Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-10-28 06:00:00 |
Android malware droppers with 130K installs found on Google Play (lien direct) |
A set of Android malware droppers were found infiltrating the Google Play store to install malicious programs by pretending to be app updates. [...] |
Malware
|
|
|
|
2022-10-27 13:10:18 |
Drinik Android malware now targets users of 18 Indian banks (lien direct) |
A new version of the Drinik Android banking trojan targets 18 Indian banks, masquerading as the country's official tax management app to steal victims' personal information and banking credentials. [...] |
Malware
|
|
|
|
2022-10-25 15:02:37 |
Ukrainian charged for operating Raccoon Stealer malware service (lien direct) |
26-year-old Ukrainian national Mark Sokolovsky has been charged for his involvement in the Raccoon Stealer malware-as-a-service (MaaS) cybercrime operation. [...] |
Malware
|
|
|
|
2022-10-23 11:15:19 |
Thousands of GitHub repositories deliver fake PoC exploits with malware (lien direct) |
Researchers at the Leiden Institute of Advanced Computer Science found thousands of repositories on GitHub that offer fake proof-of-concept (PoC) exploits for various vulnerabilities, some of them including malware. [...] |
Malware
|
|
|
|
2022-10-23 10:17:34 |
Typosquat campaign mimics 27 brands to push Windows, Android malware (lien direct) |
A massive, malicious campaign is underway using over 200 typosquatting domains that impersonate twenty-seven brands to trick visitors into downloading various Windows and Android malware. [...] |
Malware
|
|
|
|
2022-10-20 16:00:37 |
Ursnif malware switches from bank account theft to initial access (lien direct) |
A new version of the Ursnif malware (a.k.a. Gozi) emerged as a generic backdoor, stripped of its typical banking trojan functionality. [...] |
Malware
|
|
|
|
2022-10-20 11:03:41 |
OldGremlin hackers use Linux ransomware to attack Russian orgs (lien direct) |
OldGremlin, one of the few ransomware groups attacking Russian corporate networks, has expanded its toolkit with file-encrypting malware for Linux machines. [...] |
Ransomware
Malware
|
|
|
|
2022-10-16 10:07:14 |
New PHP information-stealing malware targets Facebook accounts (lien direct) |
Threat analysts have spotted a new Ducktail campaign using a new infostealer variant and novel TTPs (tactics, techniques, and procedures), while the Facebook users it targets are no longer limited to holders of business accounts. [...] |
Malware
Threat
|
|
|
|
2022-10-11 05:30:00 |
Hacking group POLONIUM uses \'Creepy\' malware against Israel (lien direct) |
Security researchers reveal previously unknown malware used by the cyber espionage hacking group 'POLONIUM,' threat actors who appear to target Israeli organizations exclusively. [...] |
Malware
Threat
|
|
|
|
2022-10-10 16:24:51 |
Hackers behind IcedID malware attacks diversify delivery tactics (lien direct) |
The threat actors behind IcedID malware phishing campaigns are utilizing a wide variety of distribution methods, likely to determine what works best against different targets. [...] |
Malware
Threat
|
|
|
|
2022-10-09 15:26:40 |
(Déjà vu) Fake Solana Phantom security updates push crypto-stealing malware (lien direct) |
Hackers are airdropping NFTs to Solana cryptocurrency owners pretending to be alerts for a new Phantom security update that lead to the installation of password-stealing malware and the theft of cryptocurrency wallets. [...] |
Malware
Guideline
|
|
|
|
2022-10-09 15:26:40 |
Solana Phantom security update NFTs push password-stealing malware (lien direct) |
Hackers are airdropping NFTs to Solana cryptocurrency owners pretending to be alerts for a new Phantom security update that lead to the installation of password-stealing malware and the theft of cryptocurrency wallets. [...] |
Malware
Guideline
|
|
|
|
2022-10-05 12:01:06 |
