Security Affairs

SEPTEMBER 21, 2023

The recently discovered Free Download Manager (FDM) supply chain attack, which distributed Linux malware, started back in 2020. The maintainers of Free Download Manager (FDM) confirmed that the recently discovered supply chain attack dates back to 2020. org subdomain. reported Kasperksy. It’s estimated that much less than 0.1%

Malware 101

Malware Backups Software Passwords 101

Malwarebytes

FEBRUARY 27, 2024

These are “Android banking trojans,” and, according to our 2024 ThreatDown State of Malware report , Malwarebytes detected an astonishing 88,500 of them last year alone. But Google Play’s security measures frequently detect malware and prevent it from being listed. So, what’s a cybercriminal to do? What does it all mean for me?

Banking 144

Banking Passwords Accountability Malware 144

Heimadal Security

MARCH 22, 2022

The Google Play Store has seen over 100,000 downloads of malicious Android software that performs Facebook credentials theft. It seems that the application is still available for download. The post 100,000 Google Play Users Targeted by Android Password Stealing Malware appeared first on Heimdal Security Blog.

Passwords 96

Passwords Malware Software Cybersecurity 96

Security Affairs

MAY 1, 2024

A new malware named Cuttlefish targets enterprise-grade and small office/home office (SOHO) routers to harvest public cloud authentication data. The malware creates a proxy or VPN tunnel on the compromised router to exfiltrate data, and then uses stolen credentials to access targeted resources.

Malware 103

Malware DNS Authentication Telecommunications 103

Malwarebytes

MARCH 5, 2024

We’re going to let you in on a little cybersecurity secret… There’s malware on Mac computers. This mass adoption was good for Microsoft and its revenue, but it also drew and maintained the interests of cybercriminals, who would develop malware that could impact the highest number of victims. There pretty much always has been.

Malware 139

Malware Adware Ransomware Social Engineering 139

Heimadal Security

APRIL 26, 2021

Cybersecurity analyst Oliver Hough recently discovered that hackers have created a fake DirectX 12 download site to distribute malware that steals your cryptocurrency wallets and passwords. The post Fake DirectX12 Download Website Installs Crypto-Stealing Malware appeared first on Heimdal Security Blog.

Malware 73

Malware Cryptocurrency Passwords Cybersecurity 73

eSecurity Planet

NOVEMBER 29, 2022

Group-IB cybersecurity researchers recently identified several Russian-speaking cybercrime groups offering infostealing malware-as-a-service (MaaS), resulting in the theft of more than 50 million passwords thus far. Eight of the groups use Raccoon malware, 23 use Redline, and three use custom stealers. Aurora Malware.

Passwords 126

Passwords Cybercrime Malware Marketing 126

Malwarebytes

DECEMBER 1, 2021

Security researchers have discovered banking Trojan apps on the Google Play Store, and say they have been downloaded by more than 300,000 Android users. As you may know, banking Trojans are kitted for stealing banking data like your username and password, and two-factor authentication (2FA) codes that you use to login to your bank account.

Malware 125

Malware Banking Authentication Cryptocurrency 125

Bleeping Computer

OCTOBER 19, 2023

A Google Ads campaign was found pushing a fake KeePass download site that used Punycode to appear as the official domain of the KeePass password manager to distribute malware. [.]

Malware 119

Malware Password Management Passwords 119

Malwarebytes

NOVEMBER 2, 2023

At Malwarebytes we’ve been telling people for years not to reuse passwords, and that a password manager is a secure way of remembering all the passwords you need for your online accounts. But we also know that a password manager can be overwhelming, especially when you’re just getting started. Encryption.

Passwords 140

Passwords Password Management Data breaches Authentication 140

Malwarebytes

SEPTEMBER 29, 2022

It's no surprise then to see criminals continuing to abuse Zoom's popularity, in the hope of netting interested parties and, potentially, luring current users into downloading and installing malware. Malware @Zoom downloads ? Findings reveal six fake Zoom download sites, but they are no longer accessible.

Spyware 89

Spyware Malware Software Banking 89

Krebs on Security

MARCH 12, 2020

In one scheme, an interactive dashboard of Coronavirus infections and deaths produced by John Hopkins University is being used in malicious Web sites (and possibly spam emails) to spread password-stealing malware. As long as this pandemic remains front-page news, malware purveyors will continue to use it as lures to snare the unwary.

Malware 364

Malware Passwords Cybercrime Software 364

CyberSecurity Insiders

NOVEMBER 23, 2022

Now, the latest that has been published by Group-IB claims Moscow’s involvement in the password stealing of over 50 million users. Group-IB claims that many of the hackers were active members taking part in organized crime and were involved in automated scam-as-a-service campaigns spreading malware and espionage-related tools.

