Cyberwarfare Five Eyes Report: New Russian Malware Targeting Ukrainian Military Android Devices Five Eyes report details 'Infamous Chisel' malware used by Russian state-sponsored hackers to target the Ukrainian military’s Android devices. Eduard KovacsAugust 31, 2023
Malware & Threats DreamBus Botnet Exploiting RocketMQ Vulnerability to Delivery Cryptocurrency Miner The DreamBus botnet has resurfaced and it has been exploiting a recently patched Apache RocketMQ vulnerability to deliver a Monero miner. Eduard KovacsAugust 30, 2023
Malware & Threats Mysterious Malware Uses Wi-Fi Scanning to Get Location of Infected Device Mysterious Whiffy Recon malware scans for nearby Wi-Fi access points to obtain the location of the infected device. Eduard KovacsAugust 24, 2023
Cybercrime Researchers Uncover Real Identity of CypherRAT and CraxsRAT Malware Developer Cyfirma security researchers uncover the real identity of the CypherRAT and CraxsRAT malware developer and MaaS operator. Ionut ArghireAugust 21, 2023
Malware & Threats Thousands of Systems Turned Into Proxy Exit Nodes via Malware Threat actors have been observed deploying a proxy application on Windows and macOS systems that were infected with malware. Ionut ArghireAugust 17, 2023
Malware & Threats CISA Analyzes Malware Used in Barracuda ESG Attacks CISA has shared analysis reports on three malware families obtained from an organization hacked via a recent Barracuda ESG vulnerability. Ionut ArghireJuly 31, 2023
Cybercrime Black Hat Hacker Exposes Real Identity After Infecting Own Computer With Malware A threat actor’s real identity was uncovered after they infected their own computer with an information stealer. Ionut ArghireJuly 18, 2023
Malware & Threats Millions of Smartphones Distributed Worldwide With Preinstalled ‘Guerrilla’ Malware A threat actor tracked as Lemon Group has control over millions of smartphones distributed worldwide thanks to preinstalled Guerrilla malware. Eduard KovacsMay 18, 2023
Malware & Threats New ‘Lobshot’ hVNC Malware Used by Russian Cybercriminals Russian cybercrime group TA505 has been observed using new hVNC malware called Lobshot in recent attacks. Ionut ArghireMay 1, 2023
Malware & Threats Takedown of GitHub Repositories Disrupts RedLine Malware Operations Four GitHub repositories used by RedLine stealer control panels were suspended, disrupting the malware’s operations. Ionut ArghireApril 18, 2023
Malware & Threats New ‘Domino’ Malware Linked to FIN7 Group, Ex-Conti Members New Domino backdoor brings together former members of the Conti group and the FIN7 threat actors. Ionut ArghireApril 18, 2023
Malware & Threats Microsoft Warns Accounting, Tax Return Preparation Firms of Remcos RAT Attacks A new Remcos RAT campaign is targeting US accounting and tax return preparation firms as Tax Day approaches. Ionut ArghireApril 14, 2023