Hundreds of Microsoft SQL servers backdoored with new malware (lien direct) |
Security researchers have found a new piece of malware targeting Microsoft SQL servers. Named Maggie, the backdoor has already infected hundreds of machines all over the world. [...] |
Malware
|
|
|
|
2022-10-05 07:00:00 |
New Android malware \'RatMilad\' can steal your data, record audio (lien direct) |
A new Android spyware named 'RatMilad' was discovered targeting mobile devices in the Middle East, used to spy on victims and steal data. [...] |
Malware
|
|
|
|
2022-10-04 19:08:56 |
(Déjà vu) Hackers stole data from US defense org using Impacket, CovalentStealer (lien direct) |
The U.S. Government today released an alert about state-backed hackers using a custom CovalentStealer malware and the Impacket framework to steal sensitive data from a U.S. organization in the Defense Industrial Base (DIB) sector. [...] |
Malware
|
|
|
|
2022-10-04 19:08:56 |
US Govt: Hackers stole data from US defense org using new malware (lien direct) |
The U.S. Government today released an alert about state-backed hackers using a custom CovalentStealer malware and the Impacket framework to steal sensitive data from a U.S. organization in the Defense Industrial Base (DIB) sector. [...] |
Malware
|
|
|
|
2022-10-03 13:58:56 |
Live support service hacked to spread malware in supply chain attack (lien direct) |
The official installer for the Comm100 Live Chat application, a widely deployed SaaS (software-as-a-service) that businesses use for customer communication and website visitors, was trojanized as part of a new supply-chain attack. [...] |
Malware
|
|
|
|
2022-09-29 17:14:07 |
Hacking group hides backdoor malware inside Windows logo image (lien direct) |
Security researchers have discovered a malicious campaign by the 'Witchetty' hacking group, which uses steganography to hide a backdoor malware in a Windows logo. [...] |
Malware
|
|
|
|
2022-09-29 09:00:18 |
New malware backdoors VMware ESXi servers to hijack virtual machines (lien direct) |
Hackers have found a new method to establish persistence on VMware ESXi hypervisors to control vCenter servers and virtual machines for Windows and Linux while avoiding detection. [...] |
Malware
|
|
|
|
2022-09-29 03:05:27 |
Upgraded Prilex Point-of-Sale malware bypasses credit card security (lien direct) |
Security analysts have observed three new versions of Prilex this year, indicating that the authors and operators of the PoS-targeting malware are back to action. [...] |
Malware
|
|
|
|
2022-09-28 11:22:22 |
New Chaos malware infects Windows, Linux devices for DDoS attacks (lien direct) |
A quickly expanding botnet called Chaos is targeting and infecting Windows and Linux devices to use them for cryptomining and launching DDoS attacks. [...] |
Malware
|
|
|
|
2022-09-27 17:08:49 |
New NullMixer dropper infects your PC with a dozen malware families (lien direct) |
A new malware dropper named 'NullMixer' is infecting Windows devices with a dozen different malware families simultaneously through fake software cracks promoted on malicious sites in Google Search results. [...] |
Malware
|
|
|
|
2022-09-27 14:55:43 |
Lazarus hackers drop macOS malware via Crypto.com job offers (lien direct) |
The North Korean Lazarus hacking group is now using fake 'Crypto.com' job offers to hack developers and artists in the crypto space, likely with a long-term goal of stealing digital assets and cryptocurrency. [...] |
Malware
Hack
|
APT 38
|
|
|
2022-09-26 15:54:17 |
New Erbium password-stealing malware spreads as game cracks, cheats (lien direct) |
The new 'Erbium' information-stealing malware is being distributed as fake cracks and cheats for popular video games to steal victims' credentials and cryptocurrency wallets. [...] |
Malware
|
|
|
|
2022-09-26 14:40:47 |
Hackers use PowerPoint files for \'mouseover\' malware delivery (lien direct) |
