Items tagged with Malware
If you are a threat actor and want to mine cryptocurrency or steal some juicy information, a gamer’s PC is a good target for that sort of thing, given the hardware and software they use. Even better yet is the PC of a game cheater because they are used to downloading sketchy software in the first place, so the barrier...
Read more...
StopCrypt ransomware is one of the most prolific yet underreported ransomware families due to its usual target of individuals rather than high-profile businesses or larger entities. We may not see this strain of ransomware in the United States as much, but it is still a threat regardless, and an evolving one at that...
Read more...
This week, researchers have reported that earlier this year, threat actors leveraged a vulnerability in Windows to deploy DarkGate malware after phishing the victim for initial access. The vulnerability tracked as CVE-2024-21412 led to users running fake Microsoft software installer (.MSI) packages that looked like...
Read more...
We've seen malware that wants to steal your files, money, or even your identity, but the new "Gold Pickaxe" mobile malware goes a step further. This nasty little piece of software is active on both Android and iOS, and it steals the victim's face. Security researchers warn the malware could be used to create deepfake...
Read more...
Right from the start, Android has allowed you to install any software you come across on the internet, provided you aren't deterred by the prominent and increasingly scary warnings. Google is testing a new tactic to prevent the spread of mobile malware, but it's somewhat more draconian than its past efforts. The new...
Read more...
Most of the time, preinstalled software on a PC can range from annoying to innocuous, with the occasional trip into "hey, this isn't so bad" territory. But sometimes, a PC can get imaged with something really nasty, causing buyers heartache well outside the norm. Such is the case with at least some AceMagic mini PCs...
Read more...
Your personal data and information are hot commodities, so much so that virtually all businesses or other entities with access are all scrambling to monitor and sell it if possible. Threat actors also know this as well, which could lead to blackmail, extortion, bank account access, or more sinister things if your personal data is breached.
Read more...
USB malware drops have been around forever, and as always, we do not recommend you randomly plug in a flash drive you find out in the wild. However, this initial access method is still working for threat actors, which is what researchers found tracking threat actor group UNC4990. Beyond the initial access, though...
Read more...
Security researchers first spotted the Chameleon Android malware this past spring. This pervasive banking trojan has now evolved to become something much more dangerous. Through a series of fake system dialogs, the malware attempts to use the Android system Accessibility service, whic effectively gives Chameleon the...
Read more...
A malware campaign originally targeting Microsoft Windows that began in July of this year is now taking aim at Apple’s macOS. Cybersecurity Researcher Ankit Anubhav shared on the Infosec Exchange instance on Mastodon that it got an update that will now push a DMG file payload when it detects an Apple user browsing...
Read more...
As it turns out, hotels, and by extension, the hospitality industry, are not the most secure organizations around despite handling personal information and credit card details. This is evident in the recent MGM Hotel breach or even further back with the 2022 social engineering of Marriott. Now, an infostealer campaign...
Read more...
While Windows is nearly ubiquitous, great for convenience and it offers a familiar end-user experience, some things are more easily done on Linux. Given this odd juxtaposition of popularity versus utility, threat actors targeting Linux are finding a target-rich environment that can still fly under the radar for the...
Read more...
The FBI and Justice Department recently announced a “multinational operation to disrupt and dismantle the malware and botnet known as Qakbot.” In what the authorities are calling one of the largest U.S.-led disruption operations, Qakbot infrastructure was accessed to tear down the network from the inside.
Qakbot...
Read more...
This month, researchers at Zimperium’s zLab reported on a means by which thousands of Android malware samples were evading detection and analysis. It is claimed that over three thousand samples use this technique, which involves tampering with the field that establishes what compression method is used for the...
Read more...
Earlier this month, researchers from Palo Alto’s Unit 42 discovered a peer-to-peer worm dubbed P2PInfect targeting Redis installations, an open-source database application used in cloud environments. While only 934 of the publicly communicating 307,000 unique Redis systems may be vulnerable, the worm may knock on the...
Read more...
Security researchers at Kaspersky are ringing the alarm bells on a trojan that's managed to infiltrate Google Play and infect well over half a million Android devices. Dubbed "Fleckpe," the malware strain has been active since last year and has been detected in eleven Android apps (so far). The good news is they've...
Read more...
A new piece of Windows malware is making the rounds, but what else is new? You never want to fall victim to a malware campaign, but this one is particularly troublesome. EvilExtractor is billed as an "all-in-one" solution for your online criminal needs. With this one tool, a threat actor can monitor keystrokes, steal...
Read more...
You probably don't go installing software and updates willy-nilly but you may know someone who does, be it a less tech savvy friend or family member. If they surf the web using Google's Chrome browser, save yourself a potential tech support headache and advise them of a malware campaign designed to dupe them into...
Read more...
The FBI just issued a warning to the public against using free public USB charging ports, such as those found at airports or malls, because they've been found to be ports of entry for malware.
A recent tweet by the FBI Denver field office advised that bad actors (i.e. people with nefarious intentions, not Steven...
Read more...
Google used to offer Nexus-branded Android phones, but now Nexus means mobile malware. Chatter about the Nexus banking botnet began appearing on hacking forums in January 2023, but security researchers from Cleafy now believe this Android malware's origins stretch back to the middle of 2022. It's already very capable...
Read more...
A highly malicious malware is infecting Intel- and M-powered Macs, stealing sensitive information such as user passwords, credit card info, and cookies.
Uptycs researchers recently uncovered a new malware that targets macOS desktop and laptops and shared details on their blog. It's called MacStealer and can infect...
Read more...
A scary malware called Emotet could be coming to an inbox near you, so beware as you file your taxes this year. If you see an email looking suspiciously like what we're about to describe, do not open it.
Major malware app developer Malwarebytes announced a new phishing attack making its rounds just as U.S...
Read more...
