A “multi-faceted campaign” has been observed abusing legitimate services like GitHub and FileZilla to deliver an array of stealer malware and banking trojans such as Atomic (aka AMOS), Vidar, Lumma (aka LummaC2), and Octo by impersonating credible software like 1Password, Bartender 5, and Pixelmator Pro. “The presence of multiple malware variants suggests a broad cross-platform […]
Cyber criminals have utilized cryptocurrency exchanges like Binance for money laundering due to the pseudonymous nature of digital currencies. Here’s a general overview of how they might do this: Obtaining Cryptocurrency through Illicit Means: Cyber criminals may acquire cryptocurrencies like Bitcoin through illegal activities such as hacking, ransomware attacks, online scams, or dark web transactions. […]
A new malware campaign has been observed making use of malicious OpenBullet configuration files to target inexperienced cyber criminals with the goal of delivering a remote access trojan (RAT) capable of stealing sensitive information. Bot mitigation company Kasada said the activity is designed to “exploit trusted criminal networks,” describing it as an instance of advanced […]
Sysdig, a company that specializes in cybersecurity intelligence, uncovered a sophisticated hacking operation known as Scarleteel in February. Since then, Scarleteel has refined both its infection and exfiltration techniques and moved into phase two. Recent operations by Scarleteel have targeted settings such as AWS Fargate and Kubernetes, which indicates a clear shift from just crypto […]
EvilExtractor is an attack tool that is meant to target Windows operating systems to extract data and files from endpoint devices. EvilExtractor is also occasionally written Evil Extractor. It comes with a number of modules, all of which operate over an FTP service. It was created by a firm known as Kodex, and according to […]
At the end of November 2022, OpenAI announced the introduction of ChatGPT, the new interface for its Large Language Model (LLM), which immediately sparked a surge of interest in artificial intelligence (AI) and the many applications that it may have. However, ChatGPT has also given some spice to the present landscape of cyber threats, as […]
A nascent Go-based malware known as Aurora Stealer is being increasingly deployed as part of multiple campaigns designed to steal sensitive information from compromised hosts. “These infection chains leveraged phishing pages impersonating download pages of legitimate software, including cryptocurrency wallets or remote access tools, and the 911 method making use of YouTube videos and SEO-poised […]
Following a hack, one of the biggest and most sophisticated telescopes in the world had to halt operations. A attack on its computer systems this weekend led the Atacama Large Millimeter/submillimeter Array (ALMA), located in the Atacama Desert of northern Chile, to halt activities and lock down its website. Due to the fact that low […]
In a coordinated operation on October 10 throughout the three nations, 31 people were detained. A total of 22 addresses were raided, and illicit assets worth over EUR 1 098 500 were recovered. The French authorities, working with their Spanish and Latvian counterparts, busted a car theft ring that utilized counterfeit software to steal automobiles […]
A recently discovered malware builder called Quantum Builder is being used to deliver the Agent Tesla remote access trojan (RAT). “This campaign features enhancements and a shift toward LNK (Windows shortcut) files when compared to similar attacks in the past,” Zscaler ThreatLabz researchers Niraj Shivtarkar and Avinash Kumar said in a Tuesday write-up. Sold on […]
A 24-year-old Australian national has been charged for his purported role in the creation and sale of spyware for use by domestic violence perpetrators and child sex offenders. Jacob Wayne John Keen, who currently resides at Frankston, Melbourne, is said to have created the remote access trojan (RAT) when he was 15, while also administering […]
Threat actors are increasingly abusing Internet Information Services (IIS) extensions to backdoor servers as a means of establishing a “durable persistence mechanism.” That’s according to a new warning from the Microsoft 365 Defender Research Team, which said that “IIS backdoors are also harder to detect since they mostly reside in the same directories as legitimate […]
One of the attack methods that hackers can use is a simple Word document that they send in the mail. They use macros that are capable of executing the malicious payload and infecting a system, stealing information, etc. Microsoft has had second thoughts about what to do with macros. Now it looks like it’s back […]
Microsoft has surprised key parts of the security community with its decision to quietly reverse course and allow untrusted macros to open by default in Word and other Office applications. In February, software developer announced significant changes it said were introduced to combat the growing scourge of ransomware and other malware attacks. From now on, […]
Credential abuse is something that happens only to CEOs or very rich people or employees of fortune 500 companies right? Nope. It’s everywhere, and your compromised passwords and usernames are enabling all kinds of cyber criminals to perform all kinds of account takeover (ATO) attacks. 24,649,096,027 account usernames and passwords have been leaked by cyber-threat […]
A businessman nearly lost $6 million to hackers, but one word saved his fortune from falling into accounts of hackers and disappearing forever. The victim was in the final stages of a multi-million dollar property deal when cybercriminals managed to hijack the email address of the other party involved in the deal. They then changed […]
Cybersecurity researchers have detailed the workings of a fully-featured malware loader dubbed PureCrypter that’s being purchased by cyber criminals to deliver remote access trojans (RATs) and information stealers. “The loader is a .NET executable obfuscated with SmartAssembly and makes use of compression, encryption, and obfuscation to evade antivirus software products,” Zscaler’s Romain Dumont said in […]
Microsoft has developed multiple protection mechanisms against some popular hacking variants, including the malicious use of macros. Sometimes, threat actors send Office files in which affected users must enable macros to complete the attack, triggering malware download, information theft, and even remote access. Despite protection mechanisms (such as the bar indicating the disabling of macros), […]
At the end of 2021, the Non-Fungible Token (NFT) projects Monkey Kingdom and Fractal were targeted by the same hacking variant, in which electronic fraud was made possible by the abuse of Discord servers associated with these projects. According to the report published by The Verge, in the official channels of these projects suddenly appeared […]
Authorities in India arrested three individuals accused of participating in a fraudulent operation in order to cheat on the presentation of an exam to obtain certifications from Cisco, E-Council and CompTIA. Those arrested include an engineer who used to work for Delhi. According to the report, online certifications are being offered by a large number […]
In a security report, Microsoft detailed the finding of a critical vulnerability in macOS whose successful exploitation would allow threat actors to evade the System Integrity Protection (SIP) mechanism and deploy all kinds of attacks, such as performing privilege escalations and installing rootkits. SIP, also known as Rootless, is a security feature in macOS that […]