Search Results for “Malware” – Page 8

Malware

Aug 15, 2023

Malware Unleashed: Public Sector Hit in Sudden Surge, Reveals New Report

The just-released BlackBerry Global Threat Intelligence Report reveals a 40% increase in cyberattacks against government and public service organizations versus the previous quarter. This includes public transit, utilities, schools, and other government services we rely on daily. With limited resources and often immature cyber defense programs, these publicly funded organizations are struggling against the double-pronged […]

root

Malware

Aug 14, 2023

New Financial Malware ‘JanelaRAT’ Targets Latin American Users

Users in Latin America (LATAM) are the target of a financial malware called JanelaRAT that’s capable of capturing sensitive information from compromised Microsoft Windows systems. “JanelaRAT mainly targets financial and cryptocurrency data from LATAM bank and financial institutions,” Zscaler ThreatLabz researchers Gaetano Pellegrino and Sudeep Singh said, adding it “abuses DLL side-loading techniques from legitimate […]

root

Malware

Aug 11, 2023

New SystemBC Malware Variant Targets Southern African Power Company

An unknown threat actor has been linked to a cyber attack on a power generation company in southern Africa with a new variant of the SystemBC malware called DroxiDat as a precursor to a suspected ransomware attack. “The proxy-capable backdoor was deployed alongside Cobalt Strike Beacons in a south African nation’s critical infrastructure,” Kurt Baumgartner, […]

root

Malware

Aug 10, 2023

New Attack Alert: Freeze[.]rs Injector Weaponized for XWorm Malware Attacks

Malicious actors are using a legitimate Rust-based injector called Freeze[.]rs to deploy a commodity malware called XWorm in victim environments. The novel attack chain, detected by Fortinet FortiGuard Labs on July 13, 2023, is initiated via a phishing email containing a booby-trapped PDF file. It has also been used to introduce Remcos RAT by means […]

root

Ransomware

Aug 10, 2023

TargetCompany Ransomware Deploy Fully Undetectable Malware on SQL Server

The TargetCompany ransomware (aka Mallox, Fargo, and Tohnichi) is actively targeting the organizations that are using or running vulnerable SQL servers. Apart from this, recently, the TargetCompany ransomware unveiled a new variant of malware along with several malicious tools for persistence and covert operations that are gaining traction rapidly. Cybersecurity researchers at Trend Micro discovered […]

root

Malware

Aug 08, 2023

QakBot Malware Operators Expand C2 Network with 15 New Servers

The operators associated with the QakBot (aka QBot) malware have set up 15 new command-and-control (C2) servers as of late June 2023. The findings are a continuation of the malware’s infrastructure analysis from Team Cymru, and arrive a little over two months after Lumen Black Lotus Labs revealed that 25% of its C2 servers are […]

root

Malware

Aug 07, 2023

New Malware Campaign Targets Inexperienced Cyber Criminals with OpenBullet Configs

A new malware campaign has been observed making use of malicious OpenBullet configuration files to target inexperienced cyber criminals with the goal of delivering a remote access trojan (RAT) capable of stealing sensitive information. Bot mitigation company Kasada said the activity is designed to “exploit trusted criminal networks,” describing it as an instance of advanced […]

root

Malware

Aug 07, 2023

New SkidMap Linux Malware Variant Targeting Vulnerable Redis Servers

Vulnerable Redis services have been targeted by a “new, improved, dangerous” variant of a malware called SkidMap that’s engineered to target a wide range of Linux distributions. “The malicious nature of this malware is to adapt to the system on which it is executed,” Trustwave security researcher Radoslaw Zdonczyk said in an analysis published last […]

root

Malware

Aug 05, 2023

Reptile Rootkit: Advanced Linux Malware Targeting South Korean Systems

Threat actors are using an open-source rootkit called Reptile to target Linux systems in South Korea. “Unlike other rootkit malware that typically only provide concealment capabilities, Reptile goes a step further by offering a reverse shell, allowing threat actors to easily take control of systems,” the AhnLab Security Emergency Response Center (ASEC) said in a […]

root

Malware

Aug 01, 2023

Weaponized Excel, OneNote, or PDF Attachments Deliver New WikiLoader Malware

The Italian organizations, including tax agencies, were targeted by a new malware downloader delivering banking Trojan. The new loader malware is presently undergoing active development, employing a diverse array of sophisticated mechanisms to evade detection effectively. This new loader malware was identified by Proofpoint researchers, and they dubbed it “WikiLoader.” This malware was linked to […]

root

Malware

Jul 31, 2023

New Android Malware Uses Optical Character Recognition to Steal Login Credentials

