Tag: malware
-
Russian FSB Hackers Deploy New Lostkeys Malware
Malware Targets Western Officials, NGOs and Journalists. Russian cyber espionage hackers are using a new malware strain dubbed Lostkeys in a targeted espionage campaign aimed at Western officials, NGOs and journalists. Google researchers attribute Lostkeys to the threat group Coldriver, an operational unit within the Federal Security Service. First seen on govinfosecurity.com Jump to article:…
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 45
by
in SecurityNewsSecurity Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape iClicker site hack targeted students with malware via fake CAPTCHA New Noodlophile Stealer Distributes Via Fake AI Video Generation Platforms Backdoor found in popular ecommerce components Stealthy Linux backdoor leveraging residential proxies and NHAS reverse SSH…
-
iClicker site hack targeted students with malware via fake CAPTCHA
by
in SecurityNewsThe website of iClicker, a popular student engagement platform, was compromised in a ClickFix attack that used a fake CAPTCHA prompt to trick students and instructors into installing malware on their devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/
-
Fake-Ads für Kryptowährungen: Cristiano-Ronaldo-Malvertising für Binance
by
in SecurityNewsAktuelle Kampagnen mit Fake-Ads für Kryptowährungen. Fortschrittliche Tarntechniken im Einsatz. Die Experten der Bitdefender Labs beobachten aktuelle Malvertising-Kampagnen auf Facebook. Vehikel für die Angriffe mit Malware sind vor allem bekannte Kryptowährungsseiten wie Binance, Trading View, ByBit, SolFlare, MetaMask, Gate.io oder MEXC. Angebliche Markenbotschafter sind Influencer und Prominente wie Elon Musk oder Cristiano Ronaldo. Die… First…
-
Google warns of Russian hackers ColdRiver wielding new malware tools
First seen on scworld.com Jump to article: www.scworld.com/news/google-warns-of-russian-hackers-coldriver-wielding-new-malware-tools
-
Fake AI video generators drop new Noodlophile infostealer malware
by
in SecurityNewsFake AI-powered video generation tools are being used to distribute a new information-stealing malware family called ‘Noodlophile,’ under the guise of generated media content. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fake-ai-video-generators-drop-new-noodlophile-infostealer-malware/
-
North Korea’s OtterCookie Malware Added a New Feature to Attack Windows, Linux, and macOS
by
in SecurityNewsA North Korea-linked attack group, known as WaterPlum (also referred to as Famous Chollima or PurpleBravo), has been actively targeting financial institutions, cryptocurrency operators, and FinTech companies globally. Since 2023, their infamous Contagious Interview campaign has utilized malware such as BeaverTail and InvisibleFerret to infiltrate systems. However, in September 2024, WaterPlum introduced a sophisticated new…
-
Echo-Effekt: Neue Cyber-Waffe zwingt Malware zur Selbstzerstörung
by
in SecurityNewsFirst seen on t3n.de Jump to article: t3n.de/news/malware-selbstzerstoerung-mit-echo-tool-1686660/
-
ICE’s Deportation Airline Hack Reveals Man ‘Disappeared’ to El Salvador
by
in SecurityNewsPlus: A DOGE operative’s laptop reportedly gets infected with malware, Grok AI is used to “undress” women on X, a school software company’s ransomware nightmare returns, and more. First seen on wired.com Jump to article: www.wired.com/story/ices-deportation-airline-hack-reveals-man-disappeared-to-el-salvador/
-
Microsoft Listens to Security Concerns and Delays New OneDrive Sync
by
in SecurityNews
Tags: corporate, cybersecurity, data, malware, microsoft, privacy, risk, service, software, vulnerabilityMisuse of the newly announced Microsoft OneDrive synchronization feature puts corporate security and personal privacy at serious risk in ways not likely understood by the users. Microsoft wants people to connect their personal OneDrive file share with their work systems, synchronizing potentially private files onto their enterprise managed PCs. The problem is having these files…
-
