malware
Malware force-installs Chrome extensions on 300,000 browsers, patches DLLs
An ongoing and widespread malware campaign force-installed malicious Google Chrome and Microsoft Edge browser extensions in over 300,000 browsers, modifying the browser’s executables to hijack homepages and steal browsing history. The installer and extensions, which are usually undetected by antivirus tools, are designed to steal data and execute commands on infected devices. The campaign was discovered by […]
New AMD SinkClose flaw helps install nearly undetectable malware
AMD is warning about a high-severity CPU vulnerability named SinkClose that impacts multiple generations of its EPYC, Ryzen, and Threadripper processors. The vulnerability allows attackers with Kernel-level (Ring 0) privileges to gain Ring -2 privileges and install malware that becomes nearly undetectable. Ring -2 is one of the highest privilege levels on a computer, running […]
New CMoon USB worm targets Russians in data theft attacks
A new self-spreading worm named ‘CMoon,’ capable of stealing account credentials and other data, has been distributed in Russia since early July 2024 via a compromised gas supply company website. According to Kaspersky researchers who discovered the campaign, CMoon can perform a broad range of functions, including loading additional payloads, snapping screenshots, and launching distributed denial of […]
New LianSpy malware hides by blocking Android security feature
A previously undocumented Android malware named ‘LightSpy’ has been discovered targeting Russian users, posing on phones as an Alipay app or a system service to evade detection. Analysis shows that LianSpy has been actively targeting Android users since July 2021, but its extensive stealth capabilities helped it remain undetected for over three years. Kaspersky researchers […]
Ransomware gang targets IT workers with new SharpRhino malware
The Hunters International ransomware group is targeting IT workers with a new C# remote access trojan (RAT) called SharpRhino to breach corporate networks. The malware helps Hunters International achieve initial infection, elevate their privileges on compromised systems, execute PowerShell commands, and eventually deploy the ransomware payload. Quorum Cyber researchers who discovered the new malware report that it […]
North Korean hackers exploit VPN update flaw to install malware
South Korea’s National Cyber Security Center (NCSC) warns that state-backed DPRK hackers hijacked flaws in a VPN’s software update to deploy malware and breach networks. The advisory connects this activity with a nationwide industrial factories modernization project Kim Jong-un, the North Korean president, announced in January 2023, believing the hackers are looking to steal trade […]
Hackers breach ISP to poison software updates with malware
A Chinese hacking group tracked as StormBamboo has compromised an undisclosed internet service provider (ISP) to poison automatic software updates with malware. Also tracked as Evasive Panda, Daggerfly, and StormCloud, this cyber-espionage group has been active since at least 2012, targeting organizations across mainland China, Hong Kong, Macao, Nigeria, and various Southeast and East Asian countries. On […]
Fake AI editor ads on Facebook push password-stealing malware
A Facebook malvertising campaign targets users searching for AI image editing tools and steals their credentials by tricking them into installing fake apps that mimic legitimate software. The attackers exploit the popularity of AI-driven image-generation tools by creating malicious websites that closely resemble legitimate services and trick potential victims into infecting themselves with information stealer […]
Massive SMS stealer campaign infects Android devices in 113 countries
A malicious campaign targeting Android devices worldwide utilizes thousands of Telegram bots to infect devices with SMS-stealing malware and steal one-time 2FA passwords (OTPs) for over 600 services. Zimperium researchers discovered the operation and have been tracking it since February 2022. They report finding at least 107,000 distinct malware samples associated with the campaign. The cybercriminals are motivated […]
Dark Angels ransomware receives record-breaking $75 million ransom
A Fortune 50 company paid a record-breaking $75 million ransom payment to the Dark Angels ransomware gang, according to a report by Zscaler ThreatLabz. “In early 2024, ThreatLabz uncovered a victim who paid Dark Angels $75 million, higher than any publicly known amount— an achievement that’s bound to attract the interest of other attackers looking […]