Hackers believed to work for Russia have started using a new code execution technique that relies on mouse movement in Microsoft PowerPoint presentations to trigger a malicious PowerShell script. [...] |
Malware
|
|
|
|
2022-09-25 11:14:27 |
Ransomware data theft tool may show a shift in extortion tactics (lien direct) |
Data exfiltration malware known as Exmatter and previously linked with the BlackMatter ransomware group is now being upgraded with data corruption functionality that may indicate a new tactic that ransomware affiliates might switch to in the future. [...] |
Ransomware
Malware
Tool
|
|
|
|
2022-09-21 13:55:49 |
Malwarebytes mistakenly blocks Google, YouTube for malware (lien direct) |
Malwarebytes has addressed a false positive that was blocking users from accessing websites and services hosted on the google.com domain, including Google search and Youtube. [...] |
Malware
|
|
|
|
2022-09-20 18:12:15 |
2K Games says hacked help desk targeted players with malware (lien direct) |
American video game publisher 2K has confirmed that its help desk platform was hacked and used to target customers with fake support tickets pushing malware via embedded links. [...] |
Malware
|
|
|
|
2022-09-20 12:13:10 |
(Déjà vu) 2K game support hacked to email RedLine info-stealing malware (lien direct) |
Hackers have compromised the support system of American video game publisher 2K and now are sending support tickets to gamers containing the RedLine password-stealing malware. [...] |
Malware
|
|
|
|
2022-09-20 12:13:10 |
Game dev 2K\'s support site hacked to push malware via fake tickets (lien direct) |
Hackers have compromised the support system of American video game publisher 2K and now are sending support tickets to gamers containing the RedLine password-stealing malware. [...] |
Malware
|
|
|
|
2022-09-19 14:50:01 |
Russian Sandworm hackers pose as Ukrainian telcos to drop malware (lien direct) |
The Russian state-sponsored hacking group known as Sandworm has been observed masquerading as telecommunication providers to target Ukrainian entities with malware. [...] |
Malware
|
|
|
|
2022-09-19 12:07:36 |
VMware, Microsoft warn of widespread Chromeloader malware attacks (lien direct) |
The operators of the Chromeloader adware are evolving their attack methods and gradually transforming the low-risk tool into a dangerous malware loader, seen dropping ransomware in some cases. [...] |
Ransomware
Malware
Tool
|
|
|
|
2022-09-17 11:17:23 |
Emotet botnet now pushes Quantum and BlackCat ransomware (lien direct) |
While monitoring the Emotet botnet's current activity, security researchers found that the malware is now being used by the Quantum and BlackCat ransomware gang to deploy their payloads. [...] |
Ransomware
Malware
|
|
|
|
2022-09-15 13:35:15 |
New malware bundle self-spreads through YouTube gaming videos (lien direct) |
A new malware bundle uses victims' YouTube channels to upload malicious video tutorials advertising fake cheats and cracks for popular video games to spread the malicious package further. [...] |
Malware
|
|
|
|
2022-09-15 10:38:02 |
Russian hackers use new info stealer malware against Ukrainian orgs (lien direct) |
Russian hackers have been targeting Ukrainian entities with previously unseen info-stealing malware during a new espionage campaign that is still active. [...] |
Malware
|
|
|
|
2022-09-15 06:00:00 |
Webworm hackers modify old malware in new attacks to evade attribution (lien direct) |
Chinese cyberespionage hackers of the 'Webworm' group are undergoing experimentation, using modified decade-old RATs (remote access trojans) in the wild. [...] |
Malware
|
|
|
|
2022-09-14 08:07:28 |
Chinese hackers create Linux version of the SideWalk Windows malware (lien direct) |
State-backed Chinese hackers have developed a Linux variant for the SideWalk backdoor used against Windows systems belonging to targets in the academic sector. [...] |
Malware
|
|
|
|