Passwords 127

Passwords Scams Authentication Cybercrime 127

Security Affairs

MARCH 17, 2024

The researchers noticed that all the repositories were newly created repos leading to the same download link. The researchers noticed that the users must unpack several layers of archives using the password “GIT1HUB1FREE,” which is provided in the README.md The malware exfiltrates gathered data to two Telegram channels.

Malware 108

Malware Passwords Software Hacking 108

Security Affairs

NOVEMBER 5, 2021

have been hijacked, threat actors replaced them with versions laced with password-stealing malware. have been hijacked, threat actors replaced them versions laced with password-stealing malware. Two npm libraries that have a total of 23 million weekly downloads, a data that is worrisome.

Passwords 101

Passwords Malware Accountability Hacking 101

Heimadal Security

DECEMBER 6, 2021

Malicious hackers are distributing Excel XLL files that download and install the RedLine password and information-stealing malware via website contact forms and discussion forums. The post Excel XLL Add-ins Are Pushing a Password-stealing Malware appeared first on Heimdal Security Blog. What Are XLL Files?

Passwords 76

Passwords Malware Cybersecurity 76

Hot for Security

JANUARY 29, 2021

The company believes the incident occurred on January 4, 2021, after threat actors managed to trick employees into accessing and downloading malicious software on some retail-store computers. “A few employees in retail stores were successfully scammed by unauthorized individuals and downloaded software onto a store computer.”

Data breaches 133

Data breaches Wireless Retail Malware 133

Krebs on Security

SEPTEMBER 13, 2023

USDoD claimed they grabbed the data by using passwords stolen from a Turkish airline employee who had third-party access to Airbus’ systems. So take special care when downloading software to ensure that you are in fact getting the program from the original, legitimate source whenever possible.

Cybercrime 277

Cybercrime Passwords Authentication Malware 277

Krebs on Security

JUNE 21, 2023

If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or “crypt” your malware so that it appears benign to antivirus and security products. ru , which for many years was a place to download pirated e-books. WHO RUNS CRYPTOR[.]BIZ?

Malware 212

Malware Antivirus Cybercrime Hacking 212

Malwarebytes

FEBRUARY 6, 2024

Released today, the Malwarebytes State of Malware 2024 report takes a deep dive into the latest developments in the world of cybercrime. Passwords Google and Microsoft made good on their promise to back passkeys , an encryption-based alternative to passwords that can’t be stolen, guessed, cracked, or phished.

Malware 80

Malware Passwords Identity Theft Banking 80

Krebs on Security

JUNE 1, 2023

This post is a deep dive on “ Megatraffer ,” a veteran Russian hacker who has practically cornered the underground market for malware focused code-signing certificates since 2015. More recently, it appears Megatraffer has been working with ransomware groups to help improve the stealth of their malware. WHO IS MEGATRAFFER?

Malware 234

Malware Cybercrime Software Antivirus 234

Malwarebytes

APRIL 6, 2021

In late March 2021, Malwarebytes analysts discovered a phishing email with an attached zip file containing unfamiliar malware. Upon analysis, the obfuscated PowerShell downloader initiated a chain of infection leading to a lesser-known malware called Saint Bot. It was also found in a NATO-themed campaign targeting Ukraine.

Malware 124

Malware Phishing Passwords Architecture 124

Malwarebytes

FEBRUARY 22, 2022

The researchers dubbed this malware Xenomorph because it shows similarities to another banking Trojan that is generally known as Alien. In reality this application was a Trojan dropper which contacted a remote server and downloaded one of several payloads based on certain parameters. Fast Cleaner. Domains: simpleyo5.tk

Banking 105

Banking Backups Malware Cryptocurrency 105

Security Affairs

JANUARY 4, 2023

Researchers discovered a new Linux malware developed with the shell script compiler ( shc ) that was used to deliver a cryptocurrency miner. The ASEC analysis team recently discovered that a Linux malware developed with shell script compiler ( shc ) that threat actors used to install a CoinMiner. ” continues the report.

Malware 95

Malware DDOS Cryptocurrency Firewall 95

Security Affairs

JUNE 27, 2022

The Governmental Computer Emergency Response Team of Ukraine (CERT-UA) is warning of a malware campaign targeting Ukrainian telecommunications operators with the DarkCrystal RAT. The script will download and run the.NET bootloader “MSCommondll.exe,” which in turn will download and run the malware DarkCrystal RAT.

