article thumbnail

Hiding Malware in ML Models

Schneier on Security

Interesting research: “EvilModel: Hiding Malware Inside of Neural Network Models” Abstract: Delivering malware covertly and detection-evadingly is critical to advanced malware campaigns. In this paper, we present a method that delivers malware covertly and detection-evadingly through neural network models.

Malware 363
article thumbnail

Perfectl Malware

Schneier on Security

Perfectl in an impressive piece of malware: The malware has been circulating since at least 2021. The researchers are calling the malware Perfctl, the name of a malicious component that surreptitiously mines cryptocurrency. The naming convention is one of the many ways the malware attempts to escape notice of infected users.

Malware 232
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Using Legitimate GitHub URLs for Malware

Schneier on Security

Interesting social-engineering attack vector : McAfee released a report on a new LUA malware loader distributed through what appeared to be a legitimate Microsoft GitHub repository for the “C++ Library Manager for Windows, Linux, and MacOS,” known as vcpkg.

Malware 315
article thumbnail

FBI Disables Russian Malware

Schneier on Security

Reuters is reporting that the FBI “had identified and disabled malware wielded by Russia’s FSB security service against an undisclosed number of American computers, a move they hoped would deal a death blow to one of Russia’s leading cyber spying programs.” Presumably we will learn more soon.

Malware 308
article thumbnail

ChatGPT-Written Malware

Schneier on Security

I don’t know how much of a thing this will end up being, but we are seeing ChatGPT-written malware in the wild. “It’s still too early to decide whether or not ChatGPT capabilities will become the new favorite tool for participants in the Dark Web,” company researchers wrote.

Malware 66
article thumbnail

PIN-Stealing Android Malware

Schneier on Security

The malware captures any PINs and passwords the victim enters to unlock their device and can later use them to unlock the device at will to perform malicious activities hidden from view.

Malware 295
article thumbnail

New Linux Cryptomining Malware

Schneier on Security

It’s pretty nasty : The malware was dubbed “ Shikitega ” for its extensive use of the popular Shikata Ga Nai polymorphic encoder, which allows the malware to “mutate” its code to avoid detection.

Malware 302