Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2021-11-11 16:34:07 |
Windows 10 App Installer abused in BazarLoader malware attacks (lien direct) |
The TrickBot gang operators are now abusing the Windows 10 App Installer to deploy their BazarLoader malware on the systems of targets who fall victim to a highly targeted spam campaign. [...] |
Spam
Malware
|
|
|
|
2021-11-11 15:41:09 |
BotenaGo botnet targets millions of IoT devices with 33 exploits (lien direct) |
A new BotenaGo malware botnet has been discovered using over thirty exploits to attack millions of routers and IoT devices. [...] |
Malware
|
|
|
|
2021-11-11 02:45:34 |
Careful: \'Smart TV remote\' Android app on Google Play is malware (lien direct) |
Two Android apps sitting on the Google Play store have been found to contain malware this week. These apps are called 'Smart TV remote' and 'Halloween Coloring'. [...] |
Malware
|
|
|
|
2021-11-10 08:56:28 |
New Android malware targets Netflix, Instagram, and Twitter users (lien direct) |
A new Android malware known as MasterFred uses fake login overlays to steal the credit card information of Netflix, Instagram, and Twitter users. [...] |
Malware
|
|
|
|
2021-11-09 12:33:16 |
Iranian state hackers use upgraded malware in attacks on ISPs, telcos (lien direct) |
The Iranian state-supported APT known as 'Lyceum' (Hexane, Spilrin) targeted ISPs and telecommunication service providers in the Middle East and Africa between July and October 2021. [...] |
Malware
|
|
|
|
2021-11-03 12:29:07 |
Stealthier version of Mekotio banking trojan spotted in the wild (lien direct) |
A new version of a banking trojan known as Mekotio is being deployed in the wild, with malware analysts reporting that it's using a new, stealthier infection flow. [...] |
Malware
|
|
|
|
2021-10-29 12:20:10 |
Snake malware biting hard on 50 apps for only $25 (lien direct) |
Cybercriminals are flooding to use the Snake password-stealing trojan, making it one of the popular malware families used in attacks. [...] |
Malware
|
|
|
|
2021-10-29 12:08:44 |
Hive ransomware now encrypts Linux and FreeBSD systems (lien direct) |
The Hive ransomware gang now also encrypts Linux and FreeBSD using new malware variants specifically developed to target these platforms. [...] |
Ransomware
Malware
|
|
|
|
2021-10-28 21:17:36 |
TrickBot malware dev extradited to U.S. faces 60 years in prison (lien direct) |
A Russian national believed to be a member of the TrickBot malware development team has been extradited to the U.S. and is currently facing charges that could get him 60 years in prison. [...] |
Malware
|
|
|
|
2021-10-28 09:15:44 |
New AbstractEmu malware roots Android devices, evades detection (lien direct) |
New Android malware can root infected devices to take complete control and silently tweak system settings, as well as evade detection using code abstraction and anti-emulation checks. [...] |
Malware
|
|
|
|
2021-10-26 15:45:30 |
Spammers use Squirrelwaffle malware to drop Cobalt Strike (lien direct) |
A new malware threat named Squirrelwaffle has emerged in the wild, supporting actors with an initial foothold and a way to drop malware onto compromised systems and networks. [...] |
Malware
Threat
|
|
|
|
2021-10-22 11:14:08 |
Microsoft: WizardUpdate Mac malware adds new evasion tactics (lien direct) |
Microsoft says it found new variants of macOS malware known as WizardUpdate (also tracked as UpdateAgent or Vigram), updated to use new evasion and persistence tactics. [...] |
Malware
|
|
|
|
2021-10-21 17:10:53 |
Massive campaign uses YouTube to push password-stealing malware (lien direct) |
Widespread malware campaigns are creating YouTube videos to distribute password-stealing trojans to unsuspecting viewers. [...] |
Malware
|
|
|
|
2021-10-21 10:22:50 |
RAT malware spreading in Korea through webhards and torrents (lien direct) |