Telecommunications 123

Telecommunications Malware Media Passwords 123

Security Affairs

AUGUST 10, 2023

Zscaler ThreatLabz researchers discovered a new information stealer malware, called Statc Stealer, that can steal a broad range of info from Windows devices. The malware can steal sensitive information from various web browsers, including login data, cookies, web data, and preferences. ” concludes the report.

Malware 88

Malware Encryption Advertising Cryptocurrency 88

Malwarebytes

APRIL 3, 2023

A new macOS malware—called MacStealer—that is capable of stealing various files, cryptocurrency wallets, and details stored in specific browsers like Firefox, Chrome, and Brave, was discovered by security researchers from Uptycs, a cybersecurity company specializing in cloud security. Users of macOS Catalina (10.5)

Malware 98

Malware Passwords Cryptocurrency Password Management 98

Security Boulevard

JANUARY 14, 2022

Picus Labs has updated the Picus Threat Library with new attack methods for Flagpro malware of BlackTech. Flagpro malware was recently discovered by NTTSecurity and the malware is attributed to BlackTech [1]. Flagpro malware was recently discovered by NTTSecurity and the malware is attributed to BlackTech [1].

Malware 119

Malware Passwords Phishing Authentication 119

Security Boulevard

MARCH 12, 2024

Attackers share malicious files disguised as Frames Per Second (FPS) optimization packages with users and, in turn, users infect their own systems with Tweaks malware.Given that 45% of Roblox users are under 13, it’s probable that the malware being circulated could extend to parents’ systems.

Malware 133

Malware Passwords Antivirus Risk 133

Malwarebytes

JANUARY 30, 2023

We have recently written about malvertising campaigns that leverage Google paid advertisements to try and trick people into downloading malware instead of the software they were looking for. This malware then stole login credentials from the affected system. Keep threats off your devices by downloading Malwarebytes today.

Password Management 68

Password Management Passwords Phishing Advertising 68

Security Affairs

DECEMBER 29, 2021

China-linked BlackTech cyberespionage group was targeting Japanese companies using new malware tracked as ‘Flagpro’. Researchers from NTT Security reported that China-linked BlackTech cyberespionage group targeted Japanese companies using new malware tracked as ‘Flagpro’. “It means that they are actively developing new malwares.

Malware 119

Malware Phishing Passwords Media 119

Malwarebytes

NOVEMBER 24, 2021

No matter which of the many accounts post up these videos, they all typically link to the same download hosting site. When free games lead to Malware. The file offered up for download is SteamKeyGeneration.rar, weighing in at 4.19MB. The.RAR is password protected, with the password being supplied in the YouTube description.

Malware 144

Malware Scams Passwords Cryptocurrency 144

Security Boulevard

JULY 28, 2022

The key observations are: Obfuscated Excel macros used to download and run the Emotet loader. Emotet is a Windows-based malware loader operated by the cybercrime group TA542 ( 1 ), also referred to as Mummy Spider ( 2 ). Emotet has been observed dropping other malware families such as Qakbot ( 5 ) and CobaltStrike ( 6 ).

Encryption 57

Encryption Malware Phishing Cybercrime 57

Security Affairs

FEBRUARY 21, 2024

Upon opening the reports, the infection process starts leading to the deployment of malware on the victim’s system. In the recent campaign, threat actors used a customized PlugX malware that includes a completed backdoor command module, the researchers named it DOPLUGS. DOPLUGS acts as a downloader and supports four backdoor commands.

Malware 115

Malware Phishing Government Passwords 115

The Hacker News

APRIL 9, 2021

A previously undocumented malware downloader has been spotted in the wild in phishing attacks to deploy credential stealers and other malicious payloads. Dubbed "Saint Bot," the malware is said to have first appeared on the scene in January 2021, with indications that it's under active development.

Malware 80

Malware Passwords Phishing 80

Malwarebytes

JANUARY 16, 2024

The university was notified by an undisclosed third party, who provided information to help the team find and identify the malware. Together, CWRU and the FBI were able to identify that an IP address with which the malware was communicating had also been used to access the alumni email account of a man called Phillip Durachinsky.

Malware 90

Malware Passwords Identity Theft Data collection 90

Malwarebytes

JANUARY 11, 2022

Some of you may even have changed your old router’s password for a brand new one. What is a Wi-Fi password? Your Wi-Fi password is how you keep your internet activities, and also your router, secure from people you don’t want to have access. Does my router have a Wi-Fi password?

Passwords 102

Passwords Internet Internet Malware 102