New 'VietCredCare' Stealer Targeting Facebook Advertisers in Vietnam
The Hacker News
FEBRUARY 21, 2024
Facebook advertisers in Vietnam are the target of a previously unknown information stealer dubbed VietCredCare at least since August 2022.
This site uses cookies to improve your experience. By viewing our content, you are accepting the use of cookies. To help us insure we adhere to various privacy regulations, please select your country/region of residence. If you do not select a country we will assume you are from the United States. View our privacy policy and terms of use.
The Hacker News
FEBRUARY 21, 2024
Facebook advertisers in Vietnam are the target of a previously unknown information stealer dubbed VietCredCare at least since August 2022.
The Hacker News
MARCH 13, 2023
A fake ChatGPT-branded Chrome browser extension has been found to come with capabilities to hijack Facebook accounts and create rogue admin accounts, highlighting one of the different methods cyber criminals are using to distribute malware. "By
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Bleeping Computer
FEBRUARY 7, 2024
A new password-stealing malware named Ov3r_Stealer is spreading through fake job advertisements on Facebook, aiming to steal account credentials and cryptocurrency. [.]
Krebs on Security
APRIL 18, 2023
For the past seven years, a malware-based proxy service known as “ Faceless ” has sold anonymity to countless cybercriminals. For less than a dollar per day, Faceless customers can route their malicious traffic through tens of thousands of compromised systems advertised on the service. Image: spur.us.
The Hacker News
JULY 27, 2022
Facebook business and advertising accounts are at the receiving end of an ongoing campaign dubbed Ducktail designed to seize control as part of a financially driven cybercriminal operation. "The
Krebs on Security
OCTOBER 31, 2022
A 26-year-old Ukrainian man is awaiting extradition from The Netherlands to the United States on charges that he acted as a core developer for Raccoon , a popular “malware-as-a-service” offering that helped paying customers steal passwords and financial data from millions of cybercrime victims. According to the U.S. Image: USDOJ.
Security Affairs
NOVEMBER 11, 2020
?Ragnar Locker Ransomware operators have started to run Facebook advertisements to force their victims into paying the ransom. Ragnar Locker Ransomware operators are improving their extortion technique and started running Facebook advertisements to make pressure on their victims and force them to pay the ransom. 9, on Facebook. .
Security Affairs
MARCH 13, 2020
Experts discovered an Android Trojan, dubbed Cookiethief , that is able to gain root access on infected devices and hijack Facebook accounts. “We recently discovered a new strain of Android malware. “Malware could steal cookie files of any website from other apps in the same way and achieve similar results.”
Security Affairs
APRIL 29, 2023
Atomic macOS Stealer is a new information stealer targeting macOS that is advertised on Telegram for $1,000 per month. Cyble Research and Intelligence Labs (CRIL) recently discovered a Telegram channel advertising a new information-stealing malware, named Atomic macOS Stealer (AMOS). ” reads the report published by Cyble.
Krebs on Security
JUNE 1, 2023
This post is a deep dive on “ Megatraffer ,” a veteran Russian hacker who has practically cornered the underground market for malware focused code-signing certificates since 2015. More recently, it appears Megatraffer has been working with ransomware groups to help improve the stealth of their malware. account on Carder[.]su
Penetration Testing
NOVEMBER 2, 2023
Security researchers at Bitdefender have unveiled that cybercriminals are exploiting Facebook advertising to disseminate malware and usurp users’ social network accounts.
Krebs on Security
JUNE 21, 2023
If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or “crypt” your malware so that it appears benign to antivirus and security products. This story explores the history and identity behind Cryptor[.]biz WHO RUNS CRYPTOR[.]BIZ?
Krebs on Security
JANUARY 25, 2024
And by most accounts, the threat from bad ads leading to backdoored software has subsided significantly compared to a year ago. But cybercrooks are constantly figuring out ingenious ways to fly beneath Google’s anti-abuse radar, and new examples of bad ads leading to malware are still too common.
Krebs on Security
AUGUST 2, 2022
Compounding the problem, several remaining malware-based proxy services have chosen to block new registrations to avoid swamping their networks with a sudden influx of customers. com , a malware-based proxy network that has been in existence since at least 2010. Last week, a seven-year-old proxy service called 911[.]re Image: Spur.us.
The Hacker News
SEPTEMBER 4, 2023
Malicious actors associated with the Vietnamese cybercrime ecosystem are leveraging advertising-as-a-vector on social media platforms such as Meta-owned Facebook to distribute malware.