An ongoing malware distribution campaign targeting South Korea is disguising RATs (remote access trojans) as an adult game shared via webhards and torrents. [...] |
Malware
|
|
|
|
2021-10-20 11:49:39 |
Google: YouTubers\' accounts hijacked with cookie-stealing malware (lien direct) |
Google says YouTube creators have been targeted with password-stealing malware in phishing attacks coordinated by financially motivated threat actors since at least late 2019. [...] |
Malware
|
Uber
|
|
|
2021-10-18 13:28:10 |
State-backed hackers breach telcos with custom malware (lien direct) |
A previously unknown state-sponsored actor is deploying a novel toolset in attacks targeting telecommunication providers and IT firms in South Asia. [...] |
Malware
|
|
|
|
2021-10-12 04:13:49 |
Photo editor Android app STILL sitting on Google Play store is malware (lien direct) |
An Android app sitting on the Google Play store touts itself to be a photo editor app. But, it contains code that steals the user's Facebook credentials to potentially run ad campaigns on the user's behalf, with their payment information. The app has scored over 5K installs, with similar spyware apps having 500K+ installs. [...] |
Malware
|
|
|
|
2021-10-11 10:44:41 |
Huawei Cloud targeted by updated cryptomining malware (lien direct) |
A new version of a 2020 crypto-mining malware that was previously targeting Docker containers has now been spotted focusing on new cloud service providers like the Huawei Cloud. [...] |
Malware
|
|
|
|
2021-10-10 13:16:30 |
FontOnLake malware infects Linux systems via trojanized utilities (lien direct) |
A newly discovered malware family has been infecting Linux systems concealed in legitimate binaries. Dubbed FontOnLake, the threat delivers backdoor and rootkit components. [...] |
Malware
Threat
|
|
|
|
2021-10-07 13:53:05 |
FIN12 hits healthcare with quick and focused ransomware attacks (lien direct) |
While most ransomware actors spend time on the victim network looking for important data to steal, one group favors quick malware deployment against sensitive, high-value targets. [...] |
Ransomware
Malware
|
|
|
|
2021-10-06 15:42:54 |
Hackers use stealthy ShellClient malware on aerospace, telco firms (lien direct) |
Threat researchers investigating malware used to target companies in the aerospace and telecommunications sectors discovered a new threat actor that has been running cyber espionage campaigns since at least 2018. [...] |
Malware
Threat
|
|
|
|
2021-10-01 09:19:20 |
Flubot Android malware now spreads via fake security updates (lien direct) |
The Flubot malware has switched to a new and likely more effective lure to compromise Android devices, now trying to trick its victims into infecting themselves with the help of fake security updates warning them of Flubot infections. [...] |
Malware
|
|
|
|
2021-10-01 08:18:18 |
Hydra malware targets customers of Germany\'s second largest bank (lien direct) |
The Hydra banking trojan is back to targeting European e-banking platform users, and more specifically, customers of Commerzbank, Germany's second-largest financial institution. [...] |
Malware
|
|
|
|
2021-09-29 10:45:18 |
New Android malware steals millions after infecting 10M phones (lien direct) |
A large-scale malware campaign has infected more than 10 million Android devices from over 70 countries and likely stole hundreds of millions from its victims by subscribing to paid services without their knowledge. [...] |
Malware
|
|
|
|
2021-09-28 13:46:26 |
FinFisher malware hijacks Windows Boot Manager with UEFI bootkit (lien direct) |
Commercially developed FinFisher malware now can infect Windows devices using a UEFI bootkit that it injects in the Windows Boot Manager. [...] |
Malware
|
|
|
|
2021-09-27 16:03:47 |
(Déjà vu) Microsoft: Nobelium uses custom malware to backdoor Windows domains (lien direct) |
