trojan

Head Mare Group Intensifies Attacks on Russia with PhantomCore Backdoor

Hacktivism, Malware, trojan /

Head Mare Group Intensifies Attacks on Russia with PhantomCore Backdoor 2024-12-10 at 16:00 By rohansinhacyblecom Key takeaways Overview On 2nd September 2024, Kaspersky released a blog about the Head Mare group, which first emerged in 2023. Head Mare is a hacktivist group targeting organizations in Russia and Belarus with the goal of causing maximum damage […]

React to this headline:

Loading spinner

Head Mare Group Intensifies Attacks on Russia with PhantomCore Backdoor Read More »

Head Mare Group Intensifies Attacks on Russia with PhantomCore RAT

Malware, trojan /

Head Mare Group Intensifies Attacks on Russia with PhantomCore RAT 2024-12-10 at 15:03 By rohansinhacyblecom Key takeaways Overview On 2nd September 2024, Kaspersky released a blog about the Head Mare group, which first emerged in 2023. Head Mare is a hacktivist group targeting organizations in Russia and Belarus with the goal of causing maximum damage

React to this headline:

Loading spinner

Head Mare Group Intensifies Attacks on Russia with PhantomCore RAT Read More »

Notorious Ursnif Banking Trojan Uses Stealthy Memory Execution to Avoid Detection

trojan, Ursnif /

Notorious Ursnif Banking Trojan Uses Stealthy Memory Execution to Avoid Detection 2024-11-25 at 18:33 By daksh sharma Key takeaways Overview CRIL recently identified an active malicious campaign utilizing a malicious LNK file as the initial infection vector, delivered within a ZIP archive, potentially through spam emails. This LNK file is cleverly disguised as a PDF,

React to this headline:

Loading spinner

Notorious Ursnif Banking Trojan Uses Stealthy Memory Execution to Avoid Detection Read More »

Windows users targeted with fake human verification pages delivering malware

CloudSEK, Don't miss, Hot stuff, Malware, News, Palo Alto Networks, Proofpoint, trojan, Windows /

Windows users targeted with fake human verification pages delivering malware 2024-09-19 at 17:01 By Zeljka Zorz For a while now, security researchers have been warning about fake human verification pages tricking Windows users into inadvertently installing malware. A recently exposed campaign showed how some users end up on these pages. Beware of fake human verification

React to this headline:

Loading spinner

Windows users targeted with fake human verification pages delivering malware Read More »

The Intricate Babylon RAT Campaign Targets Malaysian Politicians, Government

Threat Actor, trojan /

The Intricate Babylon RAT Campaign Targets Malaysian Politicians, Government 2024-09-04 at 17:01 By Cyble Key takeaways  Overview  Cyble Research and Intelligence Lab (CRIL) has recently discovered a campaign involving malicious ISO files, targeting political figures and government officials within Malaysia. The initial infection vector for this campaign is unclear. The ISO file is crafted with

React to this headline:

Loading spinner

The Intricate Babylon RAT Campaign Targets Malaysian Politicians, Government Read More »

New SOHO router malware aims for cloud accounts, internal company resources

data collection, Don't miss, Hot stuff, Lumen, Malware, networking, News, router, SMBs, Trend Micro, trojan /

New SOHO router malware aims for cloud accounts, internal company resources 2024-05-02 at 14:46 By Zeljka Zorz Cuttlefish, a new malware family that targets enterprise-grade small office/home office (SOHO) routers, is used by criminals to steal account credentials / secrets for AWS, CloudFlare, Docker, BitBucket and other cloud-based services. “With the stolen key material, the

React to this headline:

Loading spinner

New SOHO router malware aims for cloud accounts, internal company resources Read More »

Brokewell: A New Android Banking Trojan Targeting Users In Germany

Banking Trojan, trojan /

Brokewell: A New Android Banking Trojan Targeting Users In Germany 2024-04-25 at 19:32 By neetha871ad236bd Key Takeaways Overview Mobile banking has become increasingly prevalent in recent years, offering users convenient access to financial services at their fingertips. However, with this convenience comes the risk of cyber threats targeting mobile devices, such as Android Banking Trojans.

React to this headline:

Loading spinner

Brokewell: A New Android Banking Trojan Targeting Users In Germany Read More »

The Fate of the CriminalMW Group: Endgame or a New Rebranding Journey? 