CSO Magazine
MAY 19, 2023
Cybercrime gang Lemon Group has managed to get malware known as Guerrilla preinstalled on about 8.9 The Guerilla malware can load additional payloads, intercept one-time passwords (OTPs) from SMS texts, set up a reverse proxy from the infected device, and infiltrate WhatsApp sessions.
SecureList
JUNE 15, 2023
Thus, it was inevitable that malware creators would one day begin not only to distribute malicious programs themselves, but also to sell them to less technically proficient attackers, thereby lowering the threshold for entering the cybercriminal community. A MaaS operator is typically a team consisting of several people with distinct roles.
Security Affairs
OCTOBER 10, 2020
Google improves malware protection for Google Chrome users who are covered by the company’s Advanced Protection Program (APP). Google announced an improved malware protection. Google announced an improved malware protection. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” . .
Krebs on Security
MAY 28, 2024
Department of the Treasury today unveiled sanctions against three Chinese nationals for allegedly operating 911 S5 , an online anonymity service that for many years was the easiest and cheapest way to route one’s Web traffic through malware-infected computers around the globe. ”
Security Affairs
JANUARY 4, 2024
An internet outage impacted Orange Spain after a hacker gained access to the company’s RIPE account to misconfigure BGP routing. The hacker, who uses the moniker ‘Snow’, gained access to the RIPE account of Orange Spain and misconfigured the BGP routing causing an internet outage. I have fixed your RIPE admin account security.
Malwarebytes
JULY 11, 2023
Like all social media platforms, Facebook constantly has to deal with fake accounts, scams and malware. In the past few weeks, there's been a resurgence in sponsored posts and accounts that impersonate Meta/Facebook's own Ads Manager. In early June, we identified fraudulent accounts running the same scam using similar lures.
CyberSecurity Insiders
OCTOBER 20, 2022
In February this year, Check Point researchers revealed that a new malware named ‘Ducktail’ was behind the Facebook (FB) employees who were taking care of ad campaigns and their motive was to take hold of the direct payments made to them by customers or to hijack the ad campaigns to place their advertisements.
Security Affairs
APRIL 13, 2020
Zoom accounts are flooding the dark web, over 500 hundred thousand Zoom accounts are being sold on hacker forums. Over 500 hundred thousand Zoom accounts are available for sale on the dark web and hacker forums. Sellers are advertising them for.0020 0020 cents each, in some cases they are offered for free.
Krebs on Security
MAY 5, 2021
After a user logs in, the link prompts them to install a malicious but innocuously-named app that gives the attacker persistent, password-free access to any of the user’s emails and files, both of which are then plundered to launch malware and phishing scams against others. Image: Proofpoint.
Security Affairs
SEPTEMBER 16, 2020
A threat actor is launching brute-force attacks on MSSQL servers in the attempt to access them to install a new crypto-mining malware dubbed MrbMiner. A group of hackers is launching brute-force attacks on MSSQL servers with the intent to compromise them and install crypto-mining malware dubbed MrbMiner. ” continues the analysis.
Krebs on Security
MAY 17, 2022
” The card reader Mark bought was sold by a company called Saicoo , whose sponsored Amazon listing advertises a “DOD Military USB Common Access Card (CAC) Reader” and has more than 11,700 mostly positive ratings. He said Saicoo did not address his concern that the driver package on its website was bundled with malware.
Malwarebytes
SEPTEMBER 11, 2023
Researchers have found a new method by which cybercriminals are spreading the DarkGate Loader malware. The malspam campaign used stolen email threads to lure victims into clicking a hyperlink, which downloaded the malware. Microsoft Teams has client-side protections in place to block file delivery from external tenant accounts.
Security Affairs
NOVEMBER 1, 2020
A threat actor is offering for sale account databases containing an aggregate total of 34 million user records stolen from 17 companies. A data breach broker is selling account databases containing a total of 34 million user records stolen from 17 companies. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.
Malwarebytes
APRIL 11, 2022
A credential-stealing Windows-based malware, Spyware.FFDroider , is after social media credentials and cookies, according to researchers at ThreatLabz. The malware also plans to steal saved VPN/dial up credentials from the AppdataMicrosoftNetworkConnectionsPbkrasphone.pbk and Pbkrasphone.pbk phonebooks if present. Social media.
Security Affairs
APRIL 14, 2024
The RAT allowed customers to access and control their victims’ computers remotely, its author advertised its stealing capabilities. He is accused of advertising and selling the Hive remote access trojan (RAT) on the “Hack Forums” website. . ” reported the DoJ. ” continues DoJ.
