Security Affairs

SEPTEMBER 27, 2020

Experts from Amnesty International uncovered a surveillance campaign that targeted Egyptian civil society organizations with a new version of FinSpy spyware. Since 2011 it was employed in attacks aimed at Human Rights Defenders (HRDs) in many countries, including Bahrain, Ethiopia, UAE, and more.

Spyware 139

Spyware Surveillance Mobile Advertising 139

SecureList

MARCH 1, 2021

The word “covid” in various combinations was typically used in the names of packages hiding spyware and banking Trojans, adware or Trojan droppers. The mobile malware Trojan-Ransom.AndroidOS.Agent.aq Last year was notable for both malware and adware, the two very close in terms of capabilities. More on that later.

Mobile 135

Mobile Malware Adware Banking 135

Malwarebytes

APRIL 11, 2023

In a recent tweet , the FBI office in Denver warned consumers against using free public charging stations, stating that criminals have managed to hijack public chargers with the objective of infecting devices with malware or other software that can give hackers access to your phone, tablet or computer.

Mobile 98

Mobile Banking Malware Spyware 98

Security Affairs

MARCH 27, 2023

A technical analysis of NullMixer malware operation revealed Italy and France are the favorite European countries from the attackers’ perspective. Executive Summary Our insights into a recent NullMixer malware operation revealed Italy and France are the favorite European countries from the opportunistic attackers’ perspective.

Malware 83

Malware Social Engineering Encryption Marketing 83

SecureList

SEPTEMBER 28, 2021

Kaspersky has been tracking deployments of this spyware since 2011. Both of them are encrypted with RC4. The Pre-Validator ensures that the victim machine is not used for malware analysis. All communications between the server are encrypted with RC4. Sample contents of the efimicrosoftbooten-us directory.

Encryption 143

Encryption Malware Spyware Architecture 143

SecureList

APRIL 27, 2021

In our initial report on Sunburst , we examined the method used by the malware to communicate with its C2 (command-and-control) server and the protocol used to upgrade victims for further exploitation. This campaign made use of a previously unknown malware family we dubbed FourteenHi.

Malware 141

Malware Spyware Government Social Engineering 141

Herjavec Group

AUGUST 26, 2021

After being released in 2003, he uses WiFi to commit attacks, program malware and steal credit card information. 2008 — Heartland Payment Systems — 134 million credit cards are exposed through SQL injection to install spyware on Heartland’s data systems. 1998-2007 — Max Butler — Max Butler hacks U.S.

Cybercrime 135

Cybercrime Computers and Electronics Banking Hacking 135