2018, Hacking, Malware and Spyware - Cyber Security Informer

U.S. Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp

Security Affairs

MARCH 2, 2024

Court ordered surveillance firm NSO Group to hand over the source code for its Pegasus spyware and other products to Meta. Meta won the litigation against the Israeli spyware vendor NSO Group , a U.S. from April 29, 2018, to May 10, 2020). from April 29, 2018, to May 10, 2020).

Spyware

Spyware Surveillance Architecture Software

Pegasus spyware used to spy on a Polish mayor

Security Affairs

MARCH 3, 2023

The phone of an opposition-linked Polish mayor was infected with the powerful Pegasus spyware, local media reported. Reuters reported that the phone of an opposition-linked Polish mayor was infected with the Pegasus spyware. According to rumors, the Polish special services are using surveillance software to spy on government opponents.

Spyware

Spyware Surveillance Hacking Government

Pegasus Project – how governments use Pegasus spyware against journalists

Security Affairs

JULY 19, 2021

Pegasus Project investigation into the leak of 50,000 phone numbers of potential surveillance targets revealed the abuse of NSO Group’s spyware. Pegasus Project is the name of a large-scale investigation into the leak of 50,000 phone numbers of potential surveillance targets that revealed the abuse of NSO Group’s spyware.

Spyware

Spyware Government Surveillance Media

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Long-running surveillance campaigns target Uyghurs with BadBazaar and MOONSHINE spyware

Security Affairs

NOVEMBER 11, 2022

The threat actors behind the campaigns used two Android spyware to spy on the victims and steal sensitive information. The campaigns involved a new piece of malware called BadBazaar and new variants of the MOONSHINE surveillance software discovered by Citizen Lab in 2019 and employed in attacks against Tibetan activists. .

Surveillance

Surveillance Spyware Malware Mobile

Sextortion campaign uses Goontact spyware to target Android and iOS users

Security Affairs

DECEMBER 16, 2020

Security experts spotted a new malware strain, named Goontact, that allows its operators to spy on both Android and iOS users. Security researchers from Lookout have discovered new spyware, dubbed Goontcat, that could target both Android and iOS users. The spyware is likely used as part of a sextortion campaign.

Spyware

Spyware Mobile Surveillance Malware

Phishing attacks use an old Microsoft Office flaw to spread Agent Tesla malware

Security Affairs

DECEMBER 21, 2023

Threat actors are exploiting an old Microsoft Office vulnerability, tracked as CVE-2017-11882, to spread the Agent Tesla malware. Threat actors are exploiting an old Microsoft Office vulnerability, tracked as CVE-2017-11882 (CVSS score: 7.8), as part of phishing campaigns to spread the Agent Tesla malware.

Malware

Malware Phishing Spyware Cyber threats

APT32 state hackers target human rights defenders with spyware

Security Affairs

FEBRUARY 24, 2021

Vietnam-linked APT32 group targeted Vietnamese human rights defenders (HRDs) between February 2018 and November 2020. The threat actors used by spyware to take over the target systems, spy on the victims, and exfiltrate data. The link points to files containing spyware that could infect both Mac OS or Windows systems.

Spyware

Spyware Surveillance Government Phishing

Experts spotted two Android spyware used by Indian APT Confucius

Security Affairs

FEBRUARY 11, 2021

Lookout researchers provided details about two Android spyware families employed by an APT group tracked as Confucius. Researchers at mobile security firm Lookout have provided details about two recently discovered Android spyware families, dubbed Hornbill and SunBird, used by an APT group named Confucius.

Spyware

Spyware Surveillance Malware Mobile

Apple Security Under Scrutiny Amid Fallout from NSO Spyware Scandal

eSecurity Planet

JULY 21, 2021

Reports that the NSO Group’s Pegasus spyware was used by governments to spy on Apple iPhones used by journalists, activists, government officials and business executives is becoming a global controversy for NSO, Apple and a number of governments at the center of the scandal. Both incidents occurred in 2018. Apple Under Fire.

Spyware

Spyware Mobile Government Surveillance

Moroccan journalist targeted with network injection attacks using NSO Group ‘s spyware

Security Affairs

JUNE 22, 2020

Researchers at Amnesty International collected evidence that a Moroccan journalist was targeted with network injection attacks using NSO Group ‘s spyware. The links used in these attacks are similar to the ones detected by in June 2018 by Amnesty International in operations against an Amnesty staff member and a Saudi HRD.

