Aug 23, 2023THNMobile Security / Cyber Crime A Syrian threat actor named EVLF has been outed as the creator of malware families CypherRAT and CraxsRAT. "These RATs are designed to allow an attacker to remotely perform real-time actions and control the victim device's camera, location, and microphone," Cybersecurity firm Cyfirma said in a report published last week. CypherRAT … [Read more...] about Syrian Threat Actor EVLF Unmasked as Creator of CypherRAT and CraxsRAT Android Malware
Malware
Advanced Linux Malware Targeting South Korean Systems
Aug 05, 2023THNLinux / Malware Threat actors are using an open-source rootkit called Reptile to target Linux systems in South Korea. "Unlike other rootkit malware that typically only provide concealment capabilities, Reptile goes a step further by offering a reverse shell, allowing threat actors to easily take control of systems," the AhnLab Security Emergency Response Center … [Read more...] about Advanced Linux Malware Targeting South Korean Systems
New Android Malware CherryBlos Utilizing OCR to Steal Sensitive Data
Jul 29, 2023THNAndroid / Malware A new Android malware strain called CherryBlos has been observed making use of optical character recognition (OCR) techniques to gather sensitive data stored in pictures. CherryBlos, per Trend Micro, is distributed via bogus posts on social media platforms and comes with capabilities to steal cryptocurrency wallet-related credentials and act … [Read more...] about New Android Malware CherryBlos Utilizing OCR to Steal Sensitive Data
New ‘Letscall’ Malware Employs Voice Traffic Routing
Jul 07, 2023Swati KhandelwalMobile Security / Malware Researchers have issued a warning about an emerging and advanced form of voice phishing (vishing) known as "Letscall." This technique is currently targeting individuals in South Korea. The criminals behind "Letscall" employ a multi-step attack to deceive victims into downloading malicious apps from a counterfeit Google … [Read more...] about New ‘Letscall’ Malware Employs Voice Traffic Routing
Malware in the free game Super Mario 3: Mario Forever
We often talk about the perils of downloading pirated versions of games, since they may harbor malware. But they aren’t the only threat. Nasty surprises can pop up in free-to-play games, too, which is what happened just recently with Super Mario 3: Mario Forever. But first things first… Malware in free-to-play Super Mario 3: Mario Forever The Super Mario series (aka Super Mario … [Read more...] about Malware in the free game Super Mario 3: Mario Forever
New ‘RustBucket’ Malware Variant Targeting macOS Users
Jul 01, 2023Ravie LakshmananEndpoint Security / Malware Researchers have pulled back the curtain on an updated version of an Apple macOS malware called RustBucket that comes with improved capabilities to establish persistence and avoid detection by security software. "This variant of RustBucket, a malware family that targets macOS systems, adds persistence capabilities not … [Read more...] about New ‘RustBucket’ Malware Variant Targeting macOS Users
Powerful JavaScript Dropper PindOS Distributes Bumblebee and IcedID Malware
Jun 23, 2023Ravie LakshmananMalware / Cyber Threat A new strain of JavaScript dropper has been observed delivering next-stage payloads like Bumblebee and IcedID. Cybersecurity firm Deep Instinct is tracking the malware as PindOS, which contains the name in its "User-Agent" string. Both Bumblebee and IcedID serve as loaders, acting as a vector for other malware on compromised … [Read more...] about Powerful JavaScript Dropper PindOS Distributes Bumblebee and IcedID Malware
New Golang-based Skuld Malware Stealing Discord and Browser Data from Windows PCs
Jun 14, 2023Ravie LakshmananCyber Threat / Malware A new Golang-based information stealer called Skuld has compromised Windows systems across Europe, Southeast Asia, and the U.S. "This new malware strain tries to steal sensitive information from its victims," Trellix researcher Ernesto Fernández Provecho said in a Tuesday analysis. "To accomplish this task, it searches for … [Read more...] about New Golang-based Skuld Malware Stealing Discord and Browser Data from Windows PCs
How DoubleFinger malware steals crypto
Cryptocurrencies are under attack from all sorts of criminal schemes — from mundane Bitcoin mining scams to grandiose cryptocurrency heists worth hundreds of millions of dollars. For cryptocurrency owners, dangers lurk at literally every turn. Just recently we talked about fake cryptowallets — which look and work just like real ones but eventually steal all your money. Now our … [Read more...] about How DoubleFinger malware steals crypto
New COSMICENERGY Malware Exploits ICS Protocol to Sabotage Power Grids
May 26, 2023Ravie LakshmananICS/SCADA Security A new strain of malicious software that's engineered to penetrate and disrupt critical systems in industrial environments has been unearthed. Google-owned threat intelligence firm Mandiant dubbed the malware COSMICENERGY, adding it was uploaded to a public malware scanning utility in December 2021 by a submitter in Russia. There … [Read more...] about New COSMICENERGY Malware Exploits ICS Protocol to Sabotage Power Grids