Geek Feed

New Vo1d malware infects 1.3 million Android streaming boxes

September 13, 2024September 13, 2024 geekfeed0Tagged android, Android TV, Android TV Box, Backdoor, google, malware, Vo1d, Vo1d malware

Threat actors have infected over 1.3 million TV streaming boxes running Android with a new Vo1d backdoor malware, allowing the attackers to take full control of the devices. The Android Open Source Project (AOSP) is an open source operating system led by Google that can be used on mobile, streaming, and IoT devices. In a new […]

4 mins read

Chinese hackers use new data theft malware in govt attacks

September 10, 2024September 10, 2024 geekfeed0Tagged china, China Government, malware, Mustang Panda, Spear Phishing, USB Drive, Worm

New attacks attributed to China-based cyber espionage group Mustang Panda show that the threat actor switched to new strategies and malware called FDMTP and PTSOCKET to download payloads and steal information from breached networks. Researchers found that the hackers are using a variant of the HIUPAN worm to deliver the PUBLOAD malware stager through removable […]

3 mins read

SpyAgent Android malware steals your crypto recovery phrases from images

September 7, 2024September 7, 2024 geekfeed0Tagged android, Android malware, crypto, Image, malware, OCR, Optical Character Recognition, recovery phrases, SpyAgent

A new Android malware named SpyAgent uses optical character recognition (OCR) technology to steal cryptocurrency wallet recovery phrases from screenshots stored on the mobile device. A cryptocurrency recovery phrase, or seed phrase, is a series of 12-24 words that acts as a backup key for a cryptocurrency wallet. These phrases are used to restore access […]

3 mins read

Hacker trap: Fake OnlyFans tool backstabs cybercriminals, steals passwords

September 6, 2024September 6, 2024 geekfeed0Tagged Account, Credentials Checker, cybercrime, hacker, OnlyFans, OnlyFans tool, Passwords

Hackers are targeting other hackers with a fake OnlyFans tool that claims to help steal accounts but instead infects threat actors with the Lumma stealer information-stealing malware. The operation, discovered by Veriti Research, constitutes a characteristic example of the blurred lines between being a predator or prey in the world of cybercrime, where ironic twists and […]

3 mins read

GitHub comments abused to spread Lumma Stealer malware as fake fixes

August 31, 2024August 31, 2024 geekfeed0Tagged credentials, CryptoCurrency, GitHub, Information-stealing malware, Lumma, malware

GitHub is being abused to distribute the Lumma Stealer information-stealing malware as fake fixes posted in project comments. The campaign was first reported by a contributor to the teloxide rust library, who noted on Reddit that they received five different comments in their GitHub issues that pretended to be fixes but were instead pushing malware. Further review by GeekFeed […]

2 mins read

North Korean hackers exploit Chrome zero-day to deploy rootkit

August 30, 2024August 30, 2024 geekfeed0Tagged Citrine Sleet, exploit, google chrome, North Korea, North Korean hackers, Rootkit, Zero-Day

North Korean hackers have exploited a recently patched Google Chrome zero-day (CVE-2024-7971) to deploy the FudModule rootkit after gaining SYSTEM privileges using a Windows Kernel exploit. “We assess with high confidence that the observed exploitation of CVE-2024-7971 can be attributed to a North Korean threat actor targeting the cryptocurrency sector for financial gain,” Microsoft said on Friday, […]

3 mins read

Microsoft Sway abused in massive QR code phishing campaign

August 28, 2024August 28, 2024 geekfeed0Tagged microsoft, Microsoft 365, Microsoft Sway, phishing, QR Code

A massive QR code phishing campaign abused Microsoft Sway, a cloud-based tool for creating online presentations, to host landing pages to trick Microsoft 365 users into handing over their credentials. The attacks were spotted by Netskope Threat Labs in July 2024 after detecting a dramatic 2,000-fold increase in attacks exploiting Microsoft Sway to host phishing […]

2 mins read

Happy 33rd Birthday, Linux!

August 26, 2024August 26, 2024 geekfeed0Tagged birthday, happy birthday, linux, Linux birthday

Today is August 25th, which means that Linux turns 33 years old. Grab a glass of your favorite beverage and join me in celebrating the 33rd birthday of Linux! On August 25th, 1991, the 21-year-old Finnish student Linus Benedict Torvalds made his now-famous announcement on the comp.os.minix newsgroup that he’s working on a free operating system for 386(486) […]

2 mins read

Qilin ransomware now steals credentials from Chrome browsers

August 25, 2024August 25, 2024 geekfeed0Tagged Browser, Credential Theft, google chrome, Information Stealer, Qilin, ransomware

The Qilin ransomware group has been using a new tactic and deploys a custom stealer to steal account credentials stored in Google Chrome browser. The credential-harvesting techniques has been observed by the Sophos X-Ops team during incident response engagements and marks an alarming change on the ransomware scene. Attack overview The attack that Sophos researchers analyzed […]

3 mins read

New NGate Android malware uses NFC chip to steal credit card data

August 25, 2024August 25, 2024 geekfeed0Tagged android, ATM, Financial Theft, NFC, NGate, phishing

A new Android malware named NGate can steal money from payment cards by relaying to an attacker’s device the data read by the near-field communication (NFC) chip. Specifically, NGate enables attackers to emulate victims’ cards and make unauthorized payments or withdrawal cash from ATMs.. The campaign has been active since November 2023 and is linked to a recent report […]

5 mins read