Search Results for: malware
CISA warns of Windows flaw used in infostealer malware attacks
CISA has ordered U.S. federal agencies to secure their systems against a recently patched Windows MSHTML spoofing zero-day bug exploited by the Void Banshee APT hacking group. The vulnerability (CVE-2024-43461) was disclosed during this month’s Patch Tuesday, and Microsoft initially classified it as not exploited in attacks. However, Microsoft updated the advisory on Friday to confirm that it […]
Malware locks browser in kiosk mode to steal Google credentials
A malware campaign uses the unusual method of locking users in their browser’s kiosk mode to annoy them into entering their Google credentials, which are then stolen by information-stealing malware. Specifically, the malware “locks” the user’s browser on Google’s login page with no obvious way to close the window, as the malware also blocks the “ESC” and […]
New Linux malware Hadooken targets Oracle WebLogic servers
Hackers are targeting Oracle WebLogic servers to infect them with a new Linux malware named “Hadooken,” which launches a cryptominer and a tool for distributed denial-of-service (DDoS) attacks. The access obtained may also be used to execute ransomware attacks on Windows systems. Researchers at container security solution company Aqua Security observed such an attack on a […]
New Vo1d malware infects 1.3 million Android streaming boxes
Threat actors have infected over 1.3 million TV streaming boxes running Android with a new Vo1d backdoor malware, allowing the attackers to take full control of the devices. The Android Open Source Project (AOSP) is an open source operating system led by Google that can be used on mobile, streaming, and IoT devices. In a new […]
Chinese hackers use new data theft malware in govt attacks
New attacks attributed to China-based cyber espionage group Mustang Panda show that the threat actor switched to new strategies and malware called FDMTP and PTSOCKET to download payloads and steal information from breached networks. Researchers found that the hackers are using a variant of the HIUPAN worm to deliver the PUBLOAD malware stager through removable […]
SpyAgent Android malware steals your crypto recovery phrases from images
A new Android malware named SpyAgent uses optical character recognition (OCR) technology to steal cryptocurrency wallet recovery phrases from screenshots stored on the mobile device. A cryptocurrency recovery phrase, or seed phrase, is a series of 12-24 words that acts as a backup key for a cryptocurrency wallet. These phrases are used to restore access […]
GitHub comments abused to spread Lumma Stealer malware as fake fixes
GitHub is being abused to distribute the Lumma Stealer information-stealing malware as fake fixes posted in project comments. The campaign was first reported by a contributor to the teloxide rust library, who noted on Reddit that they received five different comments in their GitHub issues that pretended to be fixes but were instead pushing malware. Further review by GeekFeed […]
New Voldemort malware abuses Google Sheets to store stolen data
A new malware campaign is spreading a previously undocumented backdoor named “Voldemort” to organizations worldwide, impersonating tax agencies from the U.S., Europe, and Asia. As per a Proofpoint report, the campaign started on August 5, 2024, and has disseminated over 20,000 emails to over 70 targeted organizations, reaching 6,000 in a single day at the […]
Malware exploits 5-year-old zero-day to infect end-of-life IP cameras
The Corona Mirai-based malware botnet is spreading through a 5-year-old remote code execution (RCE) zero-day in AVTECH IP cameras, which have been discontinued for years and will not receive a patch. The flaw, discovered by Akamai’s Aline Eliovich, is tracked as CVE-2024-7029 and is a high-severity (CVSS v4 score: 8.7) issue in the “brightness” function […]
Malware infiltrates Pidgin messenger’s official plugin repository
The Pidgin messaging app removed the ScreenShareOTR plugin from its official third-party plugin list after it was discovered that it was used to install keyloggers, information stealers, and malware commonly used to gain initial access to corporate networks. The plugin was promoted as a screen-sharing tool for secure Off-The-Record (OTR) protocol and was available for […]