FBI warns that end of life devices are being actively targeted by threat actors
by
in SecurityNews
Tags: access, antivirus, attack, authentication, botnet, china, cisco, control, credentials, cve, data-breach, exploit, firewall, firmware, Hardware, identity, infection, intelligence, Internet, malware, network, password, router, sans, service, software, technology, threat, tool, update, vulnerabilityLinksys E1200, E2500, E1000, E4200, E1500, E300, E3200, E1550, WRT320N, WRT310N, WRT610NCradlepoint E100Cisco M10Threat actors, notably Chinese state-sponsored actors, are successfully exploiting known vulnerabilities in routers exposed to the web through pre-installed remote management software, according to the FBI. They then install malware, set up a botnet, and sell proxy services or launch coordinated attacks.”The…
-
OpenText Report Shines Spotlight on Malware Infection Rates
by
in SecurityNewsA 2025 cybersecurity threat report based on analysis of data collected from tens of millions of endpoints by OpenText shows that the malware infection rate for business PCs now stands at 2.39%, with 87% of that malware being based on some type of variant that was specifically created to evade detection by cybersecurity tools. First…
-
OtterCookie v4 Adds VM Detection and Chrome, MetaMask Credential Theft Capabilities
by
in SecurityNewsThe North Korean threat actors behind the Contagious Interview campaign have been observed using updated versions of a cross-platform malware called OtterCookie with capabilities to steal credentials from web browsers and other files.NTT Security Holdings, which detailed the new findings, said the attackers have “actively and continuously” updated the malware, introducing versions v3 and v4…
-
New Stealthy .NET Malware Hiding Malicious Payloads Within Bitmap Resources
by
in SecurityNewsCybersecurity researchers at Palo Alto Networks’ Unit 42 have uncovered a novel obfuscation method employed by threat actors to conceal malware within bitmap resources of seemingly benign 32-bit .NET applications. This advanced steganography technique embeds malicious payloads in bitmap files, initiating a multi-stage infection chain that ultimately delivers destructive malware families such as Agent Tesla,…
-
Hackers Weaponizing Facebook Ads to Deploy Multi-Stage Malware Attacks
A persistent and highly sophisticated malvertising campaign on Facebook has been uncovered by Bitdefender Labs, exploiting the trust associated with major cryptocurrency exchanges to distribute multi-stage malware. This ongoing operation, active for several months as of May 2025, leverages advanced evasion techniques, mass brand impersonation, and user-tracking mechanisms to bypass conventional security defenses. By impersonating…
-
Cristiano-Ronaldo-Malvertising für Binance
by
in SecurityNewsDie Experten der Bitdefender Labs beobachten aktuelle Malvertising-Kampagnen auf Facebook. Vehikel für die Angriffe mit Malware sind vor allem bekannte Kryptowährungsseiten wie Binance, Trading #-View, ByBit, SolFlare, MetaMask, Gate.io oder MEXC. Angebliche Markenbotschafter sind Influencer und Prominente wie Elon Musk oder Cristiano Ronaldo. Die cyberkriminellen Träger der Malware-Kampagnen verwenden fortgeschrittene Techniken, um sich zu tarnen.…
-
Fake AI platforms deliver malware diguised as video content
by
in SecurityNewsA clever malware campaign delivering the novel Noodlophile malware is targeting creators and small businesses looking to enhance their productivity with AI tools. But, in an … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/05/09/fake-ai-platforms-deliver-malware/
-
Hackers Target IT Admins by Poisoning SEO to Push Malware to Top Search Results
by
in SecurityNewsCybercriminals are increasingly targeting IT administrators through sophisticated Search Engine Optimization (SEO) poisoning techniques. By leveraging SEO tactics typically used for legitimate online marketing, attackers manipulate search engine rankings to push malicious websites to the top of results on platforms like Google. Disguised as trusted tools, these malicious payloads trick even seasoned admins into downloading…
