Government, Hacking and Malware - Cyber Security Informer

US Government Exposes North Korean Malware

Schneier on Security

MAY 14, 2020

US Cyber Command has uploaded North Korean malware samples to the VirusTotal aggregation repository, adding to the malware samples it uploaded in February. It's interesting to see the US government take a more aggressive stance on foreign malware.

Government

Government Malware Antivirus Cryptocurrency

U.S. Hacks QakBot, Quietly Removes Botnet Infections

Krebs on Security

AUGUST 29, 2023

government today announced a coordinated crackdown against QakBot , a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. Qakbot/Qbot was once again the top malware loader observed in the wild in the first six months of 2023.

Hacking

Hacking Malware Ransomware Government

Security Risks of Government Hacking

Schneier on Security

SEPTEMBER 13, 2018

Some of us -- myself included -- have proposed lawful government hacking as an alternative to backdoors. A new report from the Center of Internet and Society looks at the security risks of allowing government hacking. This is the canonical lawful hacking paper.

Government

Government Hacking Risk Surveillance

Iranian Government Hacking Android

Schneier on Security

SEPTEMBER 24, 2020

The hackers also have created malware disguised as Android applications, the reports said. Both are popular messaging tools in Iran. It looks like the standard technique of getting the victim to open a document or application.

Government

Government Hacking Mobile Encryption

IcedID Malware Is Being Used in a New Hacking Campaign Targeting the Ukrainian Government

Heimadal Security

APRIL 18, 2022

A warning about a new wave of social engineering cyberattacks that distribute the IcedID malware and employ Zimbra exploits for sensitive data theft purposes has been recently issued by the Computer Emergency Response Team of Ukraine (CERT-UA).

Government

Government Social Engineering Malware Hacking

Details on Uzbekistan Government Malware: SandCat

Schneier on Security

OCTOBER 11, 2019

Kaspersky has uncovered an Uzbeki hacking operation, mostly due to incompetence on the part of the government hackers.

Government

Government Malware Antivirus Hacking

Ukrainian Government Hacked Through Malicious Windows ISO Files

Heimadal Security

DECEMBER 16, 2022

Ukrainian government networks were infected via trojanized ISO files posing as legitimate Windows 10 installers and several governmental institutions were hacked. Threat actors used malware to collect data from their victims, deploy additional malicious tools, and exfiltrate stolen data to controlled servers.

Government

Government Hacking Malware Cybersecurity

FireEye Hacked

Schneier on Security

DECEMBER 9, 2020

FireEye was hacked by — they believe — “a nation with top-tier offensive capabilities”: During our investigation to date, we have found that the attacker targeted and accessed certain Red Team assessment tools that we use to test our customers’ security. government builds purpose-made digital weapons.

Hacking

Hacking Government Cyber threats Malware

Russian hacking group uses new stealthy Ceeloader malware

Bleeping Computer

DECEMBER 6, 2021

The Nobelium hacking group continues to breach government and enterprise networks worldwide by targeting their cloud and managed service providers and using a new custom "Ceeloader" malware. [.].

Hacking

Hacking Malware Government

Raspberry Robin malware used in attacks against Telecom and Governments

Security Affairs

DECEMBER 24, 2022

The Raspberry Robin worm attacks aimed at telecommunications and government office systems across Latin America, Australia, and Europe. Researchers from Trend Micro have uncovered a Raspberry Robin worm campaign targeting telecommunications and government office systems across Latin America, Australia, and Europe. exe, and rundll32.exe.

Government

Government Malware Telecommunications Cybercrime

North Korea ATM Hack

Schneier on Security

SEPTEMBER 1, 2020

government partners, CISA, Treasury, FBI, and USCYBERCOM identified malware and indicators of compromise (IOCs) used by the North Korean government in an automated teller machine (ATM) cash-out scheme -- referred to by the U.S. Government as "FASTCash 2.0: Cyber Command (USCYBERCOM). Working with U.S. Working with U.S.

