know how much of a thing this will end up being, but we are seeing ChatGPT-written malware in the wild. And the technology will only get better. “It’s still too early to decide whether or not ChatGPT capabilities will become the new favorite tool for participants in the Dark Web,” company researchers wrote.

Malware

Malware Encryption Cybercrime Passwords

Mobile malware evolution in 2024

SecureList

MARCH 3, 2025

million attacks involving malware, adware or unwanted mobile software were prevented. million malware, adware or unwanted software attacks targeting mobile devices. Some time later, the user received a phishing link to download malware disguised as a shipment tracking app. A total of 1.1 A total of 1.1

Mobile

Mobile Malware Adware Banking

Hunters International gang claims the theft of 1.4 TB of data allegedly stolen from Tata Technologies

Security Affairs

MARCH 5, 2025

Ransomware group Hunters International claims to have hacked Tata Technologies, threatening to leak 1.4 The Hunters International ransomware group claimed to have breached the Indian multinational technology company Tata Technologies, a Tata Motors subsidiary. TB of stolen data. The group claims the theft of 1.4

Technology

Technology Ransomware Engineering Manufacturing

Industrial Cyber Security Basics Can Help Protect APAC Operational Technology Operators: Dragos

Tech Republic Security

JULY 8, 2024

Operational technology users face challenges including communication between process engineering and cyber security teams, a growth in malware and ransomware, and insiders making basic technology mistakes.

Technology

Technology Engineering Ransomware Malware

News alert: SpyCloud accelerates supply chain risk analysis with new ‘IDLink’ correlation capability

The Last Watchdog

OCTOBER 10, 2024

SpyCloud Investigations is a powerful cybercrime and identity threat investigation solution used by analysts and investigators to discover and act on threats by navigating the world’s largest repository of recaptured breach, malware, and phishing data.

Risk

Risk Cybercrime Identity Theft Phishing

Calendar Meeting Links Used to Spread Mac Malware

Krebs on Security

FEBRUARY 28, 2024

But clicking the meeting link provided by the scammers prompts the user to run a script that quietly installs malware on macOS systems. Doug then messaged the Mr. Lee account on Telegram, who said there was some kind of technology issue with the video platform, and that their IT people suggested using a different meeting link.

Malware

Malware Cryptocurrency Software Phishing

ZuoRAT Malware Is Targeting Routers

Schneier on Security

JUNE 30, 2022

Wired is reporting on a new remote-access Trojan that is able to infect at least eighty different targets: So far, researchers from Lumen Technologies’ Black Lotus Labs say they’ve identified at least 80 targets infected by the stealthy malware, including routers made by Cisco, Netgear, Asus, and DrayTek.

Malware

Malware DNS Architecture Hacking

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Krebs on Security

NOVEMBER 9, 2024

based technology companies. Donahue said 60 technology companies are now routing all law enforcement data requests through Kodex, including an increasing number of financial institutions and cryptocurrency platforms. “Unfortunately, a lot of this is phishing or malware campaigns,” Donahue said.

Hacking

Hacking Accountability Government Social Engineering

When Your Smart ID Card Reader Comes With Malware

Krebs on Security

MAY 17, 2022

The consensus seems to be that the ZIP file currently harbors a malware threat known as Ramnit , a fairly common but dangerous trojan horse that spreads by appending itself to other files. He said Saicoo did not address his concern that the driver package on its website was bundled with malware. Image: Virustotal.com.

Malware

Malware Government Internet Internet

GUEST ESSAY: Introducing ‘killware’ — malware designed to contaminate, disrupt critical services

The Last Watchdog

DECEMBER 20, 2021

Killware is a type of malware deployed to cause physical harm: contaminate community water supplies, exploit and obstruct networks used by hospitals and healthcare facilities, jam air traffic control networks, contaminate gasoline supplies, and, in some instances, deliberately cause death where and when it is least expected.

Malware

Malware Phishing Technology Ransomware

Why Phishers Love New TLDs Like.shop,top and.xyz

Krebs on Security

DECEMBER 3, 2024

Interisle sources data about cybercrime domains from anti-spam organizations, including the Anti-Phishing Working Group (APWG), the Coalition Against Unsolicited Commercial Email (CAUCE), and the Messaging, Malware, and Mobile Anti-Abuse Working Group (M3AAWG). But this past year, Interisle found the U.S.

Cybercrime

Cybercrime Phishing Accountability Internet

No SOCKS, No Shoes, No Malware Proxy Services!

