trojan

Windows users targeted with fake human verification pages delivering malware

Windows users targeted with fake human verification pages delivering malware 2024-09-19 at 17:01 By Zeljka Zorz For a while now, security researchers have been warning about fake human verification pages tricking Windows users into inadvertently installing malware. A recently exposed campaign showed how some users end up on these pages. Beware of fake human verification […]

React to this headline:

Loading spinner

Windows users targeted with fake human verification pages delivering malware Read More »

The Intricate Babylon RAT Campaign Targets Malaysian Politicians, Government

The Intricate Babylon RAT Campaign Targets Malaysian Politicians, Government 2024-09-04 at 17:01 By Cyble Key takeaways  Overview  Cyble Research and Intelligence Lab (CRIL) has recently discovered a campaign involving malicious ISO files, targeting political figures and government officials within Malaysia. The initial infection vector for this campaign is unclear. The ISO file is crafted with

React to this headline:

Loading spinner

The Intricate Babylon RAT Campaign Targets Malaysian Politicians, Government Read More »

New SOHO router malware aims for cloud accounts, internal company resources

New SOHO router malware aims for cloud accounts, internal company resources 2024-05-02 at 14:46 By Zeljka Zorz Cuttlefish, a new malware family that targets enterprise-grade small office/home office (SOHO) routers, is used by criminals to steal account credentials / secrets for AWS, CloudFlare, Docker, BitBucket and other cloud-based services. “With the stolen key material, the

React to this headline:

Loading spinner

New SOHO router malware aims for cloud accounts, internal company resources Read More »

Brokewell: A New Android Banking Trojan Targeting Users In Germany

Brokewell: A New Android Banking Trojan Targeting Users In Germany 2024-04-25 at 19:32 By neetha871ad236bd Key Takeaways Overview Mobile banking has become increasingly prevalent in recent years, offering users convenient access to financial services at their fingertips. However, with this convenience comes the risk of cyber threats targeting mobile devices, such as Android Banking Trojans.

React to this headline:

Loading spinner

Brokewell: A New Android Banking Trojan Targeting Users In Germany Read More »

The Fate of the CriminalMW Group: Endgame or a New Rebranding Journey? 

The Fate of the CriminalMW Group: Endgame or a New Rebranding Journey?  2024-02-19 at 12:46 By neetha871ad236bd CRIL analyzes the Brazilian CriminalMW Group’s activities and their rebranding tactics. The post The Fate of the CriminalMW Group: Endgame or a New Rebranding Journey?  appeared first on Cyble. This article is an excerpt from Cyble View Original

React to this headline:

Loading spinner

The Fate of the CriminalMW Group: Endgame or a New Rebranding Journey?  Read More »

iOS users beware: GoldPickaxe trojan steals your facial data

iOS users beware: GoldPickaxe trojan steals your facial data 2024-02-15 at 12:16 By Help Net Security Group-IB uncovered a new iOS trojan designed to steal users’ facial recognition data, identity documents, and intercept SMS. The trojan, dubbed GoldPickaxe.iOS by Group-IB’s Threat Intelligence unit, has been attributed to a Chinese-speaking threat actor codenamed GoldFactory, responsible for

React to this headline:

Loading spinner

iOS users beware: GoldPickaxe trojan steals your facial data Read More »

Greenbean: Latest Android Banking Trojan Leveraging Simple RealTime Server (SRS) for C&C Communication

Greenbean: Latest Android Banking Trojan Leveraging Simple RealTime Server (SRS) for C&C Communication 2024-02-01 at 08:17 By neetha871ad236bd Cyble analyzes GreenBean, a new Android Banking Trojan leveraging Simple RealTime Server (SRS) for C&C Communication The post Greenbean: Latest Android Banking Trojan Leveraging Simple RealTime Server (SRS) for C&C Communication appeared first on Cyble. The post

React to this headline:

Loading spinner

Greenbean: Latest Android Banking Trojan Leveraging Simple RealTime Server (SRS) for C&C Communication Read More »

Uncovering The New Java-Based SAW RAT’s Infiltration Strategy via LNK files

Uncovering The New Java-Based SAW RAT’s Infiltration Strategy via LNK files 29/11/2023 at 15:02 By cybleinc CRIL analyzes a new Java-based RAT – SAW that infiltrates users’ systems via LNK files. The post Uncovering The New Java-Based SAW RAT’s Infiltration Strategy via LNK files appeared first on Cyble. This article is an excerpt from Cyble

React to this headline:

Loading spinner

Uncovering The New Java-Based SAW RAT’s Infiltration Strategy via LNK files Read More »

New Persian Remote World Selling  a Suite of Malicious Tools

New Persian Remote World Selling  a Suite of Malicious Tools 23/11/2023 at 11:46 By cybleinc CRIL analyzes a new website – Persian Remote World – selling malicious software, including RATs and Malware loaders, for monetary gain. The post New Persian Remote World Selling  a Suite of Malicious Tools appeared first on Cyble. This article is

