The Iranian state-sponsored threat actor known as OilRig deployed three different downloader malware throughout 2022 to maintain persistent access to victim organizations located in Israel. The three new downloaders have been named ODAgent, OilCheck, and OilBooster by Slovak cybersecurity company ESET. The attacks also involved the use of an updated version of a known OilRig […]
A recent malware campaign has been found to leverage Satacom downloader as a conduit to deploy stealthy malware capable of siphoning cryptocurrency using a rogue extension for Chromium-based browsers. “The main purpose of the malware that is dropped by the Satacom downloader is to steal BTC from the victim’s account by performing web injections into […]
ESET researchers have discovered a new downloader with a novel, not previously seen in the wild installation technique
Adobe released security updates that cover 82 vulnerabilities in various products, out of 82 vulnerabilities 45 are rated critical and the rest of the vulnerabilities rated as important and moderate. The security fix covers multiple Adobe products that include Adobe Acrobat and Reader, Adobe Experience Manager & Forms, and Adobe Download Manager. Adobe Acrobat and […]
APT32 malware has been covered here in Hackercombat recently, and we are set to update you of the latest findings from Palo Alto Networks. KerrDown, the newly developed special downloader that APT32 malware package use in order to propagate itself faster than ever before. Asia-Pacific region is the main target of the KerrDown-based APT32, also […]
Piratebay users are now being victimized by malware and phishing attack that hijacking the websites and steal the cryptocurrencies. A researcher who was trying to download a torrent from Piratebay, a torrent file drops .LNK shortcut file contained a CozyBear malware along with dangerous PowerShell commands. Piratebay is one of the worlds leading torrents site with […]
Google continues its quest to keep Android users safe by actively banning apps they think will harm its users. This time around, a batch of 22 apps was deleted by the search giant from the Google Play Store. Unfortunately, the aggregate download of the apps reached more than two million downloads prior to the takedown. […]
The downloader malware dubbed Android.DownLoader.819.origin malware found on Google play downloaded by more than 51,100 Android users. The downloader malware is capable of installing other malicious applications on the affected devices and launches them. Doctor Web security researchers found 14 copies of the malicious application distributed by Quoac developer disguised as games. The Android.DownLoader.819.origin is […]
SNMP brute force, enumeration, CISCO config downloader and password cracking script. Listens for any responses to the brute force community strings, effectively minimising wait time. Requirements metasploit snmpwalk snmpstat john the ripper Usage python snmp-brute.py -t [IP] Options–help, -h show this help message and exit–file=DICTIONARY, -f DICTIONARY Dictionary file–target=IP, -t IP Host IP–port=PORT, -p PORT […]
Although Youtube allows some of its videos to be saved offline, using any third-party services to download YouTube videos is against their terms. Youtube Terms Of Service explicitly mentions that you should not download any content unless a download button or link is shown by YouTube on the Service for that content. So, if you desire […]
The fastest and easiest way to download videos from youtube, twitter, facebook, dailymotion, soundcloud and many other sites. Thousands of websites have been submitted on 9xbuddy and supports almost every website on the internet. Instructions 1. First go to the website – 9xbuddy.com 2. Then open the website from where you want to download videos […]
You can get the sample from theZoo SHA-256: 1b893ca3b782679b1e5d1afecb75be7bcc145b5da21a30f6c18dbddc9c6de4e7 We can use behavior analysis from hybrid-analysis. Seems like there is no known protection mechanism. In the strings, there is nothing important other than this base64 encoded string: …and imports is not eloquent but there is our friend GetProcAddress: Let’s open in IDA: sub_403760 is used to get necessary Win API functions: […]
Short Bytes: BitPort is a service that allows you to download and stream torrents online. You can download torrents on BitPort’s cloud storage and view them whenever you like. It also includes features like file manager, FTP server access, etc. Video or movie torrents can also be streamed to various devices including Android, iOS, Chromecast, […]
An Iranian espionage group has been using an unsophisticated strain of malware, dubbed MacDownloader, to steal credentials and other data from Mac users. A cyber espionage group linked to the Iranian Government has been using an unsophisticated strain of malware, dubbed MacDownloader, to steal credentials and other data from Mac computers. The researchers Claudio Guarnieri and […]
We recently observed Hancitor attacks against some of our FireEye Exploit Guard customers. The malicious document used to deliver the Hancitor executable was observed being distributed as an attachment in email spam. Once downloaded and executed, it drops an intermediate payload that further downloads a Pony DLL and Vawtrak executable, which perform data theft and […]
Researchers said a new variant of the Hancitor downloader has shifted tactics and adopted new dropper strategies and obfuscation techniques on infected PCs. Researchers at Palo Alto Networks are currently tracking the biggest push of the Hancitor family of malware since June that it says has shifted away from H1N1 downloader and now distributes the Pony and Vawtrak executables. […]
A new wave of Locky malware emails have been making the rounds since yesterday — July 20, 2016 — with a critical new development, whereby the Windows executable is now embedded in JavaScript. Essentially, the attached JavaScript file has evolved from being a downloader component into becoming the actual ransomware. These JavaScript variants were detected […]
If you have recently received an unexpected email with a ZIP file attached, it could be a threat attempting to steal your banking login credentials. Its name is Waski and is detected by ESET as Win32/TrojanDownloader.Waski.
ESET LiveGrid® telemetry has indicated several new infection vectors used by Android/Simplocker. The “typical” ones revolve around internet porn, or popular games like Grand Theft Auto: San Andreas.
Malware infecting 25,000 computers, mostly in the United States, pumping out 80 million spam messages per hour? ESET researchers sinkhole to investigate Win32/TrojanDownloader.Zortob.B
Are you tired of transferring your favorite music files from your phone to your laptop or from laptop to your phone? then here is an easy solution, Use Easy mp3 Downloader app is a solution to avoid the annoying file transferring process. This app provides you freedom to play, download and search music files directly […]