-
Cybercriminal services target endlife routers, FBI warns
by
in SecurityNewsThe FBI warns that attackers are using end-of-life routers to deploy malware and turn them into proxies sold on 5Socks and Anyproxy networks. The FBI released a FLASH alert warning about 5Socks and Anyproxy malicious services targeting end-of-life (EOL) routers. Attackers target EoL devices to deploy malware by exploiting vulnerabilities and create botnets for attacks…
-
Russia-linked ColdRiver used LostKeys malware in recent attacks
by
in SecurityNews
Tags: apt, attack, cyberespionage, espionage, google, government, group, intelligence, malware, russia, threatSince early 2025, Russia-linked ColdRiver has used LostKeys malware to steal files in espionage attacks on Western governments and organizations. Google’s Threat Intelligence Group discovered LOSTKEYS, a new malware used by Russia-linked APT COLDRIVER, in recent attacks to steal files and gather system info. TheColdRiverAPT (aka “Seaborgium”, “Callisto”, “Star Blizzard”,”TA446″) is a Russian cyberespionage group…
-
FBI Sounds Alarm on Rogue Cybercrime Services Targeting Obsolete Routers
by
in SecurityNewsThe FBI has detected indicators of malware targeting end-of-life routers associated with Anyproxy and 5Socks proxy services First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/fbi-cybercrime-obsolete-routers/
-
China-Backed Hackers Target Exiled Uyghur Community with Malicious Software
Senior members of the World Uyghur Congress (WUC) living in exile were targeted with a sophisticated spearphishing campaign delivering malware through a seemingly legitimate Uyghur language text editor. The attack, which began preparation nearly a year ago, represents another chapter in China’s ongoing digital transnational repression campaign against the Uyghur diaspora. While the malware itself…
-
Zugangsdaten: Passwörter von Doge-Mitarbeiter per Malware erbeutet
by
in SecurityNewsEine private Mail-Adresse eines Doge-Mitarbeiters soll in 51 bekannten Datenlecks enthalten sein. Zudem sind seine Zugangsdaten in mehreren Stealer-Logs aufgetaucht. First seen on golem.de Jump to article: www.golem.de/news/zugangsdaten-infostealer-malware-erbeutet-passwoerter-von-doge-mitarbeiter-2505-196043.html
-
TheMoon Malware Targets Aging Routers, FBI Issues Alert
by
in SecurityNewsThe Federal Bureau of Investigation (FBI) has issued a warning about the TheMoon malware. The warning also stresses the First seen on thecyberexpress.com Jump to article: thecyberexpress.com/fbi-warns-of-themoon-malware/
-
‘CISOs sprechen heute die Sprache des Business”
by
in SecurityNewsNick Godfrey, Leiter des Office of the CISO bei Google Cloud Google CloudAls Senior Director und Leiter des Office of the CISO bei Google Cloud ist es die Aufgabe von Nick Godfrey, das Unternehmen beim Austausch zwischen CISOs rund um die Themen Cloud und Security zu unterstützen. Godfrey, selbst ehemaliger Sicherheitsverantwortlicher bei einem Finanzdienstleister, leitet…
-
Qilin Ransomware Ranked Highest in April 2025 with 72 Data Leak Disclosures
by
in SecurityNewsThreat actors with ties to the Qilin ransomware family have leveraged malware known as SmokeLoader along with a previously undocumented .NET compiled loader codenamed NETXLOADER as part of a campaign observed in November 2024.”NETXLOADER is a new .NET-based loader that plays a critical role in cyber attacks,” Trend Micro researchers Jacob Santos, Raymart Yambot, John…
-
FBI: Endlife routers hacked for cybercrime proxy networks
by
in SecurityNewsThe FBI warns that threat actors are deploying malware on end-of-life (EoL) routers to convert them into proxies sold on the 5Socks and Anyproxy networks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fbi-end-of-life-routers-hacked-for-cybercrime-proxy-networks/
-
Novel malware used in West-targeted COLDRIVER intrusions
by
in SecurityNews
Tags: malwareFirst seen on scworld.com Jump to article: www.scworld.com/brief/novel-malware-used-in-west-targeted-coldriver-intrusions