Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2021-04-29 13:54:33 |
Babuk ransomware readies \'shut down\' post, plans to open source malware (lien direct) |
After just a few months of activity, the operators of Babuk ransomware briefly posted a short message about their intention to quit the extortion business after having achieved their goal. [...] |
Ransomware
Malware
|
|
|
|
2021-04-28 12:29:58 |
New stealthy Linux malware used to backdoor systems for years (lien direct) |
A recently discovered Linux malware with backdoor capabilities has flown under the radar for years, allowing attackers to harvest and exfiltrate sensitive information from compromised devices. [...] |
Malware
|
|
|
|
2021-04-28 10:38:11 |
Passwordstate hackers phish for more victims with updated malware (lien direct) |
Click Studios, the software company behind the Passwordstate enterprise password manager, is warning customers of ongoing phishing attacks targeting them with updated Moserpass malware. [...] |
Malware
|
|
|
|
2021-04-27 12:18:57 |
FBI shares 4 million email addresses used by Emotet with Have I Been Pwned (lien direct) |
Millions of email addresses collected by Emotet botnet for malware distribution campaigns have been shared by the Federal Bureau of Investigation (FBI) as part of the agency's effort to clean infected computers. [...] |
Malware
|
|
|
|
2021-04-26 15:21:46 |
Apple fixes macOS zero-day bug exploited by Shlayer malware (lien direct) |
Apple has fixed a zero-day vulnerability in macOS exploited in the wild by Shlayer malware to bypass Apple's File Quarantine, Gatekeeper, and Notarization security checks and download second-stage malicious payloads. [...] |
Malware
Vulnerability
|
|
|
|
2021-04-26 12:54:01 |
Microsoft Defender now blocks cryptojacking malware using Intel TDT (lien direct) |
Microsoft today announced that Microsoft Defender for Endpoint, the enterprise version of its Windows 10 Defender antivirus, now comes with support for blocking cryptojacking malware using Intel's silicon-based Threat Detection Technology (TDT). [...] |
Malware
Threat
|
|
|
|
2021-04-25 03:16:00 |
(Déjà vu) Emotet malware nukes itself today from all infected computers worldwide (lien direct) |
Emotet, one of the most dangerous email spam botnets in recent history, is being uninstalled today from all infected devices with the help of a malware module delivered in January by law enforcement. [...] |
Malware
|
|
|
|
2021-04-25 03:16:00 |
Emotet malware forcibly removed today by German police update (lien direct) |
Emotet, one of the most dangerous email spam botnets in recent history, is being uninstalled today from all infected devices with the help of a malware module delivered in January by law enforcement. [...] |
Malware
|
|
|
|
2021-04-24 10:36:12 |
New cryptomining malware builds an army of Windows, Linux bots (lien direct) |
A recently discovered cryptomining botnet is actively scanning for vulnerable Windows and Linux enterprise servers and infecting them with Monero (XMRig) miner and self-spreader malware payloads. [...] |
Malware
|
|
|
|
2021-04-24 09:47:12 |
Fake Microsoft DirectX 12 site pushes crypto-stealing malware (lien direct) |
Cybercriminals have created a fake Microsoft DirectX 12 download page to distribute malware that steals your cryptocurrency wallets and passwords. [...] |
Malware
|
|
|
|
2021-04-23 16:18:42 |
Passwordstate password manager hacked in supply chain attack (lien direct) |
ClickStudios, the company behind the Passwordstate password manager, notified customers that attackers compromised the app's update mechanism to deliver malware in a supply-chain attack after breaching its networks. [...] |
Malware
|
|
|
|
2021-04-23 12:25:21 |
Phishing impersonates global recruitment firm to push malware (lien direct) |
An ongoing phishing campaign is impersonating Michael Page consultants to push Ursnif data-stealing malware capable of harvesting credentials and sensitive data from infected computers. [...] |
Malware
|
|
|
|
2021-04-21 10:33:03 |
