Search Results for: malware

security

Over 50 Million Passwords Stolen by 30+ Russian Cybercrime Groups Using Stealer Malware

In the first seven months of 2022, up to 34 Russian-speaking gangs using the stealer-as-a-service business model to distribute information-stealing software stole no less than 50 million credentials. The Singapore-based Group-IB reported that the “underground market value of stolen logs and compromised card data is estimated to be over $5.8 million.” The thieves not only …

Over 50 Million Passwords Stolen by 30+ Russian Cybercrime Groups Using Stealer Malware Read More »

Bookmark
Zero-day

New QBot Malware is dropped by attack that leverages Windows Zero-Day flaw as a cover.

The Qbot malware is dropped by new phishing assaults using a Windows zero-day vulnerability without the Mark of the Web security warnings being shown. The Mark of the Web is a unique property that Windows adds to files when they are downloaded from an untrusted remote location, such as the Internet or an email attachment. …

New QBot Malware is dropped by attack that leverages Windows Zero-Day flaw as a cover. Read More »

Bookmark
InfoSec News Feeds

Hackers Hide Information-Stealing Malware in PNG Files Using Steganography

Experts at Avast, who built on the discoveries of ESET, the first to notice and report on the threat group known as “Worok”, conceals malware within PNG images to silently infect victims’ computers with information-stealing malware. Reports say it targets high-profile companies and local governments in Asia. Currently, they are targeting energy companies in Central …

Hackers Hide Information-Stealing Malware in PNG Files Using Steganography Read More »

Bookmark
google-play-store-malware

Malware Spotted on the Google Play Store Steals Banking Credentials & Intercepts SMS Messages

The Zscaler ThreatLabz team found the ‘Xenomorph’ banking trojan embedded in a Lifestyle app in the Google Play store. The app’s name is “Todo: Day manager,” and has more than 1,000 downloads.  The trojan called ‘Xenomorph’ steals login information from users’ devices’ banking applications. Additionally, it has the ability to intercept users’ SMS messages and …

Malware Spotted on the Google Play Store Steals Banking Credentials & Intercepts SMS Messages Read More »

Bookmark
Research: Preventative Approach Could Block 90% of Cyber-attacks

Cyber Today: Crypto Winter comes for FTX, oil and gas flow control vulnerability, images hide malware in PyPI

Crypto Winter comes for FTX Earlier this week, crypto exchange Binance signed a letter of intent to acquire its rival FTX. This comes after FTX experienced a liquidity crunch and reached out to Binance for assistance. The letter did not bind Binance to complete the acquisition. However, less than a day after signing the deal, …

Cyber Today: Crypto Winter comes for FTX, oil and gas flow control vulnerability, images hide malware in PyPI Read More »

Bookmark
malware

More than 250 US news sites inject malware in possible supply chain attack

Researchers at Proofpoint disclosed in a Tweet Wednesday that more than 250 U.S. news organizations have accessed malicious SocGholish malware in what could potentially become a very dangerous supply chain attack. In the Tweet, Proofpoint said it observed intermittent injections on a media company that serves video and advertising services to many major news outlets. …

More than 250 US news sites inject malware in possible supply chain attack Read More »

Bookmark
google-play-store-malware

Malicious APPS on Google Play deliver banking malware to victims

Android users are often advised to get mobile apps from Google Play, the company’s official app marketplace, to minimize the possibility of downloading malware. After all, Google analyzes apps before allowing them on the market. Unfortunately, time after time, we read about malware peddlers finding ways around that vetting process. “Distribution through droppers on official …

Malicious APPS on Google Play deliver banking malware to victims Read More »

Bookmark
malware

US charges Ukrainian national over alleged role in Raccoon Infostealer malware operation

U.S. officials have charged a Ukrainian national over his alleged role in the Raccoon Infostealer malware-as-a-service operation that infected millions of computers worldwide. Mark Sokolovsky — also known online as “raccoonstealer,” according to an indictment unsealed on Tuesday — is currently being held in the Netherlands while waiting to be extradited to the United States. The U.S. …

US charges Ukrainian national over alleged role in Raccoon Infostealer malware operation Read More »

Bookmark
infosec

Emotet Botnet Drops Malware via Self-Unlocking Password-Protected RAR Files

A surge of malspam campaigns has been recently attributed to Emotet botnet. Taking advantage of password-protected archive files, the notorious trojan drops CoinMiner and Quasar RAT on the systems it takes over. In an attack chain detected by Trustwave SpiderLabs researchers, an invoice-themed ZIP file lure was found to contain a nested self-extracting (SFX) archive, with the first archive having …

Emotet Botnet Drops Malware via Self-Unlocking Password-Protected RAR Files Read More »

Bookmark