Android, Banking Trojan, trojan /

The Fate of the CriminalMW Group: Endgame or a New Rebranding Journey?  2024-02-19 at 12:46 By neetha871ad236bd CRIL analyzes the Brazilian CriminalMW Group’s activities and their rebranding tactics. The post The Fate of the CriminalMW Group: Endgame or a New Rebranding Journey?  appeared first on Cyble. This article is an excerpt from Cyble View Original

React to this headline:

Loading spinner

The Fate of the CriminalMW Group: Endgame or a New Rebranding Journey?  Read More »

iOS users beware: GoldPickaxe trojan steals your facial data

China, cybercrime, cybercriminals, cybersecurity, Don't miss, Group-IB, iOS, iPhone, Malware, News, smartphones, trojan /

iOS users beware: GoldPickaxe trojan steals your facial data 2024-02-15 at 12:16 By Help Net Security Group-IB uncovered a new iOS trojan designed to steal users’ facial recognition data, identity documents, and intercept SMS. The trojan, dubbed GoldPickaxe.iOS by Group-IB’s Threat Intelligence unit, has been attributed to a Chinese-speaking threat actor codenamed GoldFactory, responsible for

React to this headline:

Loading spinner

iOS users beware: GoldPickaxe trojan steals your facial data Read More »

Greenbean: Latest Android Banking Trojan Leveraging Simple RealTime Server (SRS) for C&C Communication

Android, Banking Trojan, Malware, trojan /

Greenbean: Latest Android Banking Trojan Leveraging Simple RealTime Server (SRS) for C&C Communication 2024-02-01 at 08:17 By neetha871ad236bd Cyble analyzes GreenBean, a new Android Banking Trojan leveraging Simple RealTime Server (SRS) for C&C Communication The post Greenbean: Latest Android Banking Trojan Leveraging Simple RealTime Server (SRS) for C&C Communication appeared first on Cyble. The post

React to this headline:

Loading spinner

Greenbean: Latest Android Banking Trojan Leveraging Simple RealTime Server (SRS) for C&C Communication Read More »

Uncovering The New Java-Based SAW RAT’s Infiltration Strategy via LNK files

Java, Java Runtime Environment, Remote Access Trojan, Saw RAT, trojan /

Uncovering The New Java-Based SAW RAT’s Infiltration Strategy via LNK files 29/11/2023 at 15:02 By cybleinc CRIL analyzes a new Java-based RAT – SAW that infiltrates users’ systems via LNK files. The post Uncovering The New Java-Based SAW RAT’s Infiltration Strategy via LNK files appeared first on Cyble. This article is an excerpt from Cyble

React to this headline:

Loading spinner

Uncovering The New Java-Based SAW RAT’s Infiltration Strategy via LNK files Read More »

New Persian Remote World Selling  a Suite of Malicious Tools

All, infostealer, Keylogger, Malware, Persian Loader, Persian RAT, Persian Remote, Persian X Loader, trojan /

New Persian Remote World Selling  a Suite of Malicious Tools 23/11/2023 at 11:46 By cybleinc CRIL analyzes a new website – Persian Remote World – selling malicious software, including RATs and Malware loaders, for monetary gain. The post New Persian Remote World Selling  a Suite of Malicious Tools appeared first on Cyble. This article is

React to this headline:

Loading spinner

New Persian Remote World Selling  a Suite of Malicious Tools Read More »

Emerging Threat: Understanding the PySilon Discord RAT’s Versatile Features

GitHub, Malware, phishing, PySilon RAT, telecommunications, Threat Actors, trojan /

Emerging Threat: Understanding the PySilon Discord RAT’s Versatile Features 18/09/2023 at 18:09 By cybleinc Cyble Research and Intelligence Labs analyzes the Emerging PySilon Discord RAT and Explores its Versatile functionalities. The post Emerging Threat: Understanding the PySilon Discord RAT’s Versatile Features appeared first on Cyble. This article is an excerpt from Cyble View Original Source

React to this headline:

Loading spinner

Emerging Threat: Understanding the PySilon Discord RAT’s Versatile Features Read More »

The rise and evolution of supply chain attacks

backdoor, Broadcom, cybersecurity, Don't miss, Hot stuff, Malware, software, supply chain attacks, Symantec, trojan, Video /

The rise and evolution of supply chain attacks 13/09/2023 at 07:03 By Help Net Security A supply chain attack is a cyberattack that focuses on a third-party supplier providing essential services or software to the supply chain. In this Help Net Security video, Dick O’Brien, Principal Intelligence Analyst in the Symantec Threat Hunter team, discusses

React to this headline:

Loading spinner

The rise and evolution of supply chain attacks Read More »

Lazarus Group exploited ManageEngine vulnerability to target critical infrastructure