Hacking

Hacking Banking Government Malware

UNC4841 threat actors hacked US government email servers exploiting Barracuda ESG flaw

Security Affairs

AUGUST 29, 2023

China-linked threat actors breached government organizations worldwide with attacks exploiting Barracuda ESG zero-day. Barracuda, with the support of Mandiant, discovered the issue was exploited to deploy malware on a subset of appliances allowing for persistent backdoor access. reads the report published by Mandiant.

Government

Government Hacking Malware Accountability

US Citizen Hacked by Spyware

Schneier on Security

MARCH 21, 2023

The New York Times is reporting that a US citizen’s phone was hacked by the Predator spyware. The simultaneous tapping of the target’s phone by the national intelligence service and the way she was hacked indicate that the spy service and whoever implanted the spyware, known as Predator, were working hand in hand.

Spyware

Spyware Hacking Government Technology

Canadian government impacted by data breaches of two of its contractors

Security Affairs

NOVEMBER 20, 2023

The Canadian government discloses a data breach after threat actors hacked two of its contractors. Data belonging to current and former Government of Canada employees, members of the Canadian Armed Forces and Royal Canadian Mounted Police personnel have been also exposed. Both contractors suffered a security breach in October.

Data breaches

Data breaches Government Hacking Backups

Fujitsu suffered a malware attack and probably a data breach

Security Affairs

MARCH 18, 2024

Japanese technology giant Fujitsu on Friday announced it had suffered a malware attack, threat actors may have stolen personal and customer information. The company revealed that multiple work computers were infected with malware, in response to the compromise the security staff disconnected impacted systems from the network. .

Data breaches

Data breaches Malware Technology Government

Earth Krahang APT breached tens of government organizations worldwide

Security Affairs

MARCH 19, 2024

The campaign seems active since at least early 2022 and focuses primarily on government organizations. The group often exploited access to government infrastructure to target other government entities. “Earth Krahang abuses the trust between governments to conduct their attacks.

Government

Government Phishing Accountability VPN

Thousands of Canadian government accounts hacked, Treasury Board of Canada Secretariat say

Security Affairs

AUGUST 17, 2020

The Treasury Board of Canada Secretariat confirmed that thousands of user accounts for online Canadian government services were recently hacked. According to a press release issued by the Treasury Board of Canada Secretariat, thousands of user accounts for online government services were recently hacked.

Government

Government Accountability Hacking Advertising

New Hacking Campaign Targeting Ukrainian Government with IcedID Malware

The Hacker News

APRIL 17, 2022

The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new wave of social engineering campaigns delivering IcedID malware and leveraging Zimbra exploits with the goal of stealing sensitive information.

Social Engineering

Social Engineering Malware Government Hacking

When Your Smart ID Card Reader Comes With Malware

Krebs on Security

MAY 17, 2022

government employees and contractors have been issued a secure smart ID card that enables physical access to buildings and controlled spaces, and provides access to government computer networks and systems at the cardholder’s appropriate security level. government smart cards. government smart cards.

Malware

Malware Government Internet Internet

A Stealthy Malware Found on Hacked Pulse Secure Devices

Heimadal Security

JULY 22, 2021

Cybersecurity and Infrastructure Security Agency (CISA) released an alert regarding more than a dozen malware samples that were found on exploited Pulse Secure devices and that can go undetected by antivirus products. The post A Stealthy Malware Found on Hacked Pulse Secure Devices appeared first on Heimdal Security Blog.

Malware

Malware Hacking Antivirus Government

PRC State Hacking: ‘Chinese Edward Snowden’ Spills I?Soon Secrets in Huge Dump of TTPs

Security Boulevard

FEBRUARY 22, 2024

Underpaid, overworked and angry: Whistleblower in hacker contractor firm for Chinese government blows lid off tactics, techniques and procedures. The post PRC State Hacking: ‘Chinese Edward Snowden’ Spills I‑Soon Secrets in Huge Dump of TTPs appeared first on Security Boulevard.