Spyware

Spyware Surveillance Mobile Advertising

New FinFisher spyware used to spy on iOS and Android users in 20 countries

Security Affairs

JULY 11, 2019

Malware researchers from Kaspersky have discovered new and improved versions of the infamous FinFisher spyware used to infect both Android and iOS devices. Experts at Kaspersky have discovered a new improved variant of the FinFisher spyware used to spy on both iOS and Android users in 20 countries. Pierluigi Paganini.

Spyware

Spyware Mobile Advertising Architecture

Orcus RAT Author Charged in Malware Scheme

Krebs on Security

NOVEMBER 13, 2019

In July 2016, KrebsOnSecurity published a story identifying a Toronto man as the author of the Orcus RAT , a software product that’s been marketed on underground forums and used in countless malware attacks since its creation in 2015. This week, Canadian authorities criminally charged him with orchestrating an international malware scheme.

Malware

Malware Advertising Marketing System Administration

GravityRAT malware also targets Android and macOS

Security Affairs

OCTOBER 19, 2020

Researchers spotted new variants of the Windows GravityRAT spyware that now can also infect Android and macOS devices. Researchers from Kaspersky Lab have spotted new variants of the GravityRAT malware that now can be also used to infect Android and macOS devices.

Malware

Malware Computers and Electronics Spyware Advertising

Regin spyware involved in attack against the Russian tech giant Yandex

Security Affairs

JUNE 28, 2019

Allegedly Western nation-state actors breached the systems of Russian tech giant Yandex in 2018, the attack involved a new variant of the Regin malware. According to the Reuters, Western state-sponsored hackers breached the systems of the Russian tech giant Yandex in 2018, the attack involved a new variant of the Regin malware.

Spyware

Spyware Malware Advertising Authentication

New threat actor SandCat exploited recently patched CVE-2018-8611 0day

Security Affairs

DECEMBER 12, 2018

Experts from Kaspersky Lab reported that that the recently patched Windows kernel zero-day vulnerability ( CVE-2018-8611 ) has been exploited by several threat actors. Microsoft’s Patch Tuesday updates for December 2018 address nearly 40 flaws, including a zero-day vulnerability affecting the Windows kernel. Pierluigi Paganini.

Spyware

Spyware Advertising Accountability Malware

Google TAG argues surveillance firm RCS Labs was helped by ISPs to infect mobile users

Security Affairs

JUNE 24, 2022

Google’s Threat Analysis Group (TAG) revealed that the Italian spyware vendor RCS Labs was supported by ISPs to spy on users. The iOS app analyzed by the researchers contained the following exploits: CVE-2018-4344 internally referred to and publicly known as LightSpeed. SecurityAffairs – hacking, RCS Labs).

Surveillance

Surveillance Mobile Spyware Telecommunications

Agent Tesla includes new password-stealing capabilities from browsers and VPNs

Security Affairs

AUGUST 12, 2020

Agent Tesla is a spyware that is used to spy on the victims by collecting keystrokes, system clipboard, screenshots, and credentials from the infected system. To do this, the spyware creates different threads and timer functions in the main function. SecurityAffairs – hacking, Agent Tesla). Pierluigi Paganini.

Passwords

Passwords Spyware VPN Malware

Gulf countries came under hackers’ spotlight in 2018, with more than 130 000 payment cards compromised

Security Affairs

APRIL 8, 2019

Bahrain, 08.04.2019 – Group-IB, an international company that specializes in preventing cyberattacks , and NGN International, a global system integrator, analyzed cybersecurity landscape in Gulf countries in 2018. According to Group-IB’s annual Hi-Tech Crime Trends 2018 report, on average, from June 2017 to August 2018, the details of 1.8

Artificial Intelligence

Artificial Intelligence Government Banking Advertising

Experts observed the growth of hi-tech crime landscape in Asia in 2018

Security Affairs

MARCH 19, 2019

Security experts at Group-IB presented at Money2020 Asia the results of an interesting analysis of hi-tech crime landscape in Asia in 2018. The number of leaked cards increased in 2018 by 56%. The total underground market value of Singaporean banks’ cards compromised in 2018 is estimated at nearly $640 000.

