Latest Backdoor news

Stealthy GTPDOOR Linux malware targets mobile operator networks

Security researcher HaxRob discovered a previously unknown Linux backdoor named GTPDOOR, designed for covert operations within mobile carrier networks.
- Bill Toulas
- March 03, 2024
- 10:16 AM
- 2
Hackers exploit Ivanti SSRF flaw to deploy new DSLog backdoor

Hackers are exploiting a server-side request forgery (SSRF) vulnerability in Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy the new DSLog backdoor on vulnerable devices.
- Bill Toulas
- February 12, 2024
- 11:20 AM
- 0
New RustDoor macOS malware impersonates Visual Studio update

A new Rust-based macOS malware spreading as a Visual Studio update to provide backdoor access to compromised systems uses infrastructure linked to the infamous ALPHV/BlackCat ransomware gang.
- Bill Toulas
- February 09, 2024
- 10:53 AM
- 1
More Android apps riddled with malware spotted on Google Play

An Android remote access trojan (RAT) known as VajraSpy was found in 12 malicious applications, six of which were available on Google Play from April 1, 2021, through September 10, 2023.
- Bill Toulas
- February 01, 2024
- 01:19 PM
- 1
Blackwood hackers hijack WPS Office update to install malware

A previously unknown advanced threat actor tracked as 'Blackwood' is using sophisticated malware called NSPX30 in cyberespionage attacks against companies and individuals.
- Bill Toulas
- January 25, 2024
- 03:30 PM
- 0
Microsoft: Iranian hackers target researchers with new MediaPl malware

Microsoft says that a group of Iranian-backed state hackers are targeting high-profile employees of research organizations and universities across Europe and the United States in spearphishing attacks pushing new backdoor malware.
- Sergiu Gatlan
- January 17, 2024
- 03:39 PM
- 0
Russian military hackers target Ukraine with new MASEPIE malware

Ukraine's Computer Emergency Response Team (CERT) is warning of a new phishing campaign that allowed Russia-linked hackers to deploy previously unseen malware on a network in under one hour.
- Bill Toulas
- December 28, 2023
- 12:43 PM
- 0
Microsoft: Hackers target defense firms with new FalseFont malware

Microsoft says the APT33 Iranian cyber-espionage group is using recently discovered FalseFont backdoor malware to attack defense contractors worldwide.
- Sergiu Gatlan
- December 21, 2023
- 03:28 PM
- 0
Hackers use new Agent Raccoon malware to backdoor US targets

A novel malware named 'Agent Raccoon' (or Agent Racoon) is being used in cyberattacks against organizations in the United States, the Middle East, and Africa.
- Bill Toulas
- December 01, 2023
- 02:15 PM
- 0
New Rust-based SysJoker backdoor linked to Hamas hackers

A new version of the multi-platform malware known as 'SysJoker' has been spotted, featuring a complete code rewrite in the Rust programming language.
- Bill Toulas
- November 26, 2023
- 10:09 AM
- 0
BlueNoroff hackers backdoor Macs with new ObjCShellz malware

The North Korean-backed BlueNoroff threat group targets Apple customers with new macOS malware tracked as ObjCShellz that can open remote shells on compromised devices.
- Sergiu Gatlan
- November 07, 2023
- 03:26 PM
- 0
Lazarus hackers breached dev repeatedly to deploy SIGNBT malware

The North Korean Lazarus hacking group repeatedly compromised a software vendor using flaws in vulnerable software despite multiple patches and warnings being made available by the developer.
- Bill Toulas
- October 27, 2023
- 12:15 PM
- 0
Hackers backdoor Russian state, industrial orgs for data theft

Several state and key industrial organizations in Russia were attacked with a custom Go-based backdoor that performs data theft, likely aiding espionage operations.
- Bill Toulas
- October 24, 2023
- 03:48 PM
- 0
Hackers update Cisco IOS XE backdoor to hide infected devices

The number of Cisco IOS XE devices detected with a malicious backdoor implant has plummeted from over 50,000 impacted devices to only a few hundred after the attackers updated the backdoor to hide infected systems from scans.
- Lawrence Abrams
- October 22, 2023
- 01:37 PM
- 2
Russian Sandworm hackers breached 11 Ukrainian telcos since May

The state-sponsored Russian hacking group tracked as 'Sandworm' has compromised eleven telecommunication service providers in Ukraine between May and September 2023.
- Bill Toulas
- October 16, 2023
- 02:06 PM
- 0
Women Political Leaders Summit targeted in RomCom malware phishing

A new, lightweight variant of the RomCom backdoor was deployed against participants of the Women Political Leaders (WPL) Summit in Brussels, a summit focusing on gender equality and women in politics.
- Bill Toulas
- October 15, 2023
- 10:16 AM
- 0
ToddyCat hackers use 'disposable' malware to target Asian telecoms

A newly discovered campaign dubbed "Stayin' Alive" has been targeting government organizations and telecommunication service providers across Asia since 2021, using a wide variety of "disposable" malware to evade detection.
- Bill Toulas
- October 12, 2023
- 10:09 AM
- 0
New WordPress backdoor creates rogue admin to hijack websites

A new malware has been posing as a legitimate caching plugin to target WordPress sites, allowing threat actors to create an administrator account and control the site's activity.
- Bill Toulas
- October 11, 2023
- 05:23 PM
- 8
US and Japan warn of Chinese hackers backdooring Cisco routers

A joint cybersecurity advisory by the FBI, NSA, CISA, and the Japanese NISC (cybersecurity) and NPA (police) sheds light on the techniques the Chinese threat actors known as BlackTech use to attack Japanese and U.S. organizations.
- Bill Toulas
- September 27, 2023
- 11:51 AM
- 0
New AtlasCross hackers use American Red Cross as phishing lure

A new APT hacking group named 'AtlasCross' targets organizations with phishing lures impersonating the American Red Cross to deliver backdoor malware.
- Bill Toulas
- September 26, 2023
- 11:35 AM
- 0