Hacking

Hacking Government Digital transformation Social Engineering

Skygofree: New Government Malware for Android

Schneier on Security

JANUARY 22, 2018

Kaspersky Labs is reporting on a new piece of sophisticated malware: We observed many web landing pages that mimic the sites of mobile operators and which are used to spread the Android implants. Ars Technica speculates that it is related to Hacking Team: That's not to say the malware is perfect. It seems to be Italian.

Malware

Malware Government Spyware Hacking

SYS01 stealer targets critical government infrastructure

Security Affairs

MARCH 7, 2023

Researchers discovered a new info stealer dubbed SYS01 stealer targeting critical government infrastructure and manufacturing firms. The last stage malware is the PHP-based SYS01stealer malware which is able to steal browser cookies and abuse authenticated Facebook sessions to steal information from the victim’s Facebook account.

Government

Government Manufacturing Social Engineering Malware

Cyber Attacks Against Middle East Governments Hide Malware in Windows logo

The Hacker News

OCTOBER 1, 2022

An espionage-focused threat actor has been observed using a steganographic trick to conceal a previously undocumented backdoor in a Windows logo in its attacks against Middle Eastern governments.

Government

Government Cyber Attacks Malware Hacking

Is Gelsemium APT behind a targeted attack in Southeast Asian Government?

Security Affairs

SEPTEMBER 25, 2023

A stealthy APT group tracked as Gelsemium was observed targeting a Southeast Asian government between 2022 and 2023. Palo Alto Unit42 researchers an APT group tracked as Gelsemium targeting a Southeast Asian government. The experts tracked the cluster as CL-STA-0046, the malicious activity spanned over six months between 2022-2023.

Government

Government Manufacturing Education Malware

Massive iPhone Hack Targets Uyghurs

Schneier on Security

SEPTEMBER 3, 2019

Earlier this year, Google's Project Zero found a series of websites that have been using zero-day vulnerabilities to indiscriminately install malware on iPhones that would visit the site. Earlier this year Google's Threat Analysis Group (TAG) discovered a small collection of hacked websites. released on February 7.).

Hacking

Hacking Surveillance Malware Government

U.S. authorities charged an Iranian national for long-running hacking campaign

Security Affairs

MARCH 2, 2024

government and defense entities. Department of Justice (DoJ) charged Iranian national Alireza Shafie Nasab (39) for multi-year hacking campaign targeting U.S. private sector and government computer systems,” said Assistant Attorney General Matthew G. defense contractors and private companies. Targeted entities include the U.S.

Hacking

Hacking Identity Theft Social Engineering Accountability

Malicious Domain in SolarWinds Hack Turned into ‘Killswitch’

Krebs on Security

DECEMBER 16, 2020

13, cyber incident response firm FireEye published a detailed writeup on the malware infrastructure used in the SolarWinds compromise, presenting evidence that the Orion software was first compromised back in March 2020. FireEye said hacked networks were seen communicating with a malicious domain name — avsvmcloud[.]com

Hacking

Hacking Malware Software Cybercrime

PurpleFox malware infected at least 2,000 computers in Ukraine

Security Affairs

FEBRUARY 2, 2024

The Computer Emergency Response Team in Ukraine (CERT-UA) reported that a PurpleFox malware campaign had already infected at least 2,000 computers in the country. Experts defined DirtyMoe as a complex malware that has been designed as a modular system. ” reads the alert published by CERT-UA.

Malware

Malware Internet Internet DDOS

China-Linked BRONZE PRESIDENT APT targets Government officials worldwide

Security Affairs

SEPTEMBER 10, 2022

China-linked BRONZE PRESIDENT group is targeting government officials in Europe, the Middle East, and South America with PlugX malware. PlugX is modular malware has backdoor capabilities that could be extended by downloading additional plugins. In the recent campaign, the malware is included in RAR archive files.

