Freelance software developers are the target of an ongoing campaign that leverages job interview-themed lures to deliver cross-platform malware families known as BeaverTail and InvisibleFerret. The activity, linked to North Korea, has been codenamed DeceptiveDevelopment, which overlaps with clusters tracked under the names Contagious Interview (aka CL-STA-0240), DEV#POPPER, … [Read more...] about North Korean Hackers Target Freelance Developers in Job Scam to Deploy Malware
Malware
Microsoft Uncovers New XCSSET macOS Malware Variant with Advanced Obfuscation Tactics
Feb 17, 2025Ravie LakshmananEndpoint Security / Malware Microsoft said it has discovered a new variant of a known Apple macOS malware called XCSSET as part of limited attacks in the wild. "Its first known variant since 2022, this latest XCSSET malware features enhanced obfuscation methods, updated persistence mechanisms, and new infection strategies," the Microsoft Threat … [Read more...] about Microsoft Uncovers New XCSSET macOS Malware Variant with Advanced Obfuscation Tactics
Fake Google Chrome Sites Distribute ValleyRAT Malware via DLL Hijacking
Feb 06, 2025Ravie LakshmananCyber Attack / Malware Bogus websites advertising Google Chrome have been used to distribute malicious installers for a remote access trojan called ValleyRAT. The malware, first detected in 2023, is attributed to a threat actor tracked as Silver Fox, with prior attack campaigns primarily targeting Chinese-speaking regions like Hong Kong, Taiwan, … [Read more...] about Fake Google Chrome Sites Distribute ValleyRAT Malware via DLL Hijacking
Researchers Explore Contrastive Learning for Malware Detection
CrowdStrike research shows that contrastive learning improves supervised machine learning results for PE (Portable Executable) malwareApplying self-supervised learning to PE files enhances the effectiveness of machine learning in cybersecurity, which is crucial to address the evolving threat landscapeCrowdStrike researchers engineered a novel loss function to optimize … [Read more...] about Researchers Explore Contrastive Learning for Malware Detection
North Korean Hackers Deploy OtterCookie Malware in Contagious Interview Campaign
Dec 27, 2024Ravie LakshmananCryptocurrency / Cyber Espionage North Korean threat actors behind the ongoing Contagious Interview campaign have been observed dropping a new JavaScript malware called OtterCookie. Contagious Interview (aka DeceptiveDevelopment) refers to a persistent attack campaign that employs social engineering lures, with the hacking crew often posing as … [Read more...] about North Korean Hackers Deploy OtterCookie Malware in Contagious Interview Campaign
AI Could Generate 10,000 Malware Variants, Evading Detection in 88% of Case
Dec 23, 2024Ravie LakshmananMachine Learning / Threat Analysis Cybersecurity researchers have found that it's possible to use large language models (LLMs) to generate new variants of malicious JavaScript code at scale in a manner that can better evade detection. "Although LLMs struggle to create malware from scratch, criminals can easily use them to rewrite or obfuscate … [Read more...] about AI Could Generate 10,000 Malware Variants, Evading Detection in 88% of Case
Detection Logic for Pre-Deployment Malware Scanning
As organizations embrace DevOps practices and CI/CD pipelines to accelerate software delivery, their greater dependency on third-party components can introduce security risks. Because malware can infiltrate an environment during development, it’s important to check for it ahead of deployment. CrowdStrike Falcon® Cloud Security now applies its award-winning sensor … [Read more...] about Detection Logic for Pre-Deployment Malware Scanning
Lazarus Group Spotted Targeting Nuclear Engineers with CookiePlus Malware
The Lazarus Group, an infamous threat actor linked to the Democratic People's Republic of Korea (DPRK), has been observed leveraging a "complex infection chain" targeting at least two employees belonging to an unnamed nuclear-related organization within the span of one month in January 2024. The attacks, which culminated in the deployment of a new modular backdoor referred to … [Read more...] about Lazarus Group Spotted Targeting Nuclear Engineers with CookiePlus Malware
Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack
Dec 20, 2024Ravie LakshmananMalware / Supply Chain Attack The developers of Rspack have revealed that two of their npm packages, @rspack/core and @rspack/cli, were compromised in a software supply chain attack that allowed a malicious actor to publish malicious versions to the official package registry with cryptocurrency mining malware. Following the discovery, versions … [Read more...] about Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack
Attackers Exploit Microsoft Teams and AnyDesk to Deploy DarkGate Malware
Dec 17, 2024Ravie LakshmananMalware / Credential Theft A new social engineering campaign has leveraged Microsoft Teams as a way to facilitate the deployment of a known malware called DarkGate. "An attacker used social engineering via a Microsoft Teams call to impersonate a user's client and gain remote access to their system," Trend Micro researchers Catherine Loveria, Jovit … [Read more...] about Attackers Exploit Microsoft Teams and AnyDesk to Deploy DarkGate Malware