malware
Fake AI editor ads on Facebook push password-stealing malware
A Facebook malvertising campaign targets users searching for AI image editing tools and steals their credentials by tricking them into installing fake apps that mimic legitimate software. The attackers exploit the popularity of AI-driven image-generation tools by creating malicious websites that closely resemble legitimate services and trick potential victims into infecting themselves with information stealer […]
Massive SMS stealer campaign infects Android devices in 113 countries
A malicious campaign targeting Android devices worldwide utilizes thousands of Telegram bots to infect devices with SMS-stealing malware and steal one-time 2FA passwords (OTPs) for over 600 services. Zimperium researchers discovered the operation and have been tracking it since February 2022. They report finding at least 107,000 distinct malware samples associated with the campaign. The cybercriminals are motivated […]
Dark Angels ransomware receives record-breaking $75 million ransom
A Fortune 50 company paid a record-breaking $75 million ransom payment to the Dark Angels ransomware gang, according to a report by Zscaler ThreatLabz. “In early 2024, ThreatLabz uncovered a victim who paid Dark Angels $75 million, higher than any publicly known amount— an achievement that’s bound to attract the interest of other attackers looking […]
Android spyware ‘Mandrake’ hidden in apps on Google Play since 2022
A new version of the Android spyware ‘Mandrake’ has been found in five applications downloaded 32,000 times from Google Play, the platform’s official app store. Bitdefender first documented Mandrake in 2020, with the researchers highlighting the malware’s sophisticated spying capabilities and noting that it has operated in the wild since at least 2016. Kaspersky now reports that […]
Google Chrome now warns about risky password-protected archives
Google Chrome now warns when downloading risky password-protected files and provides improved alerts with more information about potentially malicious downloaded files. These new, more detailed warning messages help users quickly learn the nature of the danger presented by each file downloaded from the Internet. For this, Google introduced a two-tier download warning system that uses AI-powered […]
Over 3,000 GitHub accounts used by malware distribution service
Threat actors known as ‘Stargazer Goblin’ have created a malware Distribution-as-a-Service (DaaS) from over 3,000 fake accounts on GitHub that push information-stealing malware. The malware delivery service is called Stargazers Ghost Network and it utilizes GitHub repositories along with compromised WordPress sites to distribute password-protected archives that contain malware. In most cases, the malware are infostealers, such […]
Vulnerabilities exploited faster than ever, says Cloudflare
By the time you read this article, a zero-day CVE is likely getting exploited. According to researchers with Cloudflare, a newly disclosed vulnerability comes under attack at an average of 22 minutes. The internet backbone provider said attackers are more active than ever and are able to jump onto security vulnerabilities with malware exploits at […]
Victims of cyber extortion and ransomware increase in 2024
More than 4,000 new victims of ransomware were recorded over the past 12 months. According to research by Orange Cyberdefense, there was a 77% year-on-year growth from 2023 with 4,374 new victims detected in 75% of countries monitored. In the first quarter of 2024, there were 1,046 victims hit by 43 different threat actors. Speaking […]
PHP bug executes RCEs, cryptominers and DDoS attacks
Not long after a new PHP bug was disclosed in the late spring, Akamai researchers observed numerous attempts to exploit the vulnerability, which they said indicates high exploitability and quick adoption by threat actors. Because PHP is one of the most popular server-side scripting languages used to create dynamic web pages on more than 75% […]
Internet Explorer still used as a malware vehicle by threat actors
Microsoft’s notorious Internet Explorer has been brought out of retirement by threat actors using its security holes to serve malware. The team at Check Point Research said it spotted a new attack in the wild which uses the ancient web browser as the delivery vehicle for malware infections. The process involves the use of a […]