malware
-
Blog
Android malware found on Amazon Appstore disguised as health app
A malicious Android spyware application named ‘BMI CalculationVsn’ was discovered on the Amazon Appstore, masquerading as a simple health tool but stealing data from infected devices in the background. The application was discovered by McAfee Labs researchers, who notified Amazon, leading to the application being removed from the store. However, those who installed the app must manually remove it and…
Read More » -
Blog
BadBox malware botnet infects 192,000 Android devices despite disruption
The BadBox Android malware botnet has grown to over 192,000 infected devices worldwide despite a recent sinkhole operation that attempted to disrupt the operation in Germany. Researchers from BitSight warn that the malware appears to have expanded its targeting scope beyond no-name Chinese Android devices, now infecting more well-known and trusted brands like Yandex TVs and Hisense smartphones. The BadBox…
Read More » -
Blog
Raccoon Stealer malware operator gets 5 years in prison after guilty plea
Ukrainian national Mark Sokolovsky was sentenced today to five years in prison for his involvement in the Raccoon Stealer malware cybercrime operation. According to unsealed court documents, Sokolovsky (also known as raccoon-stealer, Photix, and black21jack77777) and his conspirators rented the malware to other threat actors under a MaaS (malware-as-a-service) model for $75 per week or $200 monthly. After infecting a…
Read More » -
Blog
‘Bitter’ cyberspies target defense orgs with new MiyaRAT malware
A cyberespionage threat group known as ‘Bitter’ was observed targeting defense organizations in Turkey using a novel malware family named MiyaRAT. MiyaRAT is used alongside the WmRAT malware, which is cyberespionage malware previously associated with Bitter. Proofpoint discovered the campaign and reports that the new malware is likely reserved for high-value targets, deployed only sporadically. Bitter is a suspected South Asian…
Read More » -
Blog
FBI spots HiatusRAT malware attacks targeting web cameras, DVRs
The FBI warned today that new HiatusRAT malware attacks are now scanning for and infecting vulnerable web cameras and DVRs that are exposed online. As a private industry notification (PIN) published on Monday explains, the attackers focus their attacks on Chinese-branded devices that are still waiting for security patches or have already reached the end of life. “In March 2024,…
Read More » -
Blog
.jpg)
Germany blocks BadBox malware loaded on 30,000 Android devices
Germany’s Federal Office for Information Security (BSI) has disrupted the BadBox malware operation pre-loaded in over 30,000 Android IoT devices sold in the country. The types of impacted devices include digital picture frames, media players and streamers, and potentially smartphones and tablets. BadBox is an Android malware that comes pre-installed in an internet-connected device’s firmware that is used to steal…
Read More » -
Blog
Germany sinkholes BadBox malware pre-loaded on Android devices
Germany’s Federal Office for Information Security (BSI) has disrupted the BadBox malware operation pre-loaded in over 30,000 Android IoT devices sold in the country. The types of impacted devices include digital picture frames, media players and streamers, and potentially smartphones and tablets. BadBox is an Android malware that comes pre-installed in an internet-connected device’s firmware that is used to steal…
Read More » -
Blog
New IOCONTROL malware used in critical infrastructure attacks
Iranian threat actors are utilizing a new malware named IOCONTROL to compromise Internet of Things (IoT) devices and OT/SCADA systems used by critical infrastructure in Israel and the United States. Targeted devices include routers, programmable logic controllers (PLCs), human-machine interfaces (HMIs), IP cameras, firewalls, and fuel management systems. The malware’s modular nature makes it capable of compromising a broad spectrum of…
Read More » -
Blog
New stealthy Pumakit Linux rootkit malware spotted in the wild
A new Linux rootkit malware called Pumakit has been discovered that uses stealth and advanced privilege escalation techniques to hide its presence on systems. The malware is a multi-component set that includes a dropper, memory-resident executables, a kernel module rootkit, and a shared object (SO) userland rootkit. Elastic Security discovered Pumakit in a suspicious binary (‘cron’) upload on VirusTotal, dated…
Read More » -
Blog
Open source malware surged by 156% in 2024
The growth of open source malware has continued apace in 2024, according to new research, with cyber criminals taking advantage of the proliferation of open source software. A report from software supply chain management firm Sonatype found there was a 156% increase in malicious packages identified on open source repositories over the past year. Sonatype has identified 778,529 malicious open…
Read More »