Browsing category
Threat actors distribute malware by posting malicious ads that redirect users to the websites that offering malicious downloads disguised as document templates. The hacker group abused Yandex.Direct, an online advertising network to post the malvertising campaign and the malware hosted on GitHub. According to ESET Research team report, the campaign distributes the well-known Buhtrap and […]
Hackers exploiting the recently disclosed Oracle WebLogic Server remote code execution vulnerability to install a new variant of ransomware called “Sodinokibi.” The vulnerability allows anyone with HTTP access to the server can carry out the attack without authentication. The vulnerability affects Oracle WebLogic Server, versions 10.3.6.0, 12.1.3.0, Oracle fixed the issue on April 26, and […]
The Emotet malware has been frequently covered here in Hackercombat since July last year. It is not uncommon for a cyber security-centered website to discuss most if not all of its infection instances since it is a very complex banking trojan which continues to receive enhancements from its authors. This time around, we will cover […]
The Banking and Financial sectors were hit with a constant stream of cyber attacks when compared to any of the other industries. 25.7 percent of all malware attacks last year focused on Banks and Financial Services Organizations. According to Intsights Q1 2019 report, the credentials leak doubled to any of the quarters of 2018. The […]
Criminal activities against accountants on the rise – Buhtrap and RTM still active
In 2018 Palo Alto Networks’ Unit 42 researchers announced that they have identified a spear phishing campaign that is targeting U.S. National security think tanks and academic institutions. Research indicates that the “threat actor might have interests in gathering intelligence related to not only North Korea but possibly wider in the Northeast Asia region.” According […]
While detecting malicious software hidden in hardware parts is an incredibly complex task, cyber forensics course specialists believe that important steps are being taken to address this attack vector. Recently, threat actors have refined their methods to hide malware within the firmware of hard disks, graphics cards, motherboards and other commonly used components for the […]
Security researchers tracked a new malware loader JasperLoader, which has been active for the last few months and distributed through digitally signed emails. The campaign primarily targets European countries, it employs a multi-stage infection process with a number of obfuscation techniques, which make the analysis process more complicated. “Over the past several months, we’ve seen […]
A new wave of Emotet malware using a special type of evasion technique to fool the security software and hide the POST-infection traffic and evade the detection. Also it initially uses the hacked devices as proxy command and control (C&C) servers and redirects the traffic to the original C&C server that operating by threat actors. […]
Hackers use malicious MSI files that download and execute malicious files that could bypass traditional security solutions. The dropped malware is capable of initiating a system shutdown or targeting financial systems located in certain locations. Security researchers from TrendMicro discovered JScript/VBScript codes in several malicious *.msi files distributed through spam emails. The malicious JS code […]
Threat actors behind the new malware campaign DNSpionage created a new remote administrative tool that supports HTTP and DNS communication with C&C Server that operates by attackers. Based on a recent incident, the DNSpionage campaign which is developed and operates by APT 34 hacking group to perform MITM Attack to steal the authentication details through […]
Malware Analysis: An Introduction Cybercriminals are turning more sophisticated and innovative, new and advanced varieties of malware are coming up and malware detection is turning out to be a real challenge. Malware analysis, which involves analyzing the origin, the functionalities and the potential impact of any malware sample, is of key importance as regards cybersecurity […]
The cybercriminal group behind the infamous DNSpionage malware campaign has been found running a new sophisticated operation that infects selected victims with a new variant of the DNSpionage malware. First uncovered in November last year, the DNSpionage attacks used compromised sites and crafted malicious documents to infect victims’ computers with DNSpionage—a custom remote administrative tool […]
Cybercriminals abusing Google sites via drive-by download attack to host dubbed “LoadPCBanker” banking malware to steal various sensitive data from compromised victims. Threat actors abusing Google sites file cabinets template and use it as a delivery medium and SQL as an exfiltration channel to share the stolen data to the remote server. Google Sites is […]
Researchers spotted a new wave of cyber attack from Russian speaking hacker who uses the weaponized TeamViewer to compromise and gain the full control of the Government network systems. Teamviewer is the most popular tool used for remote Desktop control, desktop sharing, online meetings, web conferencing and file transfer between computers. Based on the entire […]
More than 50 malicious apps with more than 30 Million installations found on Google play, that display annoying ads and in some cases, it convinces the user to install other apps. According to Avast, all the malicious apps are linked together using the third party Android libraries to bypasses background restrictions with the newer versions […]
New Malware attack campaign dubbed “Aggah” targeting various countries via weaponized Word documents and infect the victims by dropping the available RevengeRAT from Pastebin. Researchers from Palo Alto recently observed the largest malware campaign via telemetry and they named as Aggah based on the actor’s alias “hagga”. Threat actors behind this campaign also make use […]
ERMProtect Launches a new extensive list of animated chalkboard videos, digital games, cyber dictionaries, phishing tests and quizzes that allow employees to recognize the tactics followed by hackers. The educational games were launched to show the employees how to work safely online and to minimize the risk of triggering an organizational data breach. “The games […]
A group of hackers named “Lab Dookhtegan” leaked APT 34 Hacking Group owned powerful hacking tools, Malware source code and Web shell URL’s leaked via their Telegram channel which contains nearly 30 members. APT 34, a Well known hacking group believed to be originated from the Ministry of Intelligence of Iran that appears to target […]
Researchers discovered a new malicious campaign called “Sea Turtle,” attack public and private entities in various countries using DNS hijacking as a mechanism. State sponsored threat actors compromise at least 40 different organizations across 13 different countries during this malicious campaign in the first quarter of 2019. Attackers carried out highly persistent tactics and advanced […]
Cyber criminals launching a new malware campaign that make use of legitimate script engine AutoHotkey with a malicious script to evade detection and also gain the remote access to the targeted system. AutoHotkey is an open source Microsoft Windows tool that allows you to create macros, scripts, and automate frequently performed tasks on your computer. Attackers […]