Dec 29, 2023NewsroomEmail Security / Malware The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new phishing campaign orchestrated by the Russia-linked APT28 group to deploy previously undocumented malware such as OCEANMAP, MASEPIE, and STEELHOOK to harvest sensitive information. The activity, which was detected by the agency between December 15 and 25, … [Read more...] about CERT-UA Uncovers New Malware Wave Distributing OCEANMAP, MASEPIE, STEELHOOK
Malware
Carbanak Banking Malware Resurfaces with New Ransomware Tactics
Dec 26, 2023NewsroomMalware / Cybercrime The banking malware known as Carbanak has been observed being used in ransomware attacks with updated tactics. "The malware has adapted to incorporate attack vendors and techniques to diversify its effectiveness," cybersecurity firm NCC Group said in an analysis of ransomware attacks that took place in November 2023. "Carbanak returned … [Read more...] about Carbanak Banking Malware Resurfaces with New Ransomware Tactics
Rust-Based Malware Targets Indian Government Entities
Dec 22, 2023NewsroomMalware / Cyber Threat Indian government entities and the defense sector have been targeted by a phishing campaign that's engineered to drop Rust-based malware for intelligence gathering. The activity, first detected in October 2023, has been codenamed Operation RusticWeb by enterprise security firm SEQRITE. "New Rust-based payloads and encrypted … [Read more...] about Rust-Based Malware Targets Indian Government Entities
New JavaScript Malware Targeted 50,000+ Users at Dozens of Banks Worldwide
A new piece of JavaScript malware has been observed attempting to steal users' online banking account credentials as part of a campaign that has targeted more than 40 financial institutions across the world. The activity cluster, which employs JavaScript web injections, is estimated to have led to at least 50,000 infected user sessions spanning North America, South America, … [Read more...] about New JavaScript Malware Targeted 50,000+ Users at Dozens of Banks Worldwide
Iranian State-Sponsored OilRig Group Deploys 3 New Malware Downloaders
Dec 14, 2023NewsroomMalware / Cyber Espionage The Iranian state-sponsored threat actor known as OilRig deployed three different downloader malware throughout 2022 to maintain persistent access to victim organizations located in Israel. The three new downloaders have been named ODAgent, OilCheck, and OilBooster by Slovak cybersecurity company ESET. The attacks also involved … [Read more...] about Iranian State-Sponsored OilRig Group Deploys 3 New Malware Downloaders
Russian Hacker Vladimir Dunaev Convicted for Creating TrickBot Malware
Dec 02, 2023NewsroomCybercrime / Malware A Russian national has been found guilty in connection with his role in developing and deploying a malware known as TrickBot, the U.S. Department of Justice (DoJ) announced. Vladimir Dunaev, 40, was arrested in South Korea in September 2021 and extradited to the U.S. a month later. "Dunaev developed browser modifications and malicious … [Read more...] about Russian Hacker Vladimir Dunaev Convicted for Creating TrickBot Malware
IMPERIAL KITTEN Deploys Novel Malware Families
CrowdStrike Counter Adversary Operations has been investigating a series of cyberattacks and strategic web compromise (SWC) operations targeting organizations in the transportation, logistics and technology sectors that occurred in October 2023. Based on a detailed examination of the malicious tooling used in these attacks, along with additional reporting and industry reports, … [Read more...] about IMPERIAL KITTEN Deploys Novel Malware Families
New FjordPhantom Android Malware Targets Banking Apps in Southeast Asia
Dec 01, 2023NewsroomMobile Security / Banking Security Cybersecurity researchers have disclosed a new sophisticated Android malware called FjordPhantom that has been observed targeting users in Southeast Asian countries like Indonesia, Thailand, and Vietnam since early September 2023. "Spreading primarily through messaging services, it combines app-based malware with social … [Read more...] about New FjordPhantom Android Malware Targets Banking Apps in Southeast Asia
New WailingCrab Malware Loader Spreading via Shipping-Themed Emails
Nov 23, 2023NewsroomMalware / Threat Analysis Delivery- and shipping-themed email messages are being used to deliver a sophisticated malware loader known as WailingCrab. "The malware itself is split into multiple components, including a loader, injector, downloader and backdoor, and successful requests to C2-controlled servers are often necessary to retrieve the next stage," … [Read more...] about New WailingCrab Malware Loader Spreading via Shipping-Themed Emails
North Korean Hackers Pose as Job Recruiters and Seekers in Malware Campaigns
Nov 22, 2023NewsroomCyber Espionage / Social Engineering North Korean threat actors have been linked to two campaigns in which they masquerade as both job recruiters and seekers to distribute malware and obtain unauthorized employment with organizations based in the U.S. and other parts of the world. The activity clusters have been codenamed Contagious Interview and Wagemole, … [Read more...] about North Korean Hackers Pose as Job Recruiters and Seekers in Malware Campaigns