Think, Talk, Hack

Hacked WordPress Sites Abusing Visitors’ Browsers for Distributed Brute-Force Attacks

Threat actors are conducting brute-force attacks against WordPress sites by leveraging malicious JavaScript injections, new findings from Sucuri reveal. The attacks, which take the form of distributed brute-force attacks, “target WordPress websites from the browsers of completely innocent and unsuspecting site visitors,” security researcher Denis Sinegubko said. The activity is part of a previously documented […]

root

Beware of Highly Sophisticated DarkTortilla Malware Distributed Via Phishing Sites

Cyble Research and Intelligence Labs (CRIL) detected threat Actors (TAs) distributing the malware DarkTortilla. Since 2015, the complex .NET-based malware known as DarkTortilla has been operating.  Researchers say that numerous stealers and Remote Access Trojans (RATs) including AgentTesla, AsyncRAT, NanoCore, etc. are known to be dropped by the malware. DarkTortilla and Its Specific Actions Security researchers […]

root

A Large-Scale Supply Chain Attack Distributed Over 800 Malicious NPM Packages

A threat actor dubbed “RED-LILI” has been linked to an ongoing large-scale supply chain attack campaign targeting the NPM package repository by publishing nearly 800 malicious modules. “Customarily, attackers use an anonymous disposable NPM account from which they launch their attacks,” Israeli security company Checkmarx said. “As it seems this time, the attacker has fully-automated […]

root

Facestealer Infects 100,000+ Users Distributed Through Google Play

“Craftsart Cartoon Photo Tools,” one of the most popular mobile apps on the official Google Play store, has registered more than 100,000 downloads. However, the app is actually infected with Facestealer Android malware. The app, which pretends to be a legitimate photo editor, was deemed somewhat safe by Pradeo’s security experts. Through a variety of […]

root

SharkBot – New Generation Malware on Google Play Distributed as Android Antivirus App

While malware distributors may have a harder time getting their malicious apps through Google’s automatic scanning and flagging system, but, SharkBot shows that they can easily bypass the company’s security barriers and even human or manual verifications.  Although the app was unpopular, its presence in Google Play Store shows that nobody but the distribution platform […]

root

25 Malicious JavaScript Libraries Distributed via Official NPM Package Repository

Another batch of 25 malicious JavaScript libraries have made their way to the official NPM package registry with the goal of stealing Discord tokens and environment variables from compromised systems, more than two months after 17 similar packages were taken down. The libraries in question leveraged typosquatting techniques and masqueraded as other legitimate packages such […]

root

A New Jupyter Malware Version is Being Distributed via MSI Installers

Cybersecurity researchers have charted the evolution of Jupyter, a .NET infostealer known for singling out healthcare and education sectors, which make it exceptional at defeating most endpoint security scanning solutions. The new delivery chain, spotted by Morphisec on September 8, underscores that the malware has not just continued to remain active but also showcases “how […]

root

APT Hackers Distributed Android Trojan via Syrian e-Government Portal

An advanced persistent threat (APT) actor has been tracked in a new campaign deploying Android malware via the Syrian e-Government Web Portal, indicating an upgraded arsenal designed to compromise victims. “To the best of our knowledge, this is the first time that the group has been publicly observed using malicious Android applications as part of […]

root

Malvertising Campaign On Google Distributed Trojanized AnyDesk Installer

Cybersecurity researchers on Wednesday publicized the disruption of a “clever” malvertising network targeting AnyDesk that delivered a weaponized installer of the remote desktop software via rogue Google ads that appeared in the search engine results pages. The campaign, which is believed to have begun as early as April 21, 2021, involves a malicious file that […]

root

New Variant of HawkEye Sold on Hacking Forums and Distributed via Excel and DOC Files

Threat actors advertised a new version of the information stealer malware kit HawkEye Reborn v9 that exfiltrates various information from the infected systems. Talos observed the ongoing campaigns targeting organization leveraging HawkEye Reborn v9 to exfiltrate sensitive information and login credentials. HawkEye malware kit is active since 2013, it has roboust stealing capabilities, it exfiltrates […]

root

Android banking malware distributed with fake Google reCAPTCHA

Sucuri’s cybersecurity researchers have identified a highly sophisticated phishing campaign that is specifically targeting online banking users. The attack, for now, has been directed against a Polish bank in which attackers are exploiting Google reCAPTCHA systems as well as panic-eliciting tactics to lure victims into clicking on infected, malicious links that are already embedded in […]

root

Distributed Denial o Secrets: a new competitor for WikiLeaks

The cyberactivism has a new anonymous face According to Salvador Ruiz, network security specialist from the International Institute of Cyber Security, Distributed Denial of Secrets (DDOS) is a transparency collective whose main goal is to enable the free transmission of public interest data. DDOS aims to avoid any political, corporate or personal leanings, and simply […]

root

Activists announce massive leaking of Russian politician’s emails on Distributed Denial of Secrets

Cyberactivists have announced the release of a massive archive with leaked information from Russian oligarchs and journalists According to network security and ethical hacking specialists from the International Institute of Cyber Security, a website has announced that it will soon reveals hundreds of thousands of emails leaked from Russian oligarchs and communist supporters, in the […]

root

Scannerl – The Modular Distributed Fingerprinting Engine

Scannerl is a modular distributed fingerprinting engine implemented by Kudelski Security. Scannerl can fingerprint thousands of targets on a single host, but can just as easily be distributed across multiple hosts. Scannerl is to fingerprinting what zmap is to port scanning. Scannerl works on Debian/Ubuntu/Arch (but will probably work on other distributions as well). It […]

root

100,000 Users Infected With the Password Stealing Malicious Chrome Extension Distributed Through Facebook

A new malware campaign propagating via crafted socially-engineered links on Facebook abuses the users by installing a malicious chrome extension and performs crypto mining, click fraud, Password theft and more. Facebook Malware campaigns are not new, this new campaign Modus operandi is same as like any other previous malware campaigns. Radware’s Threat Research team revealed […]

root

Cryptocurrency Miner Distributed via PHP Weathermap Vulnerability, Targets Linux Servers

Legitimate and large-scale cryptocurrency mining operations often invest in dedicated hardware and electric consumption to make a profit. This doesn’t escape the attention of cybercriminals: Malicious cryptocurrency mining was so pervasive last year that it was the most detected network event in devices connected to home routers. Through our incident response-related monitoring, we observed intrusion attempts whose indicators we’ve been able […]

root

New Variant of Scarab Ransomware Distributed via RDP on Systems and Servers

Security researchers from Malwarebytes detected Scarab ransomware variant distributed through RDP and used AES algorithm for encryption. The Scarabey variant is written in Delphi and it is identical to Scarab version the only change is the addresses of code and memory data references. The popular version of the Scarab Ransomware distributed by a Necurs botnet […]

root