Government

Government Malware Encryption Hacking

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Krebs on Security

FEBRUARY 9, 2023

companies and government entities. ” Only one of the men sanctioned today is known to have been criminally charged in connection with hacking activity. federal investigators say was the precursor to the Trickbot malware. A New Jersey grand jury indicted Kovalev in 2012 after an investigation by the U.S. The Forbes.ru

Hacking

Hacking Cybercrime Ransomware Government

Unknown APT group is targeting Russian government entities

Security Affairs

MAY 25, 2022

An unknown APT group is targeting Russian government entities since the beginning of the Russian invasion of Ukraine. In the first campaign, attackers distributed a custom malware disguised as an interactive map of Ukraine ( interactive_map_UA.exe ). exe for its malware. SecurityAffairs – hacking, Unknown APT group).

Government

Government Malware Phishing Hacking

Russia-linked Turla APT hacked European government organization

Security Affairs

OCTOBER 29, 2020

Russia-linked APT Turla has hacked into the systems of an undisclosed European government organization according to Accenture. According to a report published by Accenture Cyber Threat Intelligence (ACTI), Russia-linked cyber-espionage group Turla has hacked into the systems of an undisclosed European government organization.

Government

Government Hacking Advertising Encryption

Raspberry Robin malware used in attacks against Telecom and Governments

Security Affairs

DECEMBER 24, 2022

The Raspberry Robin worm attacks aimed at telecommunications and government office systems across Latin America, Australia, and Europe. Researchers from Trend Micro have uncovered a Raspberry Robin worm campaign targeting telecommunications and government office systems across Latin America, Australia, and Europe. exe, and rundll32.exe.

Government

Government Malware Telecommunications Cybercrime

New malware variant has “radio silence” mode to evade detection

Bleeping Computer

MARCH 7, 2023

The Sharp Panda cyber-espionage hacking group was observed targeting high-profile government entities in Vietnam, Thailand, and Indonesia, using a new version of the 'Soul' malware framework. [.]

Malware

Malware Government Hacking

Russia Hacks Ukraine, Ukraine Hacks Russia — Day#658

Security Boulevard

DECEMBER 13, 2023

The post Russia Hacks Ukraine, Ukraine Hacks Russia — Day#658 appeared first on Security Boulevard. When will it end? Russia takes down Kyivstar cellular system, Ukraine destroys Russian tax system.

Hacking

Hacking Digital transformation Social Engineering Data privacy

Experts warn of a surge in NetSupport RAT attacks against education and government sectors

Security Affairs

NOVEMBER 21, 2023

Experts warn of a surge in NetSupport RAT attacks against education, government, and business services sectors. The most impacted sectors are education, government, and business services. The software was delivered through fraudulent updates, drive-by downloads, malware loaders (i.e.

Education

Education Government Business Services Software

Anonymous Hacking Group Targets Russian Government

SecureWorld News

FEBRUARY 25, 2022

Hundreds of executives, cyber influencers, and government officials are offering free tools and assistance to help the Ukrainian government and its people defend against Russian cyberattacks. Aushev's firm, Cyber Unit Technologies, is known for working with Ukraine's government on the defense of critical infrastructure.

Government

Government Hacking Cybersecurity Technology

Stealthy MerDoor malware uncovered after five years of attacks

Bleeping Computer

MAY 15, 2023

A new APT hacking group dubbed Lancefly uses a custom 'Merdoor' backdoor malware to target government, aviation, and telecommunication organizations in South and Southeast Asia. [.]

Malware

Malware Telecommunications Government Hacking

Ukrainian military intelligence service hacked the Russian Federal Taxation Service

Security Affairs

DECEMBER 12, 2023

The Ukrainian government’s military intelligence service announced the hack of the Russian Federal Taxation Service (FNS). “As a result of the cyber attack, all servers received malware. Rosaviatsia is the government agency responsible for the oversight and regulation of civil aviation in Russia.

Hacking

Hacking Cyber Attacks Backups Government

New Agent Raccoon malware targets the Middle East, Africa and the US

Security Affairs

DECEMBER 3, 2023

Threat actors are using the Agent Raccoon malware in attacks against organizations in the Middle East, Africa and the U.S. The malware was used in attacks against multiple industries, including education, real estate, retail, non-profit organizations, telecom companies, and governments.