Krebs on Security

AUGUST 2, 2022

Compounding the problem, several remaining malware-based proxy services have chosen to block new registrations to avoid swamping their networks with a sudden influx of customers. com , a malware-based proxy network that has been in existence since at least 2010. Last week, a seven-year-old proxy service called 911[.]re

Malware

Malware Cybercrime Internet Internet

U.S. Govt. Apps Bundled Russian Code With Ties to Mobile Malware Developer

Krebs on Security

NOVEMBER 28, 2022

But that story omitted an important historical detail about Pushwoosh: In 2013, one of its developers admitted to authoring the Pincer Trojan , malware designed to surreptitiously intercept and forward text messages from Android mobile devices. ” wherein Shmakov acknowledged writing the malware as a freelance project.

Mobile

Mobile Malware Technology Government

Operation ForumTroll: APT attack with Google Chrome zero-day exploit chain

SecureList

MARCH 25, 2025

In mid-March 2025, Kaspersky technologies detected a wave of infections by previously unknown and highly sophisticated malware. However, Kaspersky’s exploit detection and protection technologies successfully identified the zero-day exploit that was used to escape Google Chrome’s sandbox. Generic Trojan.Win64.Agent

Malware

Malware Education Technology Media

3CX Breach Was a Double Supply Chain Compromise

Krebs on Security

APRIL 20, 2023

Researchers at ESET say this job offer from a phony HSBC recruiter on LinkedIn was North Korean malware masquerading as a PDF file. Mandiant found the compromised 3CX software would download malware that sought out new instructions by consulting encrypted icon files hosted on GitHub. Image: Mandiant.

Malware

Malware Software Technology Accountability

Iran and China-linked actors used ChatGPT for preparing attacks

Security Affairs

OCTOBER 11, 2024

” Beyond previous reports on this threat actor’s focus on ICS and PLCs, the prompts observed during this campaign provide precious information on other technologies and software the state-sponsored hackers may target. This included working on malware that was still in development, and looking for information on potential targets.”

Malware

Malware Social Engineering Engineering Hacking

GUEST ESSAY: The promise and pitfalls of using augmented reality– ‘AR’ — in cybersecurity

The Last Watchdog

NOVEMBER 11, 2024

The technology, which first emerged primarily in the world of gaming and entertainment, now promises to reshape our reality with interactive information and immersive experiences. In short, AR is undoubtedly a groundbreaking technology that will reinvent how we interact with the digital world. Related: Is the Metaverse truly secure?

Cybersecurity

Cybersecurity Social Engineering Technology Threat Detection

New AI “agents” could hold people for ransom in 2025

Malwarebytes

FEBRUARY 4, 2025

A paradigm shift in technology is hurtling towards us, and it could change everything we know about cybersecurity. When ChatGPT was unveiled to the public in late 2022, security experts looked on with cautious optimism, excited about the new technology but concerned about its use in cyberattacks. Uhh, again, that is.

Artificial Intelligence

Artificial Intelligence Small Business Malware Technology

News Alert: Guardz uncovers new macOS malware – Hidden Virtual Network Computing (hVNC)

The Last Watchdog

AUGUST 1, 2023

1, 2023 – Guardz , the cybersecurity company securing and insuring SMEs, today disclosed the existence of a Hidden Virtual Network Computing (hVNC) malware targeting macOS devices. While cybercriminals have predominantly designed malware to target Microsoft Windows devices at scale, they are now increasingly developing tools for macOS.

Malware

Malware Insurance Cyber Insurance Small Business

Is Your Chip Card Secure? Much Depends on Where You Bank

Krebs on Security

JULY 30, 2020

Chip-based credit and debit cards are designed to make it infeasible for skimming devices or malware to clone your card when you pay for something by dipping the chip instead of swiping the stripe. But a recent series of malware attacks on U.S.-based

Banking

Banking Malware Encryption Accountability

Beyond the Surface: the evolution and expansion of the SideWinder APT group

SecureList

OCTOBER 15, 2024

The malware uses different strings to load libraries and functions required for execution. q=0" Icon File Name : %systemroot%System32moricons.dll Machine ID : desktop-84bs21b Downloader module The RTF exploits and LNK files execute the same JavaScript malware. In particular, Avast and AVG solutions are of interest to the malware.

Malware

Malware Encryption Architecture Phishing

The Fake Browser Update Scam Gets a Makeover

Krebs on Security

OCTOBER 18, 2023

One of the oldest malware tricks in the book — hacked websites claiming visitors need to update their Web browser before they can view any content — has roared back to life in the past few months. “The team is committed to ongoing monitoring of addresses that are involved in spreading malware scripts on the BSC. .

