In order to steal cryptocurrency and clipboard contents, ViperSoftX was detected by the security analysts at Avast, a Windows malware that is using a Google Chrome extension called VenomSoftX. A JavaScript-based RAT and crypto-hijacker are hidden within this Chrome extension which constantly attempts to steal the cryptocurrency and clipboard contents. Approximately 93,000 ViperSoftX infection attempts […]
A BazarLoader Windows malware campaign has been detected recently by the security firm, Unit42 of Plaalto Networks that was hosting one of their malicious files on Microsoft’s OneDrive service. This BazarLoader Windows malware enables the threat actors backdoor access and network reconnaissance. After the revelation of this incident, a former senior threat intelligence analyst of […]
Cybercriminals with suspected ties to Pakistan continue to rely on social engineering as a crucial component of its operations as part of an evolving espionage campaign against Indian targets, according to new research. The attacks have been linked to a group called Transparent Tribe, also known as Operation C-Major, APT36, and Mythic Leopard, which has […]
The latest in a series of online attacks is ‘Aggah’, a global malware campaign with roots in the Middle East. The Windows Malware comprises a commodity Trojan script being spread via an infected Microsoft Word Document. The perpetrators are tricking users into downloading and activating the malicious code using RevengeRAT. Since RevengeRat is comprised of […]
Yes, malware in Android apps aimed at Windows devices. Palo Alto Networks’ researchers have made a startling new discovery that nearly 145 applications available on the Google Play Store contain malicious Microsoft Windows executable files. Some of the malware-infected apps have been downloaded over a thousand times and display 4-star ratings. The malicious code cannot […]
Google removed around 145 apps from the Google Play store that infected by Windows Malware which are not developed to infect the Android platform but for windows OS devices. Removed APK files are infected while developers are creating these apps in compromised windows platform where attackers infect the applications with Windows-based keylogger. These types of […]
Zacinlo malware has been targeting Windows devices since 2012. A newly uncovered form of stealthy and persistent malware is distributing adware to victims across the world while also allowing attackers to take screenshots of infected machines’ desktops. Discovered by researchers at Bitdefender, the malware has been named Zacinlo after the name of the final payload that’s […]
Researchers find 150 Ramnit-infected apps a year after a similar batch was discovered. Last year, researchers discovered 132 Android apps in the Google Play market that lamely attempted to infect users with… Windows malware. On Wednesday, researchers with a different security company reported finding 150 more. The latest batch of apps, like the ones 12 months ago, were […]
WikiLeaks published today documentation on the CIA Angelfire project, a malware framework developed to infect Windows computers. According to a leaked CIA manual, Angelfire is made up of five components, each with its own purpose: ↦ Solartime – Malware that modifies the boot sector to load Wolfcreek. ↦ Wolfcreek – Self-loading driver that can load other drivers and user-mode applications. […]
When the world was dealing with the threat of the self-spreading WannaCry ransomware, WikiLeaks released a new batch of CIA Vault 7 leaks, detailing two apparent CIA malware frameworks for the Microsoft Windows platform. Dubbed “AfterMidnight” and “Assassin,” both malware programs are designed to monitor and report back actions on the infected remote host computer […]
Android apps have always remained an easy target of exploitation primarily because of the high number of Android users across the globe. In the latest research analysis from security firm Palo Alto Networks, it was revealed that around 132 Android apps on Google Play store contain malicious coding. This could be due to the use of infected computers by […]
Tagged as “Ranscam”, Powershell and script-based malware is a botched smash-and-grab. There has been a lot of ingenuity poured into creating crypto-ransomware, the money-making malware that has become the scourge of hospitals, businesses, and home users over the past year. But none of that ingenuity applies to Ranscam, a new ransom malware reported by Cisco’s Talos […]
The Russia-linked nation-state threat actor tracked as APT28 weaponized a security flaw in the Microsoft Windows Print Spooler component to deliver a previously unknown custom malware called GooseEgg. The post-compromise tool, which is said to have been used since at least June 2020 and possibly as early as April 2019, leveraged a now-patched flaw that […]
Despite a plethora of available security solutions, more and more organizations fall victim to Ransomware and other threats. These continued threats aren’t just an inconvenience that hurt businesses and end users – they damage the economy, endanger lives, destroy businesses and put national security at risk. But if that wasn’t enough – North Korea appears […]
A new elaborate attack campaign has been observed employing PowerShell and VBScript malware to infect Windows systems and harvest sensitive information. Cybersecurity company Securonix, which dubbed the campaign DEEP#GOSU, said it’s likely associated with the North Korean state-sponsored group tracked as Kimsuky (aka Emerald Sleet, Springtail, or Velvet Chollima). “The malware payloads used in the […]
Threat hunters have identified a new campaign that delivers the ZLoader malware, resurfacing nearly two years after the botnet’s infrastructure was dismantled in April 2022. A new variant of the malware is said to have been in development since September 2023, Zscaler ThreatLabz said in an analysis published this month. “The new version of ZLoader […]
Cybersecurity researchers have identified malicious packages on the open-source Python Package Index (PyPI) repository that deliver an information stealing malware called WhiteSnake Stealer on Windows systems. The malware-laced packages are named nigpal, figflix, telerer, seGMM, fbdebug, sGMM, myGens, NewGends, and TestLibs111. They have been uploaded by a threat actor named “WS.” “These packages incorporate Base64-encoded […]
Trend Micro’s recent threat hunting efforts have uncovered active exploitation of CVE-2023-36025, a vulnerability in Microsoft Windows Defender SmartScreen, by a new strain of malware known as Phemedrone Stealer. This malware targets web browsers, cryptocurrency wallets, and messaging apps like Telegram, Steam, and Discord, stealing data and sending it to attackers via Telegram or command-and-control […]
A new Go-based information stealer malware called JaskaGO has emerged as the latest cross-platform threat to infiltrate both Windows and Apple macOS systems. AT&T Alien Labs, which made the discovery, said the malware is “equipped with an extensive array of commands from its command-and-control (C&C) server.” Artifacts designed for macOS were first observed in July […]
Cybersecurity researchers have identified a set of 116 malicious packages on the Python Package Index (PyPI) repository that are designed to infect Windows and Linux systems with a custom backdoor. “In some cases, the final payload is a variant of the infamous W4SP Stealer, or a simple clipboard monitor to steal cryptocurrency, or both,” ESET […]
A new cyber attack campaign has been observed using spurious MSIX Windows app package files for popular software such as Google Chrome, Microsoft Edge, Brave, Grammarly, and Cisco Webex to distribute a novel malware loader dubbed GHOSTPULSE. “MSIX is a Windows app package format that developers can leverage to package, distribute, and install their applications […]