An ongoing supply chain attack has been leveraging malicious Python packages to distribute malware called W4SP Stealer, with over hundreds of victims ensnared to date. "The threat actor is still active and is releasing more malicious packages," Checkmarx researcher Jossef Harush said in a technical write-up, calling the adversary WASP. "The attack seems related to cybercrime as … [Read more...] about W4SP Stealer Constantly Targeting Python Developers in Ongoing Supply Chain Attack
stealer
Researchers Uncover 29 Malicious PyPI Packages Targeted Developers with W4SP Stealer
Cybersecurity researchers have uncovered 29 packages in Python Package Index (PyPI), the official third-party software repository for the Python programming language, that aim to infect developers' machines with a malware called W4SP Stealer. "The main attack seems to have started around October 12, 2022, slowly picking up steam to a concentrated effort around October 22," … [Read more...] about Researchers Uncover 29 Malicious PyPI Packages Targeted Developers with W4SP Stealer
U.S. Charges Ukrainian Hacker Over Role in Raccoon Stealer Malware Service
A 26-year-old Ukrainian national has been charged in the U.S. for his alleged role in the Raccoon Stealer malware-as-a-service (MaaS) operation. Mark Sokolovsky, who was arrested by Dutch law enforcement after leaving Ukraine on March 4, 2022, in what's said to be a Porsche Cayenne, is currently being held in the Netherlands and awaits extradition to the U.S. "Individuals who … [Read more...] about U.S. Charges Ukrainian Hacker Over Role in Raccoon Stealer Malware Service
RedLine stealer spreads on YouTube disguised as game cheats
The video game market, with its 3.2-billion-strong audience worldwide, attracts every kind of business under the sun. All sorts of computer devices specially created for gamers are already par for the course, but it went beyond that a long time ago. These days, there is gaming furniture, gaming drinks, gaming you-name-it. Is it any wonder that cybercriminals do not stand idly … [Read more...] about RedLine stealer spreads on YouTube disguised as game cheats
Prynt Stealer Contains a Backdoor to Steal Victims’ Data Stolen by Other Cybercriminals
Researchers discovered a private Telegram channel-based backdoor in the information stealing malware, dubbed Prynt Stealer, which its developer added with the intention of secretly stealing a copy of victims' exfiltrated data when used by other cybercriminals. "While this untrustworthy behavior is nothing new in the world of cybercrime, the victims' data end up in the hands of … [Read more...] about Prynt Stealer Contains a Backdoor to Steal Victims’ Data Stolen by Other Cybercriminals
Researchers Expose Mars Stealer Malware Campaign Using Google Ads to Spread
A nascent information stealer called Mars has been observed in campaigns that take advantage of cracked versions of the malware to steal information stored in web browsers and cryptocurrency wallets. "Mars Stealer is being distributed via social engineering techniques, malspam campaigns, malicious software cracks, and keygens," Morphisec malware researcher Arnold Osipov said in … [Read more...] about Researchers Expose Mars Stealer Malware Campaign Using Google Ads to Spread
AutoHotkey-Based Password Stealer Targeting US, Canadian Banking Users
Threat actors have been discovered distributing a new credential stealer written in AutoHotkey (AHK) scripting language as part of an ongoing campaign that started early 2020. Customers of financial institutions in the US and Canada are among the primary targets for credential exfiltration, with a specific focus on banks such as Scotiabank, Royal Bank of Canada, HSBC, Alterna … [Read more...] about AutoHotkey-Based Password Stealer Targeting US, Canadian Banking Users
New Web-Based Credit Card Stealer Uses Telegram Messenger to Exfiltrate Data
Cybercriminal groups are constantly evolving to find new ways to pilfer financial information, and the latest trick in their arsenal is to leverage the messaging app Telegram to their benefit.In what's the latest tactic adopted by Magecart groups, the encrypted messaging service is being used to send stolen payment details from compromised websites back to the attackers."For … [Read more...] about New Web-Based Credit Card Stealer Uses Telegram Messenger to Exfiltrate Data
e-Commerce Site Hackers Now Hiding Credit Card Stealer Inside Image Metadata
In what's one of the most innovative hacking campaigns, cybercrime gangs are now hiding malicious code implants in the metadata of image files to covertly steal payment card information entered by visitors on the hacked websites."We found skimming code hidden within the metadata of an image file (a form of steganography) and surreptitiously loaded by compromised online stores," … [Read more...] about e-Commerce Site Hackers Now Hiding Credit Card Stealer Inside Image Metadata
A password stealer is a type of Trojan that hijacks gaming accounts
We often talk about the online threats gamers face, including malware in pirated copies, mods, and cheats, not to mention phishing and all kinds of scams when buying or exchanging in-game items. And not long ago, we looked at problems with buying accounts. Fortunately, it’s easy to avoid those threats if you know about them. But here’s another problem you need to know about and … [Read more...] about A password stealer is a type of Trojan that hijacks gaming accounts