Microsoft has discovered new malware used by the Nobelium hacking group to deploy additional payloads and steal sensitive info from Active Directory Federation Services (AD FS) servers. [...] |
Malware
|
|
|
|
2021-09-27 16:03:47 |
Microsoft: Nobelium hackers backdoor AD FS servers for data theft (lien direct) |
Microsoft has discovered new malware used by the Nobelium hacking group to deploy additional payloads and harvest and exfiltrate sensitive info from Active Directory Federation Services (AD FS) servers. [...] |
Malware
|
|
|
|
2021-09-27 11:22:58 |
New malware steals Steam, Epic Games Store, and EA Origin accounts (lien direct) |
A new malware sold on dark web forums is being used by threat actors to steal accounts for multiple gaming platforms, including Steam, Epic Games Store, and EA Origin. [...] |
Malware
Threat
|
|
|
|
2021-09-23 12:24:41 |
Malware devs trick Windows validation with malformed certs (lien direct) |
Google researchers spotted malware developers creating malformed code signatures seen as valid in Windows to bypass security software. [...] |
Malware
|
|
|
|
2021-09-21 11:54:56 |
Russian state hackers use new TinyTurla malware as secondary backdoor (lien direct) |
Russian state-sponsored hackers known as the Turla APT group have been using new malware over the past year that acted as a secondary persistence method on compromised systems in the U.S., Germany, and Afghanistan. [...] |
Malware
|
|
★★★★
|
|
2021-09-16 13:33:25 |
New malware uses Windows Subsystem for Linux for stealthy attacks (lien direct) |
Security researchers have discovered malicious Linux binaries created for the Windows Subsystem for Linux (WSL), indicating that hackers are trying out new methods to compromise Windows machines. [...] |
Malware
|
|
|
|
2021-09-08 18:10:59 |
Ukrainian extradited for selling 2,000 stolen logins per week (lien direct) |
The US Department of Justice has indicted a Ukrainian man for using a malware botnet to brute force computer logon credentials and then selling them on a criminal remote access marketplace. [...] |
Malware
|
|
|
|
2021-09-06 11:24:22 |
TrickBot gang developer arrested when trying to leave Korea (lien direct) |
An alleged Russian developer for the notorious TrickBot malware gang was arrested in South Korea after attempting to leave the country. [...] |
Malware
|
|
|
|
2021-09-04 12:35:55 |
Watch out for new malware campaign\'s \'Windows 11 Alpha\' attachment (lien direct) |
Relying on a simple recipe that has proved successful time and time again, threat actors have deployed a malware campaign recently that used a Windows 11 theme to lure recipients into activating malicious code placed inside Microsoft Word documents. [...] |
Malware
Threat
|
|
|
|
2021-08-31 11:12:09 |
Cybercriminal sells tool to hide malware in AMD, NVIDIA GPUs (lien direct) |
Cybercriminals are making strides towards attacks with malware that executes code from the graphics processing unit (GPU) of a compromised system. [...] |
Malware
Tool
|
|
|
|
2021-08-27 09:30:54 |
(Déjà vu) Fake DMCA and DDoS complaints lead to BazaLoader malware (lien direct) |
Cybercriminals behind the BazaLoader malware came up with a new lure to trick website owners into opening malicious files: fake notifications about the site being engaged in distributed denial-of-service (DDoS) attacks. [...] |
Malware
|
|
|
|
2021-08-27 09:30:54 |
Fake DMCA complaints, DDoS threats lead to BazaLoader malware (lien direct) |
Cybercriminals behind the BazaLoader malware came up with a new lure to trick website owners into opening malicious files: fake notifications about the site being engaged in distributed denial-of-service (DDoS) attacks. [...] |
Malware
|
|
|
|
2021-08-25 09:00:00 |
FIN8 cybercrime gang backdoors US orgs with new Sardonic malware (lien direct) |
