malware
Have I Been Pwned adds 284M accounts stolen by infostealer malware
The Have I Been Pwned data breach notification service has added over 284 million accounts stolen by information stealer malware and found on a Telegram channel. HIBP founder Troy Hunt says he found 284,132,969 compromised accounts while analyzing 1.5TB of stealer logs likely collected from numerous sources and shared on a Telegram channel known as “ALIEN TXTBASE.” “They […]
GitVenom attacks abuse hundreds of GitHub repos to steal crypto
A malware campaign dubbed GitVenom uses hundreds of GitHub repositories to trick users into downloading info-stealers, remote access trojans (RATs), and clipboard hijackers to steal crypto and credentials. According to Kaspersky, GitVenom has been active for at least two years, targeting users globally but with an elevated focus on Russia, Brazil, and Turkey. “Over the […]
New Auto-Color Linux backdoor targets North American govts, universities
A previously undocumented Linux backdoor dubbed ‘Auto-Color’ was observed in attacks between November and December 2024, targeting universities and government organizations in North America and Asia. According to Palo Alto Networks’ Unit 42 researchers who discovered the malware, it is highly evasive and difficult to remove from infected systems, capable of maintaining access for extended periods. The […]
SpyLend Android malware downloaded 100,000 times from Google Play
An Android malware app called SpyLend has been downloaded over 100,000 times from Google Play, where it masqueraded as a financial tool but became a predatory loan app for those in India. The app falls under a group of malicious Android applications called “SpyLoan,” which pretend to be legitimate financial tools or loan services but […]
Chinese hackers use custom malware to spy on US telecom networks
The Chinese state-sponsored Salt Typhoon hacking group uses a custom utility called JumbledPath to stealthily monitor network traffic and potentially capture sensitive data in cyberattacks on U.S. telecommunication providers. Salt Typhoon (aka Earth Estries, GhostEmperor, and UNC2286) is a sophisticated hacking group active since at least 2019, primarily focusing on breaching government entities and telecommunications companies. […]
New FrigidStealer infostealer infects Macs via fake browser updates
The FakeUpdate malware campaigns are increasingly becoming muddled, with two additional cybercrime groups tracked as TA2726 and TA2727, running campaigns that push a new macOS infostealer malware called FrigidStealer. The new malware is delivered to Mac users, but the same campaign also uses Windows and Android payloads to cover a broad range of targets. The […]
Cracked Garry’s Mod, BeamNG.drive games infect gamers with miners
A large-scale malware campaign dubbed “StaryDobry” has been targeting gamers worldwide with trojanized versions of cracked games such as Garry’s Mod, BeamNG.drive, and Dyson Sphere Program. These titles are top-rated games with hundreds of thousands of ‘overwhelmingly positive’ reviews on Steam, making them good targets for malicious activity. It’s worth noting that a laced Beamng […]
Microsoft spots XCSSET macOS malware variant used for crypto theft
A new variant of the XCSSET macOS modular malware has emerged in attacks that target users’ sensitive information, including digital wallets and data from the legitimate Notes app. The malware is typically distributed through infected Xcode projects. It has been around for at least five years and each update represents a milestone in XCSSET’s development. The current […]
New FinalDraft malware abuses Outlook mail service for stealthy comms
A new malware called FinalDraft has been using Outlook email drafts for command-and-control communication in attacks against a ministry in a South American country. The attacks were discovered by Elastic Security Labs and rely on a complete toolset that includes a custom malware loader named PathLoader, the FinalDraft backdoor, and multiple post-exploitation utilities. The abuse of Outlook, […]
Malicious PirateFi game infects Steam users with Vidar malware
A free-to-play game named PirateFi in the Steam store has been distributing the Vidar infostealing malware to unsuspecting users. The title was present in the Steam catalog for almost a week, between February 6th and February 12th, and was downloaded by up to 1,500 users. The distribution service is sending notices to potentially impacted users, […]