The advanced persistent threat known as Winter Vivern has been linked to campaigns targeting government officials in India, Lithuania, Slovakia, and the Vatican since 2021. The activity targeted Polish government agencies, the Ukraine Ministry of Foreign Affairs, the Italy Ministry of Foreign Affairs, and individuals within the Indian government, SentinelOne said in a report … [Read more...] about Winter Vivern APT Group Targeting Indian, Lithuanian, Slovakian, and Vatican Officials
Targeting
New ScrubCrypt Crypter Used in Cryptojacking Attacks Targeting Oracle WebLogic
Mar 09, 2023Ravie LakshmananCryptojacking / Threat Detection, The infamous cryptocurrency miner group called 8220 Gang has been observed using a new crypter called ScrubCrypt to carry out cryptojacking operations. According to Fortinet FortiGuard Labs, the attack chain commences with successful exploitation of susceptible Oracle WebLogic servers to download a PowerShell … [Read more...] about New ScrubCrypt Crypter Used in Cryptojacking Attacks Targeting Oracle WebLogic
Parallax RAT Targeting Cryptocurrency Firms with Sophisticated Injection Techniques
Mar 01, 2023Ravie LakshmananCryptocurrency / Cyber Attack Cryptocurrency companies are being targeted as part of a new campaign that delivers a remote access trojan called Parallax RAT. The malware "uses injection techniques to hide within legitimate processes, making it difficult to detect," Uptycs said in a new report. "Once it has been successfully injected, attackers can … [Read more...] about Parallax RAT Targeting Cryptocurrency Firms with Sophisticated Injection Techniques
Researchers Warn of ReverseRAT Backdoor Targeting Indian Government Agencies
Feb 21, 2023Ravie LakshmananCyber Threat / Cyber Attack A spear-phishing campaign targeting Indian government entities aims to deploy an updated version of a backdoor called ReverseRAT. Cybersecurity firm ThreatMon attributed the activity to a threat actor tracked as SideCopy. SideCopy is a threat group of Pakistani origin that shares overlaps with another actor called … [Read more...] about Researchers Warn of ReverseRAT Backdoor Targeting Indian Government Agencies
Experts Warn of RambleOn Android Malware Targeting South Korean Journalists
Feb 17, 2023Ravie LakshmananMobile Security / Cyber Threat Suspected North Korean nation-state actors targeted a journalist in South Korea with a malware-laced Android app as part of a social engineering campaign. The findings come from South Korea-based non-profit Interlab, which coined the new malware RambleOn. The malicious functionalities include the "ability to read and … [Read more...] about Experts Warn of RambleOn Android Malware Targeting South Korean Journalists
North Korea’s APT37 Targeting Southern Counterpart with New M2RAT Malware
Feb 15, 2023Ravie LakshmananThreat Intelligence / Malware The North Korea-linked threat actor tracked as APT37 has been linked to a piece of new malware dubbed M2RAT in attacks targeting its southern counterpart, suggesting continued evolution of the group's features and tactics. APT37, also tracked under the monikers Reaper, RedEyes, Ricochet Chollima, and ScarCruft, is … [Read more...] about North Korea’s APT37 Targeting Southern Counterpart with New M2RAT Malware
New Android Banking Trojan Targeting Brazilian Financial Institutions
A new Android banking trojan has set its eyes on Brazilian financial institutions to commit fraud by leveraging the PIX payments platform. Italian cybersecurity company Cleafy, which discovered the malware between the end of 2022 and the beginning of 2023, is tracking it under the name PixPirate. "PixPirate belongs to the newest generation of Android banking trojan, as it can … [Read more...] about New Android Banking Trojan Targeting Brazilian Financial Institutions
New shc-based Linux Malware Targeting Systems with Cryptocurrency Miner
Jan 04, 2023Ravie LakshmananLinux / Cryptocurrency A new Linux malware developed using the shell script compiler (shc) has been observed deploying a cryptocurrency miner on compromised systems. "It is presumed that after successful authentication through a dictionary attack on inadequately managed Linux SSH servers, various malware were installed on the target system," AhnLab … [Read more...] about New shc-based Linux Malware Targeting Systems with Cryptocurrency Miner
RedZei Chinese Scammers Targeting Chinese Students in the U.K.
Jan 02, 2023Ravie LakshmananOnline Scam / Cybersecurity Chinese international students in the U.K. have been targeted by persistent Chinese-speaking scammers for over a year as part of an activity dubbed RedZei (aka RedThief). "The RedZei fraudsters have chosen their targets carefully, researched them and realized it was a rich victim group that is ripe for exploitation," … [Read more...] about RedZei Chinese Scammers Targeting Chinese Students in the U.K.
Researchers Warn of Kavach 2FA Phishing Attacks Targeting Indian Govt. Officials
Dec 23, 2022Ravie LakshmananCyber Espionage / Pakistani Hackers A new targeted phishing campaign has zoomed in on a two-factor authentication solution called Kavach that's used by Indian government officials. Cybersecurity firm Securonix dubbed the activity STEPPY#KAVACH, attributing it to a threat actor known as SideCopy based on tactical overlaps with prior attacks. ".LNK … [Read more...] about Researchers Warn of Kavach 2FA Phishing Attacks Targeting Indian Govt. Officials