Security Affairs

APRIL 16, 2019

Scranos is a powerful cross-platform rootkit-enabled spyware discovered while investigating malware posing as legitimate software like video players, drivers and even anti-virus products. Browsing History Stealer Payload — This payload collects Chrome’s browsing history and sends it to the C&C in an encrypted form.

Spyware 70

Spyware Adware Malware Accountability 70

Security Affairs

SEPTEMBER 27, 2020

Google removed this week 17 Android apps from its Play Store because they were infected with the Joker (aka Bread) malware, Zscaler revealed. Security researchers from Zscaler spotter 17 apps in the Play Store that were infected with the Joker (Bread) malware. Recently, we have seen regular uploads of it onto the Google Play store.”

Malware 142

Malware Advertising Spyware Encryption 142

Security Affairs

APRIL 5, 2019

ZLab Yoroi-Cybaze dissected another attack wave of Ursnif Trojan, aka Gozi ISFB, an offspring of the original Gozi which source code was leaked in 2014. ZLab Yoroi-Cybaze dissected another attack wave of Ursnif Trojan, aka Gozi ISFB, an offspring of the original Gozi which source code was leaked in 2014. Introduction.

Banking 84

Banking Malware Cryptocurrency Advertising 84

Security Affairs

APRIL 28, 2020

The malware was an info stealer and according to the researchers, it was part of a long-term campaign, tracked as “PhantomLance” that has been active at least since December 2015. We informed Google of the malware, and it was removed from the market shortly after.” ” reads the analysis published by Kaspersky.

Malware 106

Malware Advertising Spyware Marketing 106

Security Affairs

AUGUST 23, 2019

Malware researchers at Trend Micro discovered a new variant of the Asruex Trojan that exploits old Microsoft Office and Adobe vulnerabilities to infect Windows and Mac systems. Asruex first appeared in the threat landscape 2015, researchers linked it to the spyware used by the DarkHotel APT group. EBSS section. Pierluigi Paganini.

Malware 83

Malware Spyware Advertising Encryption 83

SecureList

JUNE 7, 2021

Gootkit is complex multi-stage banking malware that was discovered for the first time by Doctor Web in 2014. In conjunction with spam campaigns, the adversaries later switched to compromised websites where the visitors are tricked into downloading the malware. Full list of VM detection techniques used by the malware: Check.

Malware 126

Malware Encryption Spyware Internet 126

Security Affairs

AUGUST 30, 2019

Threat actors used at least five unique iPhone exploit chains that allowed them to remotely jailbreak a device and deliver spyware. The spyware implant was also able to steal the database files from popular end-to-end encryption apps like Whatsapp, Telegram, and iMessage. credentials, authentication tokens, and certificates).

Spyware 88

Spyware Hacking Advertising Encryption 88

Security Affairs

OCTOBER 23, 2018

In July, the experts discovered a new sophisticated version of the AZORult Spyware that was involved in a large email campaign on July 18. ” The new variant implements a new encryption method used to protect the hardcoded C&C domain string. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Marketing 77

Marketing Cybercrime Cryptocurrency Advertising 77

Security Affairs

JULY 17, 2019

Hawkeye Keylogger” is an info-stealing malware for sale in the dark-web. Anyone can easily subscribe to the malware service by paying a fee. It has been in continuous development at least since 2013 and the malware authors behind Hawkeye have improved the malware service adding new capabilities and techniques.

Spyware 72

Spyware Malware Passwords Accountability 72

Security Affairs

SEPTEMBER 9, 2019

ESET researchers discovered a new malware associated with the Stealth Falcon APT group that abuses the Windows BITS service to stealthy exfiltrate data. Security researchers from discovered a new malware associated with the Stealth Falcon cyber espionage group that abuses the Windows BITS service to stealthy exfiltrate data.

Malware 80

Malware Advertising System Administration Spyware 80

Security Affairs

DECEMBER 30, 2019

Security experts have detected and analyzed some of the tools in its arsenals, such as the popular Pegasus spyware (for iOS) and Chrysaor (for Android). In September 2018, a report published by Citizen Lab revealed that the NSO Pegasus spyware was used against targets across 45 countries worldwide. Pierluigi Paganini.