Scams

Scams Malware Cryptocurrency Hacking

SmokeLoader Malware Resurfaces, Targeting Manufacturing and IT in Taiwan

The Hacker News

DECEMBER 2, 2024

Taiwanese entities in manufacturing, healthcare, and information technology sectors have become the target of a new campaign distributing the SmokeLoader malware.

Manufacturing

Manufacturing Malware Healthcare Technology

Privacy Roundup: Week 3 of Year 2025

Security Boulevard

JANUARY 20, 2025

Specifically, stories and news items where public and/or private organizations have leveraged their capabilities to encroach on user privacy; for example, data brokers using underhanded means to harvest user location data without user knowledge or public organizations using technology without regard for user privacy.

Surveillance

Surveillance Malware Data breaches Scams

Fintech Giant Finastra Investigating Data Breach

Krebs on Security

NOVEMBER 19, 2024

The financial technology firm Finastra is investigating the alleged large-scale theft of information from its internal file transfer platform, KrebsOnSecurity has learned. “The threat actor did not deploy malware or tamper with any customer files within the environment,” the notice reads.

Data breaches

Data breaches Banking Cybercrime Advertising

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

The Last Watchdog

DECEMBER 18, 2024

To wrap up our 2024 year-end roundtable, we turn our attention to new technologies and trends that are emerging to help bridge the gaps. While fully agentic AI malware remains years away, the industry must prepare now. We can expect security teams feeling pressure to adopt new technology quickly.

Risk

Risk Threat Detection Technology Phishing

Take my money: OCR crypto stealers in Google Play and App Store

SecureList

FEBRUARY 5, 2025

In March 2023, researchers at ESET discovered malware implants embedded into various messaging app mods. The campaign, which targeted Android and Windows users, saw the malware spread through unofficial sources. The campaign, which targeted Android and Windows users, saw the malware spread through unofficial sources.

Malware

Malware Encryption Mobile Cryptocurrency

RSAC insights: Malware is now spreading via weaponized files circulating in data lakes, file shares

The Last Watchdog

JUNE 3, 2022

At RSA Conference 2022 , which takes place next week in San Francisco, advanced technologies to help companies implement zero trust principals will be in the spotlight. Votiro has established itself as a leading supplier of advanced technology to cleanse weaponized files. This is a very good thing.

Unstructured Data

Unstructured Data Malware Digital transformation Authentication

Thai police arrested Chinese hackers involved in SMS blaster attacks

Security Affairs

NOVEMBER 25, 2024

“This “SMS blasting” attack relies on using technology that impersonates cellular base stations and is capable of transmitting thousands of messages to devices within a close geographical radius.” ” first reported TechCrunch.

Mobile

Mobile Scams Technology Telecommunications

Medical Debt Collection Firm R1 RCM Hit in Ransomware Attack

Krebs on Security

AUGUST 14, 2020

Sources close to the investigation tell KrebsOnSecurity the malware is known as Defray. Email security company Proofpoint says the Defray ransomware is somewhat unusual in that it is typically deployed in small, targeted attacks as opposed to large-scale “spray and pray” email malware campaigns.

Ransomware

Ransomware Healthcare Insurance Phishing

Desert Dexter Targets 900 Victims Using Facebook Ads and Telegram Malware Links

The Hacker News

MARCH 10, 2025

The Middle East and North Africa have become the target of a new campaign that delivers a modified version of a known malware called AsyncRAT since September 2024.

Malware

Malware Media Technology

An Interview With the Target & Home Depot Hacker

Krebs on Security

NOVEMBER 14, 2024

Shefel asserts he and his team were responsible for developing the card-stealing malware that Golubov’s hackers installed on Target and Home Depot payment terminals, and that at the time he was technical director of a long-running Russian cybercrime community called Lampeduza. “I’m also godfather of his second son.”

Retail

Retail Advertising Cryptocurrency Marketing

Undercover miner: how YouTubers get pressed into distributing SilentCryptoMiner as a restriction bypass tool

SecureList

MARCH 5, 2025

This technology is used in various utilities, including ones for bypassing blocks and restrictions of access to resources worldwide. They started distributing malware under the guise of restriction bypass programs and injecting malicious code into existing programs. After the download, it saves the payload named t.py

Malware

Malware Cryptocurrency Antivirus Technology

US Disrupts Russian Botnet

Schneier on Security

APRIL 7, 2022

The operation copied and removed malware from vulnerable internet-connected firewall devices that Sandworm used for command and control (C2) of the underlying botnet. The botnet “targets network devices manufactured by WatchGuard Technologies Inc. WatchGuard) and ASUSTek Computer Inc. Those devices are still vulnerable.