WhatsApp Pink malware can now auto-reply to your Signal, Telegram texts (lien direct) |
WhatsApp malware dubbed WhatsApp Pink has now been updated with advanced capabilities that let this counterfeit Android app automatically respond to your Signal, Telegram, Viber, and Skype messages. WhatsApp Pink refers to a counterfeit app that appeared this week, primarily targeting WhatsApp users in the Indian subcontinent. [...] |
Malware
|
|
|
|
2021-04-20 10:37:52 |
Fake Microsoft Store, Spotify sites spread info-stealing malware (lien direct) |
Attackers are promoting sites impersonating the Microsoft Store, Spotify, and an online document converter that distribute malware to steal credit cards and passwords saved in web browsers. [...] |
Malware
|
|
|
|
2021-04-19 17:07:40 |
Google Alerts continues to be a hotbed of scams and malware (lien direct) |
Google Alerts continues to be a hotbed of scams and malware that threat actors are increasingly abusing to promote malicious websites. [...] |
Malware
Threat
|
|
|
|
2021-04-16 03:41:14 |
HackBoss malware poses as hacker tools on Telegram to steal digital coins (lien direct) |
The authors of a cryptocurrency-stealing malware are distributing it over Telegram to aspiring cybercriminals under the guise of free malicious applications. [...] |
Malware
|
|
|
|
2021-04-15 14:19:20 |
Popular NFT marketplace Rarible targeted by scammers and malware (lien direct) |
Nothing attracts a scammer more than money, and with the NFT craze generating a ton of sales, threat actors are trying to capitalize on it. [...] |
Malware
Threat
|
|
|
|
2021-04-13 14:17:12 |
New Linux, macOS malware hidden in fake Browserify NPM package (lien direct) |
A new malicious package been spotted this week on the npm registry, which targets NodeJS developers using Linux and Apple macOS operating systems for its recon activities. The malicious package is called "web-browserify." It imitates the popular Browserify npm component, downloaded over 160 million times over its lifetime. [...] |
Malware
|
|
|
|
2021-04-13 11:38:23 |
QBot malware is back replacing IcedID in malspam campaigns (lien direct) |
Malware distributors are rotating payloads once again, switching between trojans that are many times an intermediary stage in a longer infection chain. [...] |
Malware
|
|
|
|
2021-04-10 15:20:21 |
Joker malware infects over 500,000 Huawei Android devices (lien direct) |
More than 500,000 Huawei users have downloaded from the company's official Android store applications infected with Joker malware that subscribes to premium mobile services. [...] |
Malware
|
|
|
|
2021-04-10 10:40:00 |
Android malware found embedded in APKPure store application (lien direct) |
Security researchers found malware embedded within the official application of APKPure, a popular third-party Android app store and an alternative to Google's official Play Store. [...] |
Malware
|
|
|
|
2021-04-09 13:55:00 |
Attackers deliver legal threats, IcedID malware via contact forms (lien direct) |
Threat actors are using legitimate corporate contact forms to send phishing emails that threaten enterprise targets with lawsuits and attempt to infect them with the IcedID info-stealing malware. [...] |
Malware
Threat
|
|
|
|
2021-04-08 09:01:17 |
North Korean hackers use new Vyveva malware to attack freighters (lien direct) |
The North Korean-backed Lazarus hacking group used new malware with backdoor capabilities dubbed Vyveva by ESET researchers in targeted attacks against a South African freight logistics company. [...] |
Malware
|
APT 38
APT 28
|
|
|
2021-04-07 11:36:59 |
Gigaset Android phones infected by malware via hacked update server (lien direct) |
Owners of Gigaset Android phones have been repeatedly infected with malware since the end of March after threat actors compromised the vendor's update server in a supply-chain attack. [...] |
Malware
Threat
|
|
|
|
2021-04-07 06:00:00 |
Android malware infects wannabe Netflix thieves via WhatsApp (lien direct) |
Newly discovered Android malware found on Google's Play Store disguised as a Netflix tool is designed to auto-spread to other devices using WhatsApp auto-replies to incoming messages. [...] |