2022-09-13 11:21:48 |
Hackers breach software vendor for Magento supply-chain attacks (lien direct) |
Hackers have injected malware in multiple extensions from FishPig, a vendor of Magento-WordPress integrations that count over 200,000 downloads. [...] |
Malware
|
|
|
|
2022-09-13 06:00:00 |
Cyberspies drop new infostealer malware on govt networks in Asia (lien direct) |
Security researchers have identified new cyber-espionage activity focusing on government entities in Asia, as well as state-owned aerospace and defense firms, telecom companies, and IT organizations. [...] |
Malware
|
|
|
|
2022-09-09 10:00:00 |
Lampion malware returns in phishing attacks abusing WeTransfer (lien direct) |
The Lampion malware is being distributed in greater volumes lately, with threat actors abusing WeTransfer as part of their phishing campaigns. [...] |
Malware
Threat
|
|
|
|
2022-09-08 16:51:52 |
Bumblebee malware adds post-exploitation tool for stealthy infections (lien direct) |
A new version of the Bumblebee malware loader has been spotted in the wild, featuring a new infection chain that uses the PowerSploit framework for stealthy reflective injection of a DLL payload into memory. [...] |
Malware
Tool
|
|
|
|
2022-09-07 10:18:39 |
New Iranian hacking group APT42 deploys custom Android spyware (lien direct) |
A new Iranian state-sponsored hacking group known as APT42 has been discovered using a custom Android malware to spy on targets of interest. [...] |
Malware
|
APT 42
|
|
|
2022-09-06 16:40:11 |
Moobot botnet is coming for your unpatched D-Link router (lien direct) |
The Mirai malware botnet variant known as 'MooBot' has re-emerged in a new attack wave that started early last month, targeting vulnerable D-Link routers with a mix of old and new exploits. [...] |
Malware
|
|
|
|
2022-09-06 15:53:09 |
Minecraft is hackers\' favorite game title for hiding malware (lien direct) |
Security researchers have discovered that Minecraft is the most heavily abused game title by cybercriminals, who use it to lure unsuspecting players into installing malware. [...] |
Malware
|
|
|
|
2022-09-06 11:34:48 |
New Linux malware evades detection using multi-stage deployment (lien direct) |
A new stealthy Linux malware known as Shikitega has been discovered infecting computers and IoT devices with additional payloads. [...] |
Malware
|
|
|
|
2022-09-04 10:07:14 |
SharkBot malware sneaks back on Google Play to steal your logins (lien direct) |
A new and upgraded version of the SharkBot malware has returned to Google's Play Store, targeting banking logins of Android users through apps that have tens of thousands of installations. [...] |
Malware
|
|
|
|
2022-09-03 10:12:14 |
Malware dev open-sources CodeRAT after being exposed (lien direct) |
The source code of a remote access trojan (RAT) dubbed 'CodeRAT' has been leaked on GitHub after malware analysts confronted the developer about attacks that used the tool. [...] |
Malware
|
|
|
|
2022-09-02 14:47:17 |
Dev backdoors own malware to steal data from other hackers (lien direct) |
Cybercriminals using Prynt Stealer to collect data from victims are being swindled by the malware developer, who also receives a copy of the info over Telegram messaging service. [...] |
Malware
|
|
|
|
2022-08-30 18:08:01 |
Hackers hide malware in James Webb telescope images (lien direct) |
Threat analysts have spotted a new malware campaign dubbed 'GO#WEBBFUSCATOR' that relies on phishing emails, malicious documents, and space images from the James Webb telescope to spread malware. [...] |
Malware
Threat
|
|
|
|
2022-08-30 13:26:40 |
Chinese hackers target Australian govt with ScanBox malware (lien direct) |
China-based threat actors have been targeting Australian government agencies and wind turbine fleets in the South China Sea by directing select individuals to a fake impersonating an Australian news media outlet. [...] |
Malware
Threat
|
|
|