Banking

Banking Government Passwords Marketing

Scranos – A Cross Platform, Rootkit-Enabled Spyware rapidly spreading

Security Affairs

APRIL 16, 2019

Scranos is a powerful cross-platform rootkit-enabled spyware discovered while investigating malware posing as legitimate software like video players, drivers and even anti-virus products. SecurityAffairs – scranos malware, malware). Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Spyware

Spyware Adware Malware Accountability

Russia-linked InvisiMole APT targets state organizations of Ukraine

Security Affairs

MARCH 21, 2022

Then the backdoor contacts the command-and-control (C2) server to downloads and executes other malicious payloads, including the TunnelMole, malware that abuses the DNS protocol to establish a tunnel for malicious purposes, and RC2FM and RC2CL. SecurityAffairs – hacking, InvisiMole). ” reads the advisory published by CERT-UA.

Spyware

Spyware DNS Phishing Government

Canadian Police Raid ‘Orcus RAT’ Author

Krebs on Security

APRIL 2, 2019

Canadian police last week raided the residence of a Toronto software developer behind “ Orcus RAT ,” a product that’s been marketed on underground forums and used in countless malware attacks since its creation in 2015. ” “I am not your A-typical computer geek, Brian,” he wrote in a 2018 email. “I An advertisement for Orcus RAT.

Advertising

Advertising Malware Marketing Software

CVE-2019-0797 Windows Zero-Day exploited by FruityArmor and SandCat APT Groups

Security Affairs

MARCH 13, 2019

In October 2018, FruityArmor exploited another Windows zero-day in targeted attacks aimed at entities in the Middle East. The SandCat APT was discovered by Kaspersky Lab at the end of 2018 when the group used a flaw (CVE-2018-8611) addressed with security updates released by Microsoft in December. Pierluigi Paganini.

Spyware

Spyware Advertising Government Hacking

Evilnum Group targets European and British fintech companies

Security Affairs

JULY 10, 2020

Evilnum threat actor was first spotted in 2018 while using the homonym malware. Over the years, the group added new tools to its arsenal, including custom and homemade malware along with software purchased from the Golden Chickens malware-as-a-service (MaaS) provider. SecurityAffairs – hacking, Evilnum).

eCommerce

eCommerce Advertising Malware Spyware

Syria-linked APT group SEA targets Android users with COVID19 lures

Security Affairs

APRIL 17, 2020

Syrian hackers are behind a long-running campaign that has been active since January 2018 and that targets Arabic-speaking Android users. “This campaign appears to have been active since the start of January 2018, and targets Arabic-speaking users, likely in Syria and the surrounding region.” ” continues the expert.

Surveillance

Surveillance Telecommunications Mobile Advertising

Security Affairs newsletter Round 222 – News of the week

Security Affairs

JULY 13, 2019

Croatia government agencies targeted with news SilentTrinity malware. Experts uncovered a new Magecart campaign that hacked over 960 stores. UK ICO fines British Airways £183 Million under GDPR over 2018 security breach. Kaspersky report: Malware shared by USCYBERCOM first seen in December 2016.

Data breaches

Data breaches Spyware Advertising Government

Security Affairs newsletter Round 181 – News of the week

Security Affairs

SEPTEMBER 23, 2018

EOSBet Gambling application hacked, crooks stole $200,000 worth of EOS. New XBash malware combines features from ransomware, cryptocurrency miners, botnets, and worms. NSO mobile Pegasus Spyware used in operations in 45 countries. Evolution of threat landscape for IoT devices – H1 2018. Sustes Malware: CPU for Monero.

Computers and Electronics

Computers and Electronics Cryptocurrency Spyware Data breaches

Experts detailed new StrongPity cyberespionage campaigns

Security Affairs

JULY 18, 2019

The group set up malicious sites mimicking legitimate ones to carry out watering holes to deliver tainted installers and malware. The new campaign started in the second half of 2018, attackers used once again tainted version of popular software like WinRAR to compromise victims’ systems. ” Alien Labs notes.

Malware

Malware Software Spyware Advertising

MY TAKE: 3 privacy and security habits each individual has a responsibility to embrace

The Last Watchdog

JANUARY 28, 2019

And the malware that subsequently gets installed continues to get more stealthy and capable with each advancing iteration. Researchers recently flushed out a new variety of the Xbash family of malware tuned to seek out administrators’ rights and take control of Linux servers. Apps from other sources can carry malware or spyware.

Passwords

Passwords Password Management Antivirus Internet

MY TAKE: New ‘cyberthreat index’ shows SMBs cognizant of big risks, ill-prepared to deal with them

The Last Watchdog

MAY 2, 2019

In the not-so-distant past, only elite hackers had access to high-end, cutting-edge hacking tools. Gill Today, very sophisticated tools are out there for anyone to use and are being incorporated into a wider variety of malware families. AppRiver has been tracking Eternal Blue showing up regularly in malware samples targeting SMBs.

