Google has removed two new malicious dropper apps that have been detected on the Play Store for Android, one of which posed as a lifestyle app and was caught distributing the Xenomorph banking malware. "Xenomorph is a trojan that steals credentials from banking applications on users' devices," Zscaler ThreatLabz researchers Himanshu Sharma and Viral Gandhi said in an analysis … [Read more...] about Malicious Google Play Store App Spotted Distributing Xenomorph Banking Trojan
Spotted
Another Chinese Hacking Group Spotted Targeting Ukraine Amid Russia Invasion
A Chinese-speaking threat actor called Scarab has been linked to a custom backdoor dubbed HeaderTip as part of a campaign targeting Ukraine since Russia embarked on an invasion last month, making it the second China-based hacking group after Mustang Panda to capitalize on the conflict. "The malicious activity represents one of the first public examples of a Chinese threat actor … [Read more...] about Another Chinese Hacking Group Spotted Targeting Ukraine Amid Russia Invasion
Chinese ‘Mustang Panda’ Hackers Spotted Deploying New ‘Hodur’ Malware
A China-based advanced persistent threat (APT) known as Mustang Panda has been linked to an ongoing cyberespionage campaign using a previously undocumented variant of the PlugX remote access trojan on infected machines. Slovak cybersecurity firm ESET dubbed the new version Hodur, owing to its resemblance to another PlugX (aka Korplug) variant called THOR that came to light in … [Read more...] about Chinese ‘Mustang Panda’ Hackers Spotted Deploying New ‘Hodur’ Malware
Chinese Hackers Spotted Using New UEFI Firmware Implant in Targeted Attacks
A previously undocumented firmware implant deployed to maintain stealthy persistence as part of a targeted espionage campaign has been linked to the Chinese-speaking Winnti advanced persistent threat group (APT41). Kaspersky, which codenamed the rootkit MoonBounce, characterized the malware as the "most advanced UEFI firmware implant discovered in the wild to date," adding "the … [Read more...] about Chinese Hackers Spotted Using New UEFI Firmware Implant in Targeted Attacks
A New Rust-based Ransomware Malware Spotted in the Wild
Details have emerged about what's the first Rust-language-based ransomware strain spotted in the wild that has already amassed "some victims from different countries" since its launch last month. The ransomware, dubbed BlackCat, was disclosed by MalwareHunterTeam. "Victims can pay with Bitcoin or Monero," the researchers said in a series of tweets detailing the file-encrypting … [Read more...] about A New Rust-based Ransomware Malware Spotted in the Wild
Hackers Spotted Using Morse Code in Phishing Attacks to Evade Detection
Microsoft has disclosed details of an evasive year-long social engineering campaign wherein the operators kept changing their obfuscation and encryption mechanisms every 37 days on average, including relying on Morse code, in an attempt to cover their tracks and surreptitiously harvest user credentials. The phishing attacks take the form of invoice-themed lures mimicking … [Read more...] about Hackers Spotted Using Morse Code in Phishing Attacks to Evade Detection
Researchers Spotted Malware Written in Nim Programming Language
Cybersecurity researchers have unwrapped an "interesting email campaign" undertaken by a threat actor that has taken to distributing a new malware written in Nim programming language. Dubbed "NimzaLoader" by Proofpoint researchers, the development marks one of the rare instances of Nim malware discovered in the threat landscape. "Malware developers may choose to use a rare … [Read more...] about Researchers Spotted Malware Written in Nim Programming Language
FIN11 Hackers Spotted Using New Techniques In Ransomware Attacks
A financially-motivated threat actor known for its malware distribution campaigns has evolved its tactics to focus on ransomware and extortion. According to FireEye's Mandiant threat intelligence team, the collective — known as FIN11 — has engaged in a pattern of cybercrime campaigns at least since 2016 that involves monetizing their access to organizations' networks, in … [Read more...] about FIN11 Hackers Spotted Using New Techniques In Ransomware Attacks
North Korean Hackers Spotted Using New Multi-Platform Malware Framework
Lazarus Group, the notorious hacking group with ties to the North Korean regime, has unleashed a new multi-platform malware framework with an aim to infiltrate corporate entities around the world, steal customer databases, and distribute ransomware.Capable of targeting Windows, Linux, and macOS operating systems, the MATA malware framework — so-called because of the authors' … [Read more...] about North Korean Hackers Spotted Using New Multi-Platform Malware Framework
First Cyber Attack ‘Mass Exploiting’ BlueKeep RDP Flaw Spotted in the Wild
Cybersecurity researchers have spotted a new cyberattack, which is believed to be the very first but amateur attempt to weaponize the infamous BlueKeep RDP vulnerability in the wild to mass compromise vulnerable systems for cryptocurrency mining.In May this year, Microsoft released a patch for a highly-critical remote code execution flaw in the Windows Remote Desktop Services, … [Read more...] about First Cyber Attack ‘Mass Exploiting’ BlueKeep RDP Flaw Spotted in the Wild