Malware

Malware DNS Retail Education

ObliqueRAT, a new malware employed in attacks on government targets in Southeast Asia

Security Affairs

FEBRUARY 23, 2020

Cisco Talos researchers discovered a new malware, tracked as ObliqueRAT, that was employed targeted attacks against organizations in Southeast Asia. Experts from Cisco Talos discovered a new malware, tracked as ObliqueRAT, that appears a custom malware developed by a threat actor focused on government and diplomatic targets. .

Government

Government Malware Advertising Passwords

China-linked APT deployed malware in a network of the Dutch Ministry of Defence

Security Affairs

FEBRUARY 6, 2024

China-linked APT group breached the Dutch Ministry of Defence last year and installed malware on compromised systems. The effects of the attack were limited because of the network segmentation implemented in the government infrastructure. COATHANGER is a stealthy malware that hooks system calls that could reveal its presence.

Malware

Malware Firmware VPN Backups

Irony of Ironies: CISA Hacked — ‘by China’

Security Boulevard

MARCH 11, 2024

The post Irony of Ironies: CISA Hacked — ‘by China’ appeared first on Security Boulevard. Free rides and traffic jams: U.S. Cybersecurity and Infrastructure Security Agency penetrated in February, via vuln in Ivanti.

Hacking

Hacking Cybersecurity Social Engineering Data privacy

US Government Exposes North Korean Malware

U.S. Hacks QakBot, Quietly Removes Botnet Infections

Trending Sources

Security Risks of Government Hacking

Iranian Government Hacking Android

IcedID Malware Is Being Used in a New Hacking Campaign Targeting the Ukrainian Government

Details on Uzbekistan Government Malware: SandCat

Ukrainian Government Hacked Through Malicious Windows ISO Files

FireEye Hacked

Russian hacking group uses new stealthy Ceeloader malware

Raspberry Robin malware used in attacks against Telecom and Governments

North Korea ATM Hack

UNC4841 threat actors hacked US government email servers exploiting Barracuda ESG flaw

US Citizen Hacked by Spyware

Canadian government impacted by data breaches of two of its contractors

Fujitsu suffered a malware attack and probably a data breach

Earth Krahang APT breached tens of government organizations worldwide

Thousands of Canadian government accounts hacked, Treasury Board of Canada Secretariat say

New Hacking Campaign Targeting Ukrainian Government with IcedID Malware

When Your Smart ID Card Reader Comes With Malware

A Stealthy Malware Found on Hacked Pulse Secure Devices

PRC State Hacking: ‘Chinese Edward Snowden’ Spills I?Soon Secrets in Huge Dump of TTPs

Skygofree: New Government Malware for Android

SYS01 stealer targets critical government infrastructure

Cyber Attacks Against Middle East Governments Hide Malware in Windows logo

Is Gelsemium APT behind a targeted attack in Southeast Asian Government?

Massive iPhone Hack Targets Uyghurs

U.S. authorities charged an Iranian national for long-running hacking campaign

Malicious Domain in SolarWinds Hack Turned into ‘Killswitch’

PurpleFox malware infected at least 2,000 computers in Ukraine

China-Linked BRONZE PRESIDENT APT targets Government officials worldwide

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Unknown APT group is targeting Russian government entities

Russia-linked Turla APT hacked European government organization

Raspberry Robin malware used in attacks against Telecom and Governments

New malware variant has “radio silence” mode to evade detection

Russia Hacks Ukraine, Ukraine Hacks Russia — Day#658

Experts warn of a surge in NetSupport RAT attacks against education and government sectors

Anonymous Hacking Group Targets Russian Government

Stealthy MerDoor malware uncovered after five years of attacks

Ukrainian military intelligence service hacked the Russian Federal Taxation Service

New Agent Raccoon malware targets the Middle East, Africa and the US

ObliqueRAT, a new malware employed in attacks on government targets in Southeast Asia

China-linked APT deployed malware in a network of the Dutch Ministry of Defence

Irony of Ironies: CISA Hacked — ‘by China’

Stay Connected