Risk

Risk Cyber Risk Cyber threats Banking

STOP ransomware encrypts files and steals victim’s data

Security Affairs

MARCH 11, 2019

Later it was involved in many malspam attacks, but only in July 2018, the authors released a substantially updated variant. In July, the experts discovered a new sophisticated version of the AZORult Spyware that was involved in a large email campaign on July 18. SecurityAffairs – STOP ransomare , malware). Pierluigi Paganini.

Encryption

Encryption Ransomware Cryptocurrency Passwords

InvisiMole group targets military sector and diplomatic missions in Eastern Europe

Security Affairs

JUNE 18, 2020

The group was first spotted by ESET in 2018, when the experts detected a sophisticated piece of spyware, tracked as InvisiMole, used in targeted attacks in Russia and Ukraine in the previous five years. SecurityAffairs – hacking, InvisiMole). Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

DNS

DNS Advertising Spyware Software

Security Affairs newsletter Round 174 – News of the week

Security Affairs

AUGUST 4, 2018

Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal. 20% discount. Kindle Edition. Paper Copy. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Cryptocurrency

Cryptocurrency Data breaches Spyware Surveillance

Security Affairs newsletter Round 178 – News of the week

Security Affairs

SEPTEMBER 2, 2018

Stopping a big botnet targeting USA, Canada and Italy. · What Happens to Whistleblowers After They Blow the Whistle?

Spyware

Spyware Banking Data breaches Mobile

Is Your Small Business Safe Against Cyber Attacks?

CyberSecurity Insiders

MARCH 21, 2021

Back in 2018, almost two-thirds of the small businesses suffered from cyber security attacks. . Anti-virus and anti-malware . Make sure all devices and computers at your office have installed anti-virus, and anti-spyware as these are connected to the network, offering a gateway to hackers. Two-factor authentication .

Small Business

Small Business Cyber Attacks VPN Backups

The new Azorult 3.3 is available in the cybercrime underground market

Security Affairs

OCTOBER 23, 2018

Later it was involved in many malspam attacks, but only in July 2018, the authors released a substantially updated variant. In July, the experts discovered a new sophisticated version of the AZORult Spyware that was involved in a large email campaign on July 18. Securi ty Affairs – Azorult , malware). Pierluigi Paganini.

Marketing

Marketing Cybercrime Cryptocurrency Advertising

Payment data of thousands of customers of UK and US online stores could have been compromised

Security Affairs

MARCH 14, 2019

In the course of further research it was revealed that GMO JS Sniffer has presumably been collecting customer payment data since November 2018. We dubbed this JS Sniffer family GMO because the malware uses gmo[.]li Group-IB’s Threat Intelligence team discovered that GMO has been active since May 2018. li host.”.

eCommerce

eCommerce Marketing Data breaches Advertising

Top 9 Cybersecurity Challenges SMEs Currently Face

Responsible Cyber

APRIL 8, 2020

Small and mid-sized enterprises (SMEs) are increasingly at risk of cyber-attacks, and often serve as a launch pad for larger threat campaigns, according to Cisco’s 2018 SMB Cybersecurity Report. Eventually, a basic level of knowledge and awareness could mean the difference between being hacked or avoiding the risk altogether.

Cybersecurity

Cybersecurity DDOS Small Business Phishing

Technical Report of the Bezos Phone Hack

Schneier on Security

JANUARY 24, 2020

Motherboard obtained and published the technical report on the hack of Jeff Bezos's phone, which is being attributed to Saudi Arabia, specifically to Crown Prince Mohammed bin Salman.investigators set up a secure lab to examine the phone and its artifacts and spent two days poring over the device but were unable to find any malware on it.

Hacking

Hacking Spyware Backups Encryption

Cyber-Criminal espionage Operation insists on Italian Manufacturing

Security Affairs

MAY 22, 2020

The group behind this activity is the same we identified in the past malicious operations described in Roma225 (12/2018), Hagga (08/2019), Mana (09/2019), YAKKA (01/2020). As a last payload, Agent Tesla was used which collects all the functionality of the previous payloads as it is considered an info stealer and spyware.

Manufacturing

Manufacturing Malware Spyware Cyber threats

Mobile Phones of Politicians, Journalists, and members of Royal Families were targeted by Israeli Malware

CyberSecurity Insiders

JULY 18, 2021

And the post says that some hacktivists have somehow planted a spying malware on their phones respectively and are constantly spying on the targeted mobile activists. Note- The said malware could target users using Android or Apple iPhones and could spread through messaging apps such as WhatsApp and Telegram.

