malware
-
Blog
This potent malware variant can hijack your Windows PC, steal passwords, and more: Neptune RAT is spreading on GitHub, Telegram, and even YouTube – and experts warn ‘anyone could use it to launch attacks’
A new version of the Neptune RAT malware has emerged, security researchers have warned, and is spreading on GitHub, Telegram, and even YouTube. The remote access trojan is ‘an extremely serious threat’ being offered on the ransomware-as-a-service model, according to researchers at Cyfirma. Affecting Windows devices, it hijacks Chromium-based browsers including Chrome, Brave, and Opera using a Chromium.dll attack that…
Read More » -
Blog
Police detains Smokeloader malware customers, seizes servers
In follow-up activity for Operation Endgame, law enforcement tracked down Smokeloader botnet’s customers and detained at least five individuals. During Operation Endgame last year, more than 100 servers used by major malware loader operations (e.g. IcedID, Pikabot, Trickbot, Bumblebee, Smokeloader, SystemBC) were seized. In a press release today, Europol informs that the operation continues as law enforcement officers analyze the…
Read More » -
Blog
Fake Microsoft Office add-in tools push malware via SourceForge
Threat actors are abusing SourceForge to distribute fake Microsoft add-ins that install malware on victims’ computers to both mine and steal cryptocurrency. SourceForge.net is a legitimate software hosting and distribution platform that also supports version control, bug tracking, and dedicated forums/wikis, making it very popular among open-source project communities. Although its open project submission model gives plenty of margin for…
Read More » -
Blog
Neptune RAT malware is hijacking Windows PCs, holding them for ransom and stealing passwords
Cybercriminals are currently using a new malware strain that’s been dubbed as the “Most Advanced RAT” (or remote access trojan) ever to infect vulnerable Windows PCs to steal crypto and passwords as well as hold them for ransom. As reported by Cybernews, the Neptune RAT is currently making the rounds online and this dangerous malware shouldn’t be ignored. This is…
Read More » -
Blog
Revealing a Sophisticated Malware Delivery Chain
The Acronis Threat Research Unit (TRU) was presented with an interesting threat chain and malware sample for analysis that involved a known cyberthreat along with some interesting twists in targeting and obfuscation. In this article, we’ll dissect the complex malware delivery chain and tactics. The focus will be on a multi-stage infection process involving Visual Basic Script (VBS), a batch…
Read More » -
Blog
Infostealer malware: What’s the threat to businesses?
Infostealers have been around for some time but recently they’ve been making headlines. This targeted malware, created to compromise the systems of victims and exfiltrate sensitive information, is on the rise and poses an active threat to all businesses. A recent report found that infostealers exposed billions of credentials in 2024, with KELA Cyber Threat Intelligence measuring 4.3 million machines…
Read More » -
Blog
New Crocodilus malware steals Android users’ crypto wallet keys
A newly discovered Android malware dubbed Crocodilus tricks users into providing the seed phrase for the cryptocurrency wallet using a warning to back up the key to avoid losing access. Although Crocodilus is a new banking malware, it features fully developed capabilities to take control of the device, harvest data, and remote control. Researchers at fraud prevention company ThreatFabric say that the malware…
Read More » -
Blog
Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection
This Motorola Moto G Power 5G shows the midnight blue color option. Image: Amazon New Android malware is using Microsoft’s .NET MAUI to fly under the radar in a new cybersecurity dust-up this week. Disguised as actual services such as banking and social media apps targeting Indian and Chinese-speaking users, the malware is designed to gain access to sensitive information.…
Read More » -
Blog
Chinese FamousSparrow hackers deploy upgraded malware in attacks
A China-linked cyberespionage group known as ‘FamousSparrow’ was observed using a new modular version of its signature backdoor ‘SparrowDoor’ against a US-based trade organization. The activity and new malware version were observed by security researchers at ESET, who found evidence the threat actor has been more active than initially thought since its last operations were exposed in 2022. Apart from the financial…
Read More » -
Blog
Microsoft Trusted Signing service abused to code-sign malware
Cybercriminals are abusing Microsoft’s Trusted Signing platform to code-sign malware executables with short-lived three-day certificates. Threat actors have long sought after code-signing certificates as they can be used to sign malware to appear like they are from a legitimate company. Signed malware also has the advantage of potentially bypassing security filters that would normally block unsigned executables, or at least treat…
Read More »