A financially motivated cybercrime gang has breached and backdoored the network of a US financial organization with a new malware known dubbed Sardonic by Bitdefender researchers who first spotted it. [...] |
Malware
|
|
|
|
2021-08-24 13:12:34 |
Malicious WhatsApp mod infects Android devices with malware (lien direct) |
A malicious version of the FMWhatsappWhatsApp mod delivers a Triadatrojan payload, a nasty surprise that infects their devices with additional malware, including the very hard-to-remove xHelper trojan. [...] |
Malware
|
|
|
|
2021-08-23 17:17:23 |
Phishing campaign uses UPS.com XSS vuln to distribute malware (lien direct) |
A clever UPS phishing campaign utilized an XSS vulnerability in UPS.com to push fake and malicious 'Invoice' Word documents. [...] |
Malware
Vulnerability
|
|
|
|
2021-08-17 11:00:22 |
Malware campaign uses clever \'captcha\' to bypass browser warning (lien direct) |
A malware campaign uses a clever captcha prompt to trick users into bypassing browsers warnings to download the Ursnif (aka Gozi) banking trojan. [...] |
Malware
|
|
|
|
2021-08-16 15:38:27 |
Malware dev infects own PC and data ends up on intel platform (lien direct) |
A malware developer unleashed their creation on their system to try out new features and the data ended up on a cybercrime intelligence platform, exposing a glimpse of the cybercriminal endeavor. [...] |
Malware
|
|
|
|
2021-08-16 09:06:46 |
Hackers behind Iranian wiper attacks linked to Syrian breaches (lien direct) |
Destructive attacks that targeted Iran's transport ministry and national train system were coordinated by a threat actor dubbed Indra who previously deployed wiper malware on the networks of multiple Syrian organizations. [...] |
Malware
Threat
|
|
|
|
2021-08-11 09:00:00 |
New AdLoad malware variant slips through Apple\'s XProtect defenses (lien direct) |
A new AdLoad malware variant is slipping through Apple's YARA signature-based XProtect built-in antivirus tech to infect Macs. [...] |
Malware
|
|
|
|
2021-08-09 17:43:03 |
FlyTrap malware hijacks thousands of Facebook accounts (lien direct) |
A new Android threat that researchers call FlyTrap has been hijacking Facebook accounts of users in more than 140 countries by stealing session cookies. [...] |
Malware
Threat
|
|
|
|
2021-08-09 09:12:17 |
Synology warns of malware infecting NAS devices with ransomware (lien direct) |
Taiwan-based NAS maker Synology has warned customers that the StealthWorker botnet is targeting their network-attached storage devices in ongoing brute-force attacks. [...] |
Ransomware
Malware
|
|
|
|
2021-08-05 09:57:04 |
(Déjà vu) Prometheus TDS: The $250 service behind recent malware attacks (lien direct) |
Security researchers investigating multiple malware distribution campaigns found that an underground traffic distribution service called Prometheus is responsible for delivering threats that often lead to ransomware attacks. [...] |
Ransomware
Malware
Guideline
|
|
|
|
2021-08-05 09:57:04 |
Prometheus: The $250 service behind recent malware attacks (lien direct) |
Security researchers investigating multiple malware distribution campaigns found that an underground traffic distribution service called Prometheus is responsible for delivering threats that often lead to ransomware attacks. [...] |
Ransomware
Malware
Guideline
|
|
|
|
2021-07-29 12:46:55 |
New destructive Meteor wiper malware used in Iranian railway attack (lien direct) |
A new file wiping malware called Meteor was discovered used in the recent attacks against Iran's railway system. [...] |
Malware
|
|
|
|
2021-07-28 11:15:13 |
Google Play Protect fails Android security tests once more (lien direct) |
Google Play Protect, the Android built-in malware defense system, has failed the real-world tests of antivirus testing lab AV-TEST after detecting just over two thirds out of more than 20,000 malicious apps it was pitted against. [...] |
Malware
|
|
|