Mobile

Mobile Malware Spyware Surveillance

US authorities track MuddyWater Hacking Group to Iran

CyberSecurity Insiders

JANUARY 13, 2022

US Cyber Command’s Cyber National Mission Force has identified a new hacking group dubbed MuddyWater and tracked its operations to an Iranian intelligence funded company. The post US authorities track MuddyWater Hacking Group to Iran appeared first on Cybersecurity Insiders.

Hacking

Hacking Spyware DNS Surveillance

ViceLeaker Android spyware targets users in the Middle East

Security Affairs

JULY 1, 2019

Experts at Kaspersky have uncovered a spyware campaign dubbed ViceLeaker that spreads in the Middle East to spy on Android users. . Kaspersky spotted a spyware campaign, tracked as ViceLeaker, that spreads in the Middle East to steal device and communications data from Android users. . SecurityAffairs – ViceLeaker, hacking).

Spyware

Spyware Mobile Advertising Malware

Spam and phishing in 2021

SecureList

FEBRUARY 9, 2022

The most common malware family found in attachments were Agensla Trojans. We also observed a mailing last year which exploited the subject of vaccination to spread malware. SAgent malware is used at the initial stage of an attack to deliver other malware to the victim’s system. Malware families.

Phishing

Phishing Scams Accountability Banking

U.S. Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp

Pegasus spyware used to spy on a Polish mayor

Webinars

Trending Sources

Pegasus Project – how governments use Pegasus spyware against journalists

Webinars

Long-running surveillance campaigns target Uyghurs with BadBazaar and MOONSHINE spyware

Sextortion campaign uses Goontact spyware to target Android and iOS users

Phishing attacks use an old Microsoft Office flaw to spread Agent Tesla malware

APT32 state hackers target human rights defenders with spyware

Experts spotted two Android spyware used by Indian APT Confucius

Apple Security Under Scrutiny Amid Fallout from NSO Spyware Scandal

Moroccan journalist targeted with network injection attacks using NSO Group ‘s spyware

New FinFisher spyware used to spy on iOS and Android users in 20 countries

Orcus RAT Author Charged in Malware Scheme

GravityRAT malware also targets Android and macOS

Regin spyware involved in attack against the Russian tech giant Yandex

New threat actor SandCat exploited recently patched CVE-2018-8611 0day

Google TAG argues surveillance firm RCS Labs was helped by ISPs to infect mobile users

Agent Tesla includes new password-stealing capabilities from browsers and VPNs

Gulf countries came under hackers’ spotlight in 2018, with more than 130 000 payment cards compromised

Experts observed the growth of hi-tech crime landscape in Asia in 2018

Scranos – A Cross Platform, Rootkit-Enabled Spyware rapidly spreading

Russia-linked InvisiMole APT targets state organizations of Ukraine

Canadian Police Raid ‘Orcus RAT’ Author

CVE-2019-0797 Windows Zero-Day exploited by FruityArmor and SandCat APT Groups

Evilnum Group targets European and British fintech companies

Syria-linked APT group SEA targets Android users with COVID19 lures

Security Affairs newsletter Round 222 – News of the week

Security Affairs newsletter Round 181 – News of the week

Experts detailed new StrongPity cyberespionage campaigns

MY TAKE: 3 privacy and security habits each individual has a responsibility to embrace

MY TAKE: New ‘cyberthreat index’ shows SMBs cognizant of big risks, ill-prepared to deal with them

STOP ransomware encrypts files and steals victim’s data

InvisiMole group targets military sector and diplomatic missions in Eastern Europe

Security Affairs newsletter Round 174 – News of the week

Security Affairs newsletter Round 178 – News of the week

Is Your Small Business Safe Against Cyber Attacks?

The new Azorult 3.3 is available in the cybercrime underground market

Payment data of thousands of customers of UK and US online stores could have been compromised

Top 9 Cybersecurity Challenges SMEs Currently Face

Technical Report of the Bezos Phone Hack

Cyber-Criminal espionage Operation insists on Italian Manufacturing

Mobile Phones of Politicians, Journalists, and members of Royal Families were targeted by Israeli Malware

US authorities track MuddyWater Hacking Group to Iran

ViceLeaker Android spyware targets users in the Middle East

Spam and phishing in 2021

Stay Connected