Manufacturing

Manufacturing Firewall Malware Internet

Mollitiam Industries is the Newest Cyberweapons Arms Manufacturer

Schneier on Security

JUNE 23, 2021

To evade detection, the malware makes use of the company’s so-called “invisible low stealth technology” and its Android product is advertised as having “low data and battery consumption” to prevent people from suspecting their phone or tablet has been infected.

Manufacturing

Manufacturing Spyware Surveillance Marketing

U.S. Hacks QakBot, Quietly Removes Botnet Infections

Krebs on Security

AUGUST 29, 2023

government today announced a coordinated crackdown against QakBot , a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. “This is the most significant technological and financial operation ever led by the Department of Justice against a botnet,” said Martin Estrada , the U.S.

Hacking

Hacking Malware Ransomware Government

Report claims that Serbian authorities abused Cellebrite tool to install NoviSpy spyware

Security Affairs

DECEMBER 16, 2024

The spyware’s deployment relied on Cellebrite’s unlocking process, combining two invasive technologies to compromise the journalists digital privacy comprehensively. The malware is deployed via the Android Debug Bridge (adb) command-line utility. . ” reads the report published by Amnesty.

Spyware

Spyware Surveillance Technology Mobile

TP-Link Router Botnet

FBI Raids Chinese Point-of-Sale Giant PAX Technology

Trending Sources

Govt. Services Firm Tyler Technologies Hit in Apparent Ransomware Attack

Ransomware attack hit Indian multinational Tata Technologies

New VPN Backdoor

News alert: CyTwist launches threat detection engine tuned to identify AI-driven malware in minutes

J-magic malware campaign targets Juniper routers

ChatGPT-Written Malware

Mobile malware evolution in 2024

Hunters International gang claims the theft of 1.4 TB of data allegedly stolen from Tata Technologies

Industrial Cyber Security Basics Can Help Protect APAC Operational Technology Operators: Dragos

News alert: SpyCloud accelerates supply chain risk analysis with new ‘IDLink’ correlation capability

Calendar Meeting Links Used to Spread Mac Malware

ZuoRAT Malware Is Targeting Routers

FBI: Spike in Hacked Police Emails, Fake Subpoenas

When Your Smart ID Card Reader Comes With Malware

GUEST ESSAY: Introducing ‘killware’ — malware designed to contaminate, disrupt critical services

Why Phishers Love New TLDs Like.shop,top and.xyz

No SOCKS, No Shoes, No Malware Proxy Services!

U.S. Govt. Apps Bundled Russian Code With Ties to Mobile Malware Developer

Operation ForumTroll: APT attack with Google Chrome zero-day exploit chain

3CX Breach Was a Double Supply Chain Compromise

Iran and China-linked actors used ChatGPT for preparing attacks

GUEST ESSAY: The promise and pitfalls of using augmented reality– ‘AR’ — in cybersecurity

New AI “agents” could hold people for ransom in 2025

News Alert: Guardz uncovers new macOS malware – Hidden Virtual Network Computing (hVNC)

Is Your Chip Card Secure? Much Depends on Where You Bank

Beyond the Surface: the evolution and expansion of the SideWinder APT group

The Fake Browser Update Scam Gets a Makeover

SmokeLoader Malware Resurfaces, Targeting Manufacturing and IT in Taiwan

Privacy Roundup: Week 3 of Year 2025

Fintech Giant Finastra Investigating Data Breach

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

Take my money: OCR crypto stealers in Google Play and App Store

RSAC insights: Malware is now spreading via weaponized files circulating in data lakes, file shares

Thai police arrested Chinese hackers involved in SMS blaster attacks

Medical Debt Collection Firm R1 RCM Hit in Ransomware Attack

Desert Dexter Targets 900 Victims Using Facebook Ads and Telegram Malware Links

An Interview With the Target & Home Depot Hacker

Undercover miner: how YouTubers get pressed into distributing SilentCryptoMiner as a restriction bypass tool

US Disrupts Russian Botnet

Mollitiam Industries is the Newest Cyberweapons Arms Manufacturer

U.S. Hacks QakBot, Quietly Removes Botnet Infections

Report claims that Serbian authorities abused Cellebrite tool to install NoviSpy spyware

Stay Connected