React to this headline:

Loading spinner

New Persian Remote World Selling  a Suite of Malicious Tools Read More »

Emerging Threat: Understanding the PySilon Discord RAT’s Versatile Features

Emerging Threat: Understanding the PySilon Discord RAT’s Versatile Features 18/09/2023 at 18:09 By cybleinc Cyble Research and Intelligence Labs analyzes the Emerging PySilon Discord RAT and Explores its Versatile functionalities. The post Emerging Threat: Understanding the PySilon Discord RAT’s Versatile Features appeared first on Cyble. This article is an excerpt from Cyble View Original Source

React to this headline:

Loading spinner

Emerging Threat: Understanding the PySilon Discord RAT’s Versatile Features Read More »

The rise and evolution of supply chain attacks

The rise and evolution of supply chain attacks 13/09/2023 at 07:03 By Help Net Security A supply chain attack is a cyberattack that focuses on a third-party supplier providing essential services or software to the supply chain. In this Help Net Security video, Dick O’Brien, Principal Intelligence Analyst in the Symantec Threat Hunter team, discusses

React to this headline:

Loading spinner

The rise and evolution of supply chain attacks Read More »

Lazarus Group exploited ManageEngine vulnerability to target critical infrastructure

Lazarus Group exploited ManageEngine vulnerability to target critical infrastructure 25/08/2023 at 15:36 By Helga Labus North Korean state-sponsored hackers Lazarus Group have been exploiting a ManageEngine ServiceDesk vulnerability (CVE-2022-47966) to target internet backbone infrastructure and healthcare institutions in Europe and the US. The group leveraged the vulnerability to deploy QuiteRAT, downloaded from an IP address

React to this headline:

Loading spinner

Lazarus Group exploited ManageEngine vulnerability to target critical infrastructure Read More »

STRRAT’s Latest Version Incorporates Dual Obfuscation Layers

STRRAT’s Latest Version Incorporates Dual Obfuscation Layers 09/08/2023 at 22:02 By rohansinhacyblecom   Key Takeaways   • The blog highlights a new infection technique for distributing STRRAT version 1.6. It involves a spam email with a PDF attachment that, when opened, downloads a zip file containing the malicious JavaScript, which drops STRRAT. • STRRAT version

React to this headline:

Loading spinner

STRRAT’s Latest Version Incorporates Dual Obfuscation Layers Read More »

Threat Actor Targeting Developers via Trojanized MS Visual Studio

Threat Actor Targeting Developers via Trojanized MS Visual Studio 25/07/2023 at 18:06 By cybleinc CRIL examines a Trojanized Visual Studio installer that deploys a Cookie Stealer and utilizes Telegram for data exfiltration. The post Threat Actor Targeting Developers via Trojanized MS Visual Studio appeared first on Cyble. This article is an excerpt from Cyble View

React to this headline:

Loading spinner

Threat Actor Targeting Developers via Trojanized MS Visual Studio Read More »

Trojanized Application Preying on TeamViewer Users

Trojanized Application Preying on TeamViewer Users 13/07/2023 at 14:32 By cybleinc Cyble Research & Intelligence Labs analyzes a trojanized version of the TeamViewer application and how it distributes njRAT. The post Trojanized Application Preying on TeamViewer Users appeared first on Cyble. This article is an excerpt from Cyble View Original Source React to this headline:

React to this headline:

Loading spinner

Trojanized Application Preying on TeamViewer Users Read More »

Trojanized Super Mario Game Installer Spreads SupremeBot Malware

Trojanized Super Mario Game Installer Spreads SupremeBot Malware 23/06/2023 at 15:24 By cybleinc Cyble analyzes SupremeBot, a crypto-mining client leveraging a trojanized Super Mario game installer to spread Umbral stealer malware. The post Trojanized Super Mario Game Installer Spreads SupremeBot Malware appeared first on Cyble. This article is an excerpt from Cyble View Original Source

React to this headline:

Loading spinner

Trojanized Super Mario Game Installer Spreads SupremeBot Malware Read More »

Qakbot: The trojan that just won’t go away

Qakbot: The trojan that just won’t go away 02/06/2023 at 11:33 By Helga Labus Qakbot (aka Qbot) – banking malware-turned-malware/ransomware distribution network – has been first observed in 2007 and is active to this day. The neverending adaptability of this threat is key to its long-term survival and success. “Qakbot operators tend to reduce or

React to this headline:

Loading spinner

Qakbot: The trojan that just won’t go away Read More »

Legitimate Android app transforms into data-snooping malware

Legitimate Android app transforms into data-snooping malware 24/05/2023 at 11:16 By Help Net Security ESET researchers have discovered a trojanized Android app named iRecorder – Screen Recorder. It was available on Google Play as a legitimate app in September 2021, with malicious functionality most likely added in August 2022. During its existence, the app was

React to this headline:

Loading spinner

Legitimate Android app transforms into data-snooping malware Read More »

Scroll to Top