Cisco, critical infrastructure, Don't miss, Europe, healthcare, Hot stuff, Malware, ManageEngine, News, North Korea, trojan, USA, vulnerability /

Lazarus Group exploited ManageEngine vulnerability to target critical infrastructure 25/08/2023 at 15:36 By Helga Labus North Korean state-sponsored hackers Lazarus Group have been exploiting a ManageEngine ServiceDesk vulnerability (CVE-2022-47966) to target internet backbone infrastructure and healthcare institutions in Europe and the US. The group leveraged the vulnerability to deploy QuiteRAT, downloaded from an IP address

React to this headline:

Loading spinner

Lazarus Group exploited ManageEngine vulnerability to target critical infrastructure Read More »

STRRAT’s Latest Version Incorporates Dual Obfuscation Layers

Dual Obfuscation, Remote Access Trojan, STRRAT, STRRAT 1.6, trojan /

STRRAT’s Latest Version Incorporates Dual Obfuscation Layers 09/08/2023 at 22:02 By rohansinhacyblecom   Key Takeaways   • The blog highlights a new infection technique for distributing STRRAT version 1.6. It involves a spam email with a PDF attachment that, when opened, downloads a zip file containing the malicious JavaScript, which drops STRRAT. • STRRAT version

React to this headline:

Loading spinner

STRRAT’s Latest Version Incorporates Dual Obfuscation Layers Read More »

Threat Actor Targeting Developers via Trojanized MS Visual Studio

Info stealer, Malware, Microsoft, Telegram, trojan, Visual Studio /

Threat Actor Targeting Developers via Trojanized MS Visual Studio 25/07/2023 at 18:06 By cybleinc CRIL examines a Trojanized Visual Studio installer that deploys a Cookie Stealer and utilizes Telegram for data exfiltration. The post Threat Actor Targeting Developers via Trojanized MS Visual Studio appeared first on Cyble. This article is an excerpt from Cyble View

React to this headline:

Loading spinner

Threat Actor Targeting Developers via Trojanized MS Visual Studio Read More »

Trojanized Application Preying on TeamViewer Users

Malware, Microsoft, njRAT, Remote Access Trojan, TeamViewer, trojan, Windows /

Trojanized Application Preying on TeamViewer Users 13/07/2023 at 14:32 By cybleinc Cyble Research & Intelligence Labs analyzes a trojanized version of the TeamViewer application and how it distributes njRAT. The post Trojanized Application Preying on TeamViewer Users appeared first on Cyble. This article is an excerpt from Cyble View Original Source React to this headline:

React to this headline:

Loading spinner

Trojanized Application Preying on TeamViewer Users Read More »

Trojanized Super Mario Game Installer Spreads SupremeBot Malware

Armory, AtomicWallet, Bitcoin, Brave, Bytecoin, Chrome, Chromium, Coinomi, Comodo, crypto mining, Cryptocurrency, Cryptominer, cybercrime, Discord, Edge, Electrum, Enlisted, EpicPrivacy, Ethereum, Gamers, Gaming, GitHub, Guarda, GUI, HTTP Service, Iridium, Jaxx, Malware, Mario movie, Monero, NSIS Installer, Opera, Slimjet, Super Mario Bros, Super Mario Forever, super-mario-forever-v702e, SupremeBot, Threat Intelligence, trojan, Umbral Stealer, Ur, Vivaldi, Windows, XMR, XMR Miner, Yandex, Zcash /

Trojanized Super Mario Game Installer Spreads SupremeBot Malware 23/06/2023 at 15:24 By cybleinc Cyble analyzes SupremeBot, a crypto-mining client leveraging a trojanized Super Mario game installer to spread Umbral stealer malware. The post Trojanized Super Mario Game Installer Spreads SupremeBot Malware appeared first on Cyble. This article is an excerpt from Cyble View Original Source

React to this headline:

Loading spinner

Trojanized Super Mario Game Installer Spreads SupremeBot Malware Read More »

Qakbot: The trojan that just won’t go away

Don't miss, Hot stuff, Lumen, Malware, Microsoft, News, phishing, Ransomware, trojan, Windows /

Qakbot: The trojan that just won’t go away 02/06/2023 at 11:33 By Helga Labus Qakbot (aka Qbot) – banking malware-turned-malware/ransomware distribution network – has been first observed in 2007 and is active to this day. The neverending adaptability of this threat is key to its long-term survival and success. “Qakbot operators tend to reduce or

React to this headline:

Loading spinner

Qakbot: The trojan that just won’t go away Read More »

Scroll to Top