The case of the Netis router firmware backdoor shows you that even if a company puts out a patch to resolve security issues, the problem lingers on for years, as users fail to update their devices, or the patch itself fails to properly fix the issue. In 2014, Trend Micro researchers announced they found a […]
Firmware that actively tries to hide itself allows attackers to install apps as root. Almost three million Android phones, many of them used by people in the US, are vulnerable to code-execution attacks that remotely seize full control of the devices, researchers said Thursday. Until recently, the flaw could have been exploited by anyone who […]
Hardware hacker Samy Kamkar has released a new tool called PoisonTap that is capable of a plethora of malicious actions, all of which work even against password-protected computers on which an attacker can’t access the desktop. PoisonTap is a small device built on top of a Raspberry Pi Zero $5 board, which runs custom software […]
Short Bytes: Kryptowire has found a secret backdoor in budget Android smartphones. They took the BLU R1 HD for testing and concluded that device has a firmware created by Shanghai AdUps Technology Co. Ltd which is being used to send device data and identifiable user information servers in China. A security research firm Kryptowire has […]
In “mistake,” AdUps collected data from BLU Android phones in US. Security firm Kryptowire has uncovered a backdoor in the firmware installed on low-cost Android phones, including phones from BLU Products sold online through Amazon and Best Buy. The backdoor software, initially discovered on the BLU R1 HD, sent massive amounts of personal data about the […]
If you ask any malware analyst these days, they’ll tell you they come across countless of useless or unfinished malware variants on a daily basis. One of the latest, and probably the weirdest was uncovered yesterday by GData malware analyst Karsten Hahn, who came across a fake cleaner app called CainXPiiCleaner, which exhibited some odd […]
Trojan targets desktops, not servers or IoT devices. Malware authors are taking aim at Linux computers, more precisely desktops and not servers, with a new trojan named FakeFile, currently distributed in live attacks. Russian antivirus vendor Dr.Web discovered this new trojan in October. The company’s malware analysts say the trojan is spread in the form of […]
Experts from the White Fir Design discovered cybe rcriminals exploited a zero-day flaw in an e-commerce plugin for WordPress to upload a backdoor. According to the experts from the firm White Fir Design, crooks exploited a zero-day flaw in an e-commerce plugin for WordPress to upload backdoors to affected websites. The plugin is WP Marketplace, a […]
Android Smartphones from Foxconn Manufacturer Plagued with Dangerous Security Flaw known as Pork Explosion. Android operating system has become quite vulnerable to hacking issues and Google has continuously been trying to fix the security flaws and make the system reliable enough for users around the world. However, despite all these efforts to patch up the […]
Quick and handy APK backdoor embedder with metasploit android payloads. Requirements: metasploit Installation and execution: Then you can download smap by cloning the Git repository: git clone https://github.com/suraj-root/spade.git cd spade/ ./spade.py
Spam wave dropping trapped PUB file spotted by security experts at Bitdefender. These PUB file deliver a backdoor which is capable of setting sensitive information’s from corporate information. When the victim opens the file PUB file it triggers a VBscript and downloads CAB file. PUB file –> VbScript –> AutoIt script –> Backdoor This CAB file has […]
A Dutch Computer Science student discovered the presence of a backdoor that could allow an attacker to silently install any app on Xiaomi phones. A Dutch Computer Science student, Thijs Broenink, who analyzed his Xiaomi mobile device discovered the presence of a backdoor that could allow an attacker to silently install any app on the phone. The […]
A targeted spam wave is infecting Windows computers with a backdoor capable of stealing sensitive corporate information from medium and small-sized businesses. Bitdefender antispam researchers have identified a couple of thousand emails containing .pub attachments posing as orders and invoices for products. The email senders impersonate employees from small and medium-sized businesses from the UK and […]
Short Bytes: A cross-platform malware family has been reported by a security researcher from Kaspersky Lab. The malware can create a backdoor on Windows, Linux, and Mac OS X machines to collect data which can be transmitted to Command and Control Server over an encrypted connection. Times have gone when the term malware was familiar […]
In a nutshell Backdoor.OSX.Mokes.a is the most recently discovered OS X variant of a cross-platform backdoor which is able to operate on all major operating systems (Windows,Linux,OS X). Please see also ouranalysis on the Windows and Linux variants. This malware family is able to steal various types of data from the victim’s machine (Screenshots, Audio-/Video-Captures, […]
The Linux Trojan Linux.PNScan is back and it is actively targeting routers based on x86 Linux in an attempt to install backdoors on them. Yesterday I wrote about a new Linux Trojan dubbed Linux.Rex.1, a new Linux malware that is capable of self-spreading and creating a peer-to-peer botnet, now experts from Malware Must Die discovered a new strain […]
Crooks also delivering keyloggers and password stealers. A new trojan called BackDoor.TeamViewerENT.1 is using parts of the legitimate TeamViewer application to allow crooks to spy on infected systems. The concept is not new by any means, and crooks employed TeamViewer in the past, when they packaged the legitimate app alongside their malware and used it to […]
With the popularity of PokemonGo, it was inevitable that a malware developer would create a ransomware that impersonates it. This is the case with a new Hidden-Tear ransomware discovered by Michael Gillespie that impersonates a PokemonGo application for Windows and targets Arabic victims. PokemonGo Ransomware Icon On first glance, the PokemonGo ransomware infection looks like any other generic ransomware infection. It will scan […]
Keys to BYPASS UEFI secure boot Microsoft accidentally leaked the Secret keys to BYPASS UEFI secure boot that allow hackers to unlock devices protected by UEFI (Unified Extensible Firmware Interface) Secure Boot feature. Secure Boot is a security feature that protects your device from certain types of malware, such as a rootkit, which can hijack your […]
Easy tool for generate backdoor with msfvenom ( part of metasploit framework ) and program compiles a C program with a meterpreter reverse_tcp payload In it that can then be executed on a windows host Program to create a C program after it is compiled that will bypass most AV. Automating metasploit functions Checks for […]
Short Bytes: Two researchers reported that Microsoft accidently compromised the golden keys to its UEFI Secure boot feature. The golden keys allow the developer to bypass the Window boot manager check and install a non-Microsoft OS on the machine. Microsft has released two patches to rectify the mistakes since then. It’s almost a week since […]