Sep 19, 2023THNMalware / Cyber Threat Telecommunication service providers in the Middle East are the target of a new intrusion set dubbed ShroudedSnooper that employs a stealthy backdoor called HTTPSnoop. "HTTPSnoop is a simple, yet effective, backdoor that consists of novel techniques to interface with Windows HTTP kernel drivers and devices to listen to incoming requests … [Read more...] about ShroudedSnooper’s HTTPSnoop Backdoor Targets Middle East Telecom Companies
targets
New AMBERSQUID Cryptojacking Operation Targets Uncommon AWS Services
Sep 18, 2023THNCloud Security / Cryptocurrecy A novel cloud-native cryptojacking operation has set its eyes on uncommon Amazon Web Services (AWS) offerings such as AWS Amplify, AWS Fargate, and Amazon SageMaker to illicitly mine cryptocurrency. The malicious cyber activity has been codenamed AMBERSQUID by cloud and container security firm Sysdig. "The AMBERSQUID operation was … [Read more...] about New AMBERSQUID Cryptojacking Operation Targets Uncommon AWS Services
New Python Variant of Chaes Malware Targets Banking and Logistics Industries
Sep 05, 2023THNCyber Threat / Malware Banking and logistics industries are under the onslaught of a reworked variant of a malware called Chaes. "It has undergone major overhauls: from being rewritten entirely in Python, which resulted in lower detection rates by traditional defense systems, to a comprehensive redesign and an enhanced communication protocol," Morphisec said in … [Read more...] about New Python Variant of Chaes Malware Targets Banking and Logistics Industries
Russian State-Backed ‘Infamous Chisel’ Android Malware Targets Ukrainian Military
Cybersecurity and intelligence agencies from Australia, Canada, New Zealand, the U.K., and the U.S. on Thursday disclosed details of a mobile malware strain targeting Android devices used by the Ukrainian military. The malicious software, dubbed Infamous Chisel and attributed to a Russian state-sponsored actor called Sandworm, has capabilities to "enable unauthorized access to … [Read more...] about Russian State-Backed ‘Infamous Chisel’ Android Malware Targets Ukrainian Military
Cybercrime Group ‘Muddled Libra’ Targets BPO Sector with Advanced Social Engineering
Jun 23, 2023Ravie LakshmananSocial Engineering / Phishing A threat actor known as Muddled Libra is targeting the business process outsourcing (BPO) industry with persistent attacks that leverage advanced social engineering ploys to gain initial access. "The attack style defining Muddled Libra appeared on the cybersecurity radar in late 2022 with the release of the 0ktapus … [Read more...] about Cybercrime Group ‘Muddled Libra’ Targets BPO Sector with Advanced Social Engineering
Chinese Hacker Group ‘Flea’ Targets American Ministries with Graphican Backdoor
Jun 21, 2023Ravie LakshmananCyber Threat / APT Foreign affairs ministries in the Americas have been targeted by a Chinese state-sponsored actor named Flea as part of a recent campaign that spanned from late 2022 to early 2023. The cyber attacks, per Broadcom's Symantec, involved a new backdoor codenamed Graphican. Some of the other targets included a government finance … [Read more...] about Chinese Hacker Group ‘Flea’ Targets American Ministries with Graphican Backdoor
Sneaky DogeRAT Trojan Poses as Popular Apps, Targets Indian Android Users
May 30, 2023Ravie LakshmananMobile Security / Android A new open source remote access trojan (RAT) called DogeRAT targets Android users primarily located in India as part of a sophisticated malware campaign. The malware is distributed via social media and messaging platforms under the guise of legitimate applications like Opera Mini, OpenAI ChatGOT, and Premium versions of … [Read more...] about Sneaky DogeRAT Trojan Poses as Popular Apps, Targets Indian Android Users
Crypto-Stealing OpcJacker Malware Targets Users with Fake VPN Service
Apr 03, 2023Ravie LakshmananUnited States A piece of new information-stealing malware called OpcJacker has been spotted in the wild since the second half of 2022 as part of a malvertising campaign. "OpcJacker's main functions include keylogging, taking screenshots, stealing sensitive data from browsers, loading additional modules, and replacing cryptocurrency addresses in … [Read more...] about Crypto-Stealing OpcJacker Malware Targets Users with Fake VPN Service
New Malvertising Campaign via Google Ads Targets Users Searching for Popular Software
Dec 29, 2022Ravie LakshmananOnline Security / Malvertising Users searching for popular software are being targeted by a new malvertising campaign that abuses Google Ads to serve trojanized variants that deploy malware, such as Raccoon Stealer and Vidar. The activity makes use of seemingly credible websites with typosquatted domain names that are surfaced on top of Google … [Read more...] about New Malvertising Campaign via Google Ads Targets Users Searching for Popular Software
Hack-for-Hire Group Targets Travel and Financial Entities with New Janicab Malware Variant
Dec 10, 2022Ravie LakshmananHack-for-Hire / Threat Intelligence Travel agencies have emerged as the target of a hack-for-hire group dubbed Evilnum as part of a broader campaign aimed at legal and financial investment institutions in the Middle East and Europe. The attacks targeting law firms throughout 2020 and 2021 involved a revamped variant of a malware called Janicab that … [Read more...] about Hack-for-Hire Group Targets Travel and Financial Entities with New Janicab Malware Variant