Malware
Tool
|
|
|
|
2021-04-03 18:40:12 |
Malware attack is preventing car inspections in eight US states (lien direct) |
A malware cyberattack on emissions testing company Applus Technologies is preventing vehicle inspections in eight states, including Connecticut, Georgia, Idaho, Illinois, Massachusetts, Utah, and Wisconsin. [...] |
Malware
|
|
|
|
2021-03-31 13:05:58 |
BazarCall malware uses malicious call centers to infect victims (lien direct) |
For the past two months, security researchers have been waging an online battle against a new 'BazarCall' malware that uses call centers to distribute some of the most damaging Windows malware. [...] |
Malware
|
|
|
|
2021-03-31 12:31:49 |
Malware hidden in game cheats and mods used to target gamers (lien direct) |
Threat actors target gamers with backdoored game tweaks and cheats hiding malware capable of stealing information from their systems after infection. [...] |
Malware
Threat
|
|
|
|
2021-03-31 07:55:47 |
(Déjà vu) Fake jQuery files infect WordPress sites with malware (lien direct) |
Researchers have spotted counterfeit versions of the jQuery Migrate plugin injected on dozens of websites which contains obfuscated code to load malware. These files are named jquery-migrate.js & jquery-migrate.min.js and present at the exact locations where JavaScript files are normally present on WordPress sites but are malicious. [...] |
Malware
|
|
|
|
2021-03-31 07:55:47 |
Fake jQuery files load obfuscated malware on WordPress sites (lien direct) |
Researchers have spotted counterfeit versions of the jQuery Migrate plugin injected on dozens of websites which contains obfuscated code to load malware. These files are named jquery-migrate.js & jquery-migrate.min.js and present at the exact locations where JavaScript files are normally present on WordPress sites but are malicious. [...] |
Malware
|
|
|
|
2021-03-27 01:00:00 |
New Android malware spies on you while posing as a System Update (lien direct) |
New malware with extensive spyware capabilities steals data from infected Android devices and is designed to automatically trigger whenever new info is read to be exfiltrated. [...] |
Malware
|
|
|
|
2021-03-24 16:17:42 |
Facebook blocks Chinese state hackers targeting Uyghur activists (lien direct) |
Facebook took down accounts used by a Chinese-sponsored hacking group to deploy surveillance malware on devices used by Uyghurs activists, journalists, and dissidents living outside China. [...] |
Malware
|
|
|
|
2021-03-23 16:54:30 |
Purple Fox malware worms its way into exposed Windows systems (lien direct) |
Purple Fox, a malware previously distributed via exploit kits and phishing emails, has now added a worm module that allows it to scan for and infect Windows systems reachable over the Internet in ongoing attacks. [...] |
Malware
|
|
★★★★★
|
|
2021-03-19 09:05:00 |
Russian pleads guilty to Tesla hacking and extortion attempt (lien direct) |
Russian national Egor Igorevich Kriuchkov has pleaded guilty to recruiting a Tesla employee to plant malware designed to steal data within the network of Tesla's Nevada Gigafactory. [...] |
Malware
Guideline
|
|
|
|
2021-03-18 14:20:34 |
New CopperStealer malware steals Google, Apple, Facebook accounts (lien direct) |
Previously undocumented account-stealing malware distributed via fake software crack sites targets the users of major service providers, including Google, Facebook, Amazon, and Apple. [...] |
Malware
|
|
|
|
2021-03-18 11:58:03 |
US taxpayers targeted with RAT malware in ongoing phishing attacks (lien direct) |
US taxpayers are being targeted by phishing attacks attempting to take over their computers using malware and steal sensitive personal and financial information. [...] |
Malware
|
|
|
|
2021-03-18 10:47:22 |
New XcodeSpy malware targets iOS devs in supply-chain attack (lien direct) |
A malicious Xcode project known as XcodeSpy is targeting iOS devs in a supply-chain attack to install a macOS backdoor on the developer's computer. [...] |