Cybercrime 60

Cybercrime Surveillance Spyware Government 60

Security Affairs

NOVEMBER 17, 2019

Apple Mail stores parts of encrypted emails in plaintext DB. New TA2101 threat actor poses as government agencies to distribute malware. WhatsApp flaw CVE-2019-11931 could be exploited to install spyware. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

DDOS 51

DDOS Spyware Advertising Ransomware 51

Security Affairs

JUNE 18, 2020

The group was first spotted by ESET in 2018, when the experts detected a sophisticated piece of spyware, tracked as InvisiMole, used in targeted attacks in Russia and Ukraine in the previous five years. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

DNS 80

DNS Advertising Spyware Software 80

SecureList

AUGUST 15, 2022

New technique for installing fileless malware. Earlier this year, we discovered a malicious campaign that employed a new technique for installing fileless malware on target machines by injecting a shellcode directly into Windows event logs. WinDealer’s man-on-the-side spyware. Other malware. Non-mobile statistics.

Mobile 78

Mobile Ransomware Malware Encryption 78

Security Affairs

AUGUST 25, 2019

Malware Analysis Sandboxes could expose sensitive data of your organization. App tainted with Ahmyst Open-source spyware appeared on Google Play Store twice. million to allow towns to access encrypted data. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Texas attackers demand $2.5

Small Business 50

Small Business Spyware Data breaches Advertising 50

Security Affairs

SEPTEMBER 9, 2018

. “Through the use of mobile applications, those behind the attack use fake decoy content to entice their victims to download such applications, which are in fact loaded with spyware, to then collect sensitive information about them.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Surveillance 49

Surveillance Mobile Advertising Spyware 49

Security Affairs

OCTOBER 24, 2019

The Sweden government is going to authorize the use of spyware on suspects’ devices to spy on their communications and track them. “ The police are given the opportunity to read encrypted communications. From March next year, it will be legal to intercept encrypted calls in mobiles, computers and video calls.”

Spyware 52

Spyware Government Surveillance Encryption 52

Security Affairs

AUGUST 30, 2018

Security experts from Kaspersky Lab have uncovered a new strain of Android malware dubbed BusyGasper that remained hidden for two years. The BusyGasper Android spyware has been active since May 2016, it implements unusual features for this type of malware. ” reads the report published by Kaspersky.

Spyware 47

Spyware Malware Advertising Banking 47

SecureList

SEPTEMBER 28, 2021

Kaspersky has been tracking deployments of this spyware since 2011. While the MBR infection has been known since at least 2014, details on the UEFI bootkit are publicly revealed in this article for the first time. Both of them are encrypted with RC4. All communications between the server are encrypted with RC4.

Encryption 141

Encryption Malware Spyware Architecture 141

SecureList

NOVEMBER 18, 2022

Rootkits are malware implants that are installed deep in the operating system. However, on one of the infected machines, we found malware that we think is probably related to CosmicStrand. This malware creates a user named “aaaabbbb” in the operating system with local administrator rights. Other malware.

Malware 99

Malware Computers and Electronics Adware Cryptocurrency 99

Security Affairs

OCTOBER 30, 2019

In May, Facebook has patched a critical zero-day vulnerability in WhatsApp, tracked as CVE-2019-3568 , that has been exploited to remotely install spyware on phones by calling the targeted device. Today @WhatsApp is taking a stand against the dangerous use of spyware. This abuse must be stopped. ” reads the lawsuit.

Surveillance 52

Surveillance Technology Spyware Mobile 52

SecureList

APRIL 27, 2021

In our initial report on Sunburst , we examined the method used by the malware to communicate with its C2 (command-and-control) server and the protocol used to upgrade victims for further exploitation. This campaign made use of a previously unknown malware family we dubbed FourteenHi.

Malware 137

Malware Spyware Government Social Engineering 137

Security Affairs

JANUARY 10, 2021

The Cyber-attack resulted in a large volume of data to be encrypted including database servers and backup data. In December 2020, Symrise AG confirmed that they were the target of Clop Ransomware attack, when 500GB of their data from over 1000 infected devices was encrypted by cyber criminals.

Cyber Attacks 89

Cyber Attacks Government Surveillance Software 89

SecureList

AUGUST 5, 2021

In addition to various cloud-related emails, we blocked messages disguised as business correspondence and containing links to malware. WhatsApp was bought by Facebook in 2014. By following it, the recipient risks not only handing over their personal data to the attackers, but also downloading malware to their computer or phone.

Phishing 116

Phishing Banking Scams Computers and Electronics 116

Herjavec Group

AUGUST 26, 2021

After being released in 2003, he uses WiFi to commit attacks, program malware and steal credit card information. 2008 — Heartland Payment Systems — 134 million credit cards are exposed through SQL injection to install spyware on Heartland’s data systems. 1998-2007 — Max Butler — Max Butler hacks U.S. presidential election.

Cybercrime 135

Cybercrime Computers and Electronics Banking Hacking 135