Latest Malware news

New RustDoor macOS malware impersonates Visual Studio update

A new Rust-based macOS malware spreading as a Visual Studio update to provide backdoor access to compromised systems uses infrastructure linked to the infamous ALPHV/BlackCat ransomware gang.
- Bill Toulas
- February 09, 2024
- 10:53 AM
- 1
Android XLoader malware can now auto-execute after installation

A new version of the XLoader Android malware was discovered that automatically executes on devices it infects, requiring no user interaction to launch.
- Bill Toulas
- February 08, 2024
- 01:34 PM
- 0
Facebook ads push new Ov3r_Stealer password-stealing malware

A new password-stealing malware named Ov3r_Stealer is spreading through fake job advertisements on Facebook, aiming to steal account credentials and cryptocurrency.
- Bill Toulas
- February 07, 2024
- 04:24 PM
- 1
No, 3 million electric toothbrushes were not used in a DDoS attack

A widely reported story that 3 million electric toothbrushes were hacked with malware to conduct distributed denial of service (DDoS) attacks is likely a hypothetical scenario instead of an actual attack.
- Lawrence Abrams
- February 07, 2024
- 12:21 PM
- 4
Chinese hackers infect Dutch military network with malware

A Chinese cyber-espionage group breached the Dutch Ministry of Defence last year and deployed malware on compromised devices, according to the Military Intelligence and Security Service (MIVD) of the Netherlands.
- Sergiu Gatlan
- February 06, 2024
- 01:49 PM
- 0
PurpleFox malware infects thousands of computers in Ukraine

The Computer Emergency Response Team in Ukraine (CERT-UA) is warning about a PurpleFox malware campaign that has infected at least 2,000 computers in the country.
- Bill Toulas
- February 01, 2024
- 12:10 PM
- 0
Hackers push USB malware payloads via news, media hosting sites

A financially motivated threat actor using USB devices for initial infection has been found abusing legitimate online platforms, including GitHub, Vimeo, and Ars Technica, to host encoded payloads embedded in seemingly benign content.
- Bill Toulas
- January 31, 2024
- 05:31 PM
- 2
FBI disrupts Chinese botnet by wiping malware from infected routers

The FBI has disrupted the KV-botnet used by Chinese Volt Typhoon state hackers to evade detection during attacks targeting U.S. critical infrastructure.
- Sergiu Gatlan
- January 31, 2024
- 12:43 PM
- 0
Microsoft Teams phishing pushes DarkGate malware via group chats

New phishing attacks abuse Microsoft Teams group chat requests to push malicious attachments that install DarkGate malware payloads on victims' systems.
- Sergiu Gatlan
- January 30, 2024
- 12:47 PM
- 0
Police disrupt Grandoreiro banking malware operation, make arrests

The Federal Police of Brazil and cybersecurity researchers have disrupted the Grandoreiro banking malware operation, which has been targeting Spanish-speaking countries with financial fraud since 2017.
- Bill Toulas
- January 30, 2024
- 10:46 AM
- 0
Russian TrickBot malware dev sentenced to 64 months in prison

Russian national Vladimir Dunaev has been sentenced to five years and four months in prison for his role in creating and distributing the Trickbot malware used in attacks against hospitals, companies, and individuals worldwide.
- Sergiu Gatlan
- January 25, 2024
- 01:52 PM
- 0
Cracked macOS apps drain wallets using scripts fetched from DNS records

Hackers are using a stealthy method to deliver to macOS users information-stealing malware through DNS records that hide malicious scripts.
- Bill Toulas
- January 22, 2024
- 05:27 PM
- 0
Google: Russian FSB hackers deploy new Spica backdoor malware

Google says the ColdRiver Russian-backed hacking group is pushing previously unknown backdoor malware using payloads masquerading as a PDF decryption tool.
- Sergiu Gatlan
- January 18, 2024
- 09:00 AM
- 0
Microsoft: Iranian hackers target researchers with new MediaPl malware

Microsoft says that a group of Iranian-backed state hackers are targeting high-profile employees of research organizations and universities across Europe and the United States in spearphishing attacks pushing new backdoor malware.
- Sergiu Gatlan
- January 17, 2024
- 03:39 PM
- 0
Bigpanzi botnet infects 170,000 Android TV boxes with malware

A previously unknown cybercrime syndicate named 'Bigpanzi' has been making significant money by infecting Android TV and eCos set-top boxes worldwide since at least 2015.
- Bill Toulas
- January 17, 2024
- 01:54 PM
- 0
iShutdown scripts can help detect iOS spyware on your iPhone

Security researchers found that infections with high-profile spyware Pegasus, Reign, and Predator could be discovered on compromised Apple mobile devices by checking Shutdown.log, a system log file that stores reboot events.
- Bill Toulas
- January 17, 2024
- 01:03 PM
- 1
MacOS info-stealers quickly evolve to evade XProtect detection

Multiple information stealers for the macOS platform have demonstrated the capability to evade detection even when security companies follow and report about new variants frequently.
- Bill Toulas
- January 16, 2024
- 04:29 PM
- 1
FBI: Androxgh0st malware botnet steals AWS, Microsoft credentials

CISA and the FBI warned today that threat actors using Androxgh0st malware are building a botnet focused on cloud credential theft and using the stolen information to deliver additional malicious payloads.
- Sergiu Gatlan
- January 16, 2024
- 12:34 PM
- 0
Windows SmartScreen flaw exploited to drop Phemedrone malware

A Phemedrone information-stealing malware campaign exploits a Microsoft Defender SmartScreen vulnerability (CVE-2023-36025) to bypass Windows security prompts when opening URL files.
- Bill Toulas
- January 15, 2024
- 01:32 PM
- 0
Malware abuses Google OAuth endpoint to ‘revive’ cookies, hijack accounts

Multiple information-stealing malware families are abusing an undocumented Google OAuth endpoint named "MultiLogin" to restore expired authentication cookies and log into users' accounts, even if an account's password was reset.
- Bill Toulas
- December 29, 2023
- 11:13 AM
- 5