Malware
|
|
|
|
2021-03-16 12:53:25 |
Mimecast: SolarWinds hackers used Sunburst malware for initial intrusion (lien direct) |
Email security company Mimecast has confirmed today that the state-sponsored SolarWinds hackers who breached its network earlier this year used the Sunburst backdoor during the initial intrusion. [...] |
Malware
|
Solardwinds
Solardwinds
|
|
|
2021-03-12 13:20:18 |
Microsoft Exchange exploits now used by cryptomining malware (lien direct) |
The operators of Lemon_Duck, a cryptomining botnet that targets enterprise networks, are now using Microsoft Exchange ProxyLogon exploits in attacks against unpatched servers. [...] |
Malware
|
|
|
|
2021-03-12 11:14:54 |
New ZHtrap botnet malware deploys honeypots to find more targets (lien direct) |
A new botnet is hunting down and transforming unpatched routers, DVRs, and UPnP network devices it takes over into honeypots that help it find other devices to infect. [...] |
Malware
|
|
|
|
2021-03-11 08:46:18 |
Chinese state hackers target Linux systems with new malware (lien direct) |
Security researchers at Intezer have discovered a previously undocumented backdoor dubbed RedXOR, with links to a Chinese-sponsored hacking group and used in ongoing attacks targeting Linux systems. [...] |
Malware
|
|
|
|
2021-03-08 15:06:34 |
Hackers hiding Supernova malware in SolarWinds Orion linked to China (lien direct) |
Intrusion activity related to the Supernova malware planted on compromised SolarWinds Orion installations exposed on the public internet points to an espionage threat actor based in China. [...] |
Malware
Threat
|
|
|
|
2021-03-08 08:55:30 |
Unpatched QNAP devices are being hacked to mine cryptocurrency (lien direct) |
Unpatched network-attached storage (NAS) devices are targeted in ongoing attacks where the attackers try to take them over and install cryptominer malware to mine for cryptocurrency. [...] |
Malware
|
|
|
|
2021-03-04 14:05:09 |
(Déjà vu) Microsoft reveals 3 new malware strains used by SolarWinds hackers (lien direct) |
Microsoft has revealed information on newly found malware the SolarWinds hackers deployed on victims' networks as second-stage payloads. [...] |
Malware
|
|
|
|
2021-03-04 14:05:09 |
Microsoft reveals new malware used by the SolarWinds hackers (lien direct) |
Microsoft has revealed information on newly found malware the SolarWinds hackers deployed on victims' networks as second-stage payloads. [...] |
Malware
|
|
|
|
2021-03-04 13:04:03 |
FireEye finds new malware likely linked to SolarWinds hackers (lien direct) |
FireEye discovered a new "sophisticated second-stage backdoor" on the servers of an organization compromised by the threat actors behind the SolarWinds supply-chain attack. [...] |
Malware
|
|
|
|
2021-03-03 18:15:09 |
CompuCom MSP confirms ongoing outage following malware incident (lien direct) |
The US managed service provider CompuCom has suffered a cyberattack leading to service outages and customers disconnecting from the MSP's network to prevent the spread of malware, BleepingComputer has learned. [...] |
Malware
Guideline
|
|
|
|
2021-03-01 13:10:49 |
Hackers use black hat SEO to push ransomware, trojans via Google (lien direct) |
The delivery system for the Gootkit information stealer has evolved into a complex and stealthy framework, which earned it the name Gootloader, and is now pushing a wider variety of malware via hacked WordPress sites and malicious SEO techniques for Google results. [...] |
Malware
|
|
|
|
2021-02-25 11:14:00 |
North Korean hackers target defense industry with custom malware (lien direct) |
A North Korean-backed hacking group has targeted the defense industry with custom backdoor malware dubbed ThreatNeedle since early 2020 with the end goal of collecting highly sensitive information. [...] |
Malware
|
|
|
|
2021-02-22 11:47:28 |
New Silver Sparrow malware infects 30,000 Macs for unknown purpose (lien direct) |
A new macOS malware known as Silver Sparrow has silently infected almost 30,000 Mac devices with malware whose purpose is a mystery. [...] |
Malware
|
|
|