Latest Malware news

Microsoft: Lazarus hackers breach CyberLink in supply chain attack

Microsoft says a North Korean hacking group has breached Taiwanese multimedia software company CyberLink and trojanized one of its installers to push malware in a supply chain attack targeting potential victims worldwide.
- Sergiu Gatlan
- November 22, 2023
- 01:06 PM
- 0
Malware dev says they can revive expired Google auth cookies

The Lumma information-stealer malware (aka 'LummaC2') is promoting a new feature that allegedly allows cybercriminals to restore expired Google cookies, which can be used to hijack Google accounts.
- Bill Toulas
- November 21, 2023
- 02:29 PM
- 0
DarkGate and Pikabot malware emerge as Qakbot’s successors

A sophisticated phishing campaign pushing the DarkGate malware infections has recently added the PikaBot malware into the mix, making it the most advanced phishing campaign since the Qakbot operation was dismantled.
- Bill Toulas
- November 21, 2023
- 10:55 AM
- 0
Gamaredon's LittleDrifter USB malware spreads beyond Ukraine

A recently discovered worm that researchers call LittleDrifter has been spreading over USB drives infecting systems in multiple countries as part of a campaign from the Gamaredon state-sponsored espionage group.
- Bill Toulas
- November 20, 2023
- 05:32 PM
- 0
Kinsing malware exploits Apache ActiveMQ RCE to plant rootkits

The Kinsing malware operator is actively exploiting the CVE-2023-46604 critical vulnerability in the Apache ActiveMQ open-source message broker to compromise Linux systems.
- Bill Toulas
- November 20, 2023
- 11:54 AM
- 0
Lumma Stealer malware now uses trigonometry to evade detection

The Lumma information-stealing malware is now using an interesting tactic to evade detection by security software - the measuring of mouse movements using trigonometry to determine if the malware is running on a real machine or an antivirus sandbox.
- Bill Toulas
- November 20, 2023
- 09:40 AM
- 1
MySQL servers targeted by 'Ddostf' DDoS-as-a-Service botnet

MySQL servers are being targeted by the 'Ddostf' malware botnet to enslave them for a DDoS-as-a-Service platform whose firepower is rented to other cybercriminals.
- Bill Toulas
- November 16, 2023
- 03:11 PM
- 0
IPStorm botnet with 23,000 proxies for malicious traffic dismantled

The U.S. Department of Justive announced today that Federal Bureau of Investigation took down the network and infrastructure of a botnet proxy service called IPStorm.
- Bill Toulas
- November 14, 2023
- 07:05 PM
- 0
Google ads push malicious CPU-Z app from fake Windows news site

A threat actor has been abusing Google Ads to distribute a trojanized version of the CPU-Z tool to deliver the Redline info-stealing malware.
- Bill Toulas
- November 09, 2023
- 11:09 AM
- 2
BlueNoroff hackers backdoor Macs with new ObjCShellz malware

The North Korean-backed BlueNoroff threat group targets Apple customers with new macOS malware tracked as ObjCShellz that can open remote shells on compromised devices.
- Sergiu Gatlan
- November 07, 2023
- 03:26 PM
- 0
Socks5Systemz proxy service infects 10,000 systems worldwide

A proxy botnet called 'Socks5Systemz' has been infecting computers worldwide via the 'PrivateLoader' and 'Amadey' malware loaders, currently counting 10,000 infected devices.
- Bill Toulas
- November 05, 2023
- 10:17 AM
- 0
Mozi malware botnet goes dark after mysterious use of kill-switch

Mozi malware botnet activity faded away in August after a mysterious unknown party sent a payload on September 27, 2023, that triggered a kill switch to deactivate all bots.
- Bill Toulas
- November 01, 2023
- 01:21 PM
- 0
Avast confirms it tagged Google app as malware on Android phones

Czech cybersecurity company Avast confirmed that its antivirus SDK has been flagging a Google Android app as malware on Huawei, Vivo, and Honor smartphones since Saturday.
- Sergiu Gatlan
- October 31, 2023
- 04:23 PM
- 11
Samsung Galaxy gets new Auto Blocker anti-malware feature

Samsung has unveiled a new security feature called 'Auto Blocker' as part of the One UI 6 update, offering enhanced malware protection on Galaxy devices.
- Bill Toulas
- October 31, 2023
- 12:20 PM
- 1
Malicious NuGet packages abuse MSBuild to install malware

A new NuGet typosquatting campaign pushes malicious packages that abuse Visual Studio's MSBuild integration to execute code and install malware stealthily.
- Bill Toulas
- October 31, 2023
- 10:23 AM
- 0
New BiBi-Linux wiper malware targets Israeli orgs in destructive attacks

A new malware wiper known as BiBi-Linux is being used to destroy data in attacks targeting Linux systems belonging to Israeli companies.
- Sergiu Gatlan
- October 30, 2023
- 12:53 PM
- 0
Huawei, Vivo phones tag Google app as TrojanSMS-PA malware

Huawei, Honor, and Vivo smartphones and tablets are displaying strange 'Security threat' alerts urging the deletion of the Google app, warning that it is detected as the 'TrojanSMS-PA' malware.
- Bill Toulas
- October 30, 2023
- 10:47 AM
- 8
StripedFly malware framework infects 1 million Windows, Linux hosts

A sophisticated cross-platform malware platform named StripedFly flew under the radar of cybersecurity researchers for five years, infecting over a million Windows and Linux systems during that time.
- Bill Toulas
- October 26, 2023
- 10:47 AM
- 2
Hackers backdoor Russian state, industrial orgs for data theft

Several state and key industrial organizations in Russia were attacked with a custom Go-based backdoor that performs data theft, likely aiding espionage operations.
- Bill Toulas
- October 24, 2023
- 03:48 PM
- 0
New TetrisPhantom hackers steal data from secure USB drives on govt systems

A new sophisticated threat tracked as 'TetrisPhantom' has been