article thumbnail

Using Legitimate GitHub URLs for Malware

Schneier on Security

Interesting social-engineering attack vector : McAfee released a report on a new LUA malware loader distributed through what appeared to be a legitimate Microsoft GitHub repository for the “C++ Library Manager for Windows, Linux, and MacOS,” known as vcpkg.

Malware 280
article thumbnail

PIN-Stealing Android Malware

Schneier on Security

The malware captures any PINs and passwords the victim enters to unlock their device and can later use them to unlock the device at will to perform malicious activities hidden from view.

Malware 258
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

FBI Disables Russian Malware

Schneier on Security

Reuters is reporting that the FBI “had identified and disabled malware wielded by Russia’s FSB security service against an undisclosed number of American computers, a move they hoped would deal a death blow to one of Russia’s leading cyber spying programs.” Presumably we will learn more soon.

Malware 271
article thumbnail

Calendar Meeting Links Used to Spread Mac Malware

Krebs on Security

But clicking the meeting link provided by the scammers prompts the user to run a script that quietly installs malware on macOS systems. It didn’t dawn on Doug until days later that the missed meeting with Mr. Lee might have been a malware attack. MacOS computers include X-Protect , Apple’s built-in antivirus technology.

Malware 265
article thumbnail

Mysterious Macintosh Malware

Schneier on Security

This is weird : Once an hour, infected Macs check a control server to see if there are any new commands the malware should run or binaries to execute. So far, however, researchers have yet to observe delivery of any payload on any of the infected 30,000 machines, leaving the malware’s ultimate goal unknown. Another article.

Malware 342
article thumbnail

Hiding Malware in ML Models

Schneier on Security

Interesting research: “EvilModel: Hiding Malware Inside of Neural Network Models” Abstract: Delivering malware covertly and detection-evadingly is critical to advanced malware campaigns. In this paper, we present a method that delivers malware covertly and detection-evadingly through neural network models.

Malware 363
article thumbnail

Androxgh0st Malware Botnet Steals AWS, Microsoft Credentials and More

Tech Republic Security

The Androxgh0st malware botnet is used for victim identification and exploitation in targeted networks, as well as credentials collection. Read the FBI/CISA's tips for protecting against this malware threat.

Malware 173