Security Affairs
OCTOBER 3, 2020
Facebook shared details about a long-running ad-fraud campaign that’s been ongoing since 2016 targeting Facebook users with SilentFade malware. The social network giant revealed that malware has a Chinese origin and allowed hackers to siphon $4 million from users’ advertising accounts. ” continues the paper. “The
SecureList
FEBRUARY 27, 2023
Kaspersky mobile cyberthreat detection dynamics in 2020–2022 ( download ) Cybercriminals continued to use legitimate channels to spread malware. The spread of malware through Google Play continued as well. Harly malware programs were downloaded a total of 2.6 These secretly signed users up for paid services. percentage points.
Security Affairs
MAY 5, 2020
GoDaddy has been notifying its customers of a data breach, threat actors might have compromised their web hosting account credentials. GoDaddy has been notifying its customers of a data breach, attackers might have compromised users’ web hosting account credentials. ” reads the data breach notice submitted by the company.
Security Affairs
AUGUST 17, 2020
The Treasury Board of Canada Secretariat confirmed that thousands of user accounts for online Canadian government services were recently hacked. According to a press release issued by the Treasury Board of Canada Secretariat, thousands of user accounts for online government services were recently hacked. ” reported CBA.
Security Affairs
OCTOBER 18, 2020
Multiple members of QQAAZZ multinational cybercriminal gang were charged for providing money-laundering services to high-profile malware operations. According to law enforcement bodies, the gang provides services to multiple malware operations, including Dridex , GozNym , and Trickbot. ” . ” states the DoJ.
Security Affairs
OCTOBER 1, 2020
Twitter removed around 130 Iranian accounts for attempting to disrupt the public recent US Presidential Debate. The social media giant Twitter announced to have removed around 130 Iranian Twitter accounts that attempted to disrupt the public conversation during the recent first Presidential Debate for the US 2020 Presidential Election.
Krebs on Security
APRIL 19, 2019
Marcus Hutchins, a 24-year-old blogger and malware researcher arrested in 2017 for allegedly authoring and selling malware designed to steal online banking credentials, has pleaded guilty to criminal charges of conspiracy and to making, selling or advertising illegal wiretapping devices. The plea agreement is here (PDF).
CyberSecurity Insiders
DECEMBER 15, 2022
Dubbed as MoneyMonger, the said android malware has the potential to steal contact details from social media accounts, only to tarnish the image of the user, if in case, he/she fail to oblige their demands. Usually, this malware is found in circulation through third party app stores and via social engineering attacks.
Malwarebytes
MAY 2, 2024
You’ll have to click on the three dots (in front of where we added malicious ad) and look at the advertiser information to see that it’s not the legitimate owner of the brand. Only then it becomes apparent that the real advertiser is not CNN, but instead a company called Yojoy Network Technology Co., Scan your computer for malware.
Security Affairs
SEPTEMBER 27, 2021
Researchers spotted a new malware, dubbed BloodyStealer, that could allow stealing accounts for multiple gaming platforms. Stolen data are later sold by the operators in underground marketplaces, gaming accounts are in demand in the cybercrime ecosystem. ” reads the analysis published by Kaspersky.
Security Affairs
MAY 13, 2020
The United States Cyber Command (USCYBERCOM) has uploaded five new North Korean malware samples to VirusTotal. The United States Cyber Command (USCYBERCOM) has shared five new malware samples attributed to the North Korea-linked Lazarus APT , it has uploaded the malicious code to VirusTotal. ” reads the DHS CISA’s advisory.
eSecurity Planet
OCTOBER 26, 2023
Antivirus programs and firewalls are pretty good at catching malware before it can infect devices, but occasionally malware can slip through defenses, endangering personal and financial information. We’ll go over malware removal tools and steps, and offer some tips to keep your devices from getting reinfected.
Security Affairs
MARCH 10, 2023
A new version of the Xenomorph Android malware includes a new automated transfer system framework and targets 400 banks. The author of the Xenomorph Android malware, the Hadoken Security Group, continues to improve their malicious code. Experts warn that a new variant recently discovered, tracked as Xenomorph.C,
Security Affairs
SEPTEMBER 18, 2020
Security researchers discovered Android malware capable of bypassing 2FA that was developed by an Iran-linked group dubbed Rampant Kitten. Security researchers from Check Point discovered an Android malware, developed by an Iran-linked group dubbed Rampant Kitten, that is able to bypass 2FA. Pierluigi Paganini.
Expert insights. Personalized for you.
We have resent the email to
Are you sure you want to cancel your subscriptions?
Let's personalize your content