A new Android malware strain uses OCR (Optical Character Recognition) techniques to extract sensitive data from pictures. This new Android malware strain is dubbed “CherryBlos,” and along with this malware strain, another malware was also discovered that is dubbed “FakeTrade.” Cybersecurity researchers at Trend Micro discovered the new malware strains with shared network infrastructure and […]

root

Malware

Jul 29, 2023

New Android Malware CherryBlos Utilizing OCR to Steal Sensitive Data

A new Android malware strain called CherryBlos has been observed making use of optical character recognition (OCR) techniques to gather sensitive data stored in pictures. CherryBlos, per Trend Micro, is distributed via bogus posts on social media platforms and comes with capabilities to steal cryptocurrency wallet-related credentials and act as a clipper to substitute wallet […]

root

Malware

Jul 28, 2023

IcedID Malware Adapts and Expands Threat with Updated BackConnect Module

The threat actors linked to the malware loader known as IcedID have made updates to the BackConnect (BC) module that’s used for post-compromise activity on hacked systems, new findings from Team Cymru reveal. IcedID, also called BokBot, is a strain of malware similar to Emotet and QakBot that started off as a banking trojan in […]

root

Malware

Jul 27, 2023

PDF Malware Distribution Has Increased by 500%, as Reported by VirusTotal

A new edition of the “VirusTotal Malware Trends Report” series, which focuses mostly on “Emerging Formats and Delivery Techniques,” has been published by VirusTotal to understand the nature of malicious attacks better. A representative subset of user submissions from January 2021 through the end of June 2023 was utilized for creating all the data in […]

root

Malware

Jul 27, 2023

Rust Infostealer Malware Attacks macOS Sonoma Ahead of Public Release

Based on recent reports, it was discovered that there has been info stealer malware that affects both Windows and macOS platforms. The malware can steal crypto wallets, passwords, and browser data. This new variant of malware is found to be written in Rust programming language, which was named “realst.” The analysis stated that this malware […]

root

Malware

Jul 25, 2023

Casbaneiro Banking Malware Goes Under the Radar with UAC Bypass Technique

The financially motivated threat actors behind the Casbaneiro banking malware family have been observed making use of a User Account Control (UAC) bypass technique to gain full administrative privileges on a machine, a sign that the threat actor is evolving their tactics to avoid detection and execute malicious code on compromised assets. “They are still […]

root

Malware

Jul 21, 2023

HotRat: New Variant of AsyncRAT Malware Spreading Through Pirated Software

A new variant of AsyncRAT malware dubbed HotRat is being distributed via free, pirated versions of popular software and utilities such as video games, image and sound editing software, and Microsoft Office. “HotRat malware equips attackers with a wide array of capabilities, such as stealing login credentials, cryptocurrency wallets, screen capturing, keylogging, installing more malware, […]

root

Malware

Jul 21, 2023

Sophisticated BundleBot Malware Disguised as Google AI Chatbot and Utilities

A new malware strain known as BundleBot has been stealthily operating under the radar by taking advantage of .NET single-file deployment techniques, enabling threat actors to capture sensitive information from compromised hosts. “BundleBot is abusing the dotnet bundle (single-file), self-contained format that results in very low or no static detection at all,” Check Point said […]

root

Malware

Jul 17, 2023

Cybercriminals Exploit Microsoft Word Vulnerabilities to Deploy LokiBot Malware

Microsoft Word documents exploiting known remote code execution flaws are being used as phishing lures to drop malware called LokiBot on compromised systems. “LokiBot, also known as Loki PWS, has been a well-known information-stealing Trojan active since 2015,” Fortinet FortiGuard Labs researcher Cara Lin said. “It primarily targets Windows systems and aims to gather sensitive […]

root

Malware

Jul 13, 2023

This free UEFI malware code can hack Windows machine forever, even if hard disk is removed

The Blacklotus bootkit was developed expressly for Windows, and it first appeared on hacker forums in October of the previous year. It was described as having APT-level capabilities, including the ability to circumvent secure boot and user access control (UAC), as well as the capacity to deactivate security software and defensive mechanisms on victim computers. […]

root

Malware

Jul 13, 2023

PicassoLoader Malware Used in Ongoing Attacks on Ukraine and Poland

Government entities, military organizations, and civilian users in Ukraine and Poland have been targeted as part of a series of campaigns designed to steal sensitive data and gain persistent remote access to the infected systems. The intrusion set, which stretches from April 2022 to July 2023, leverages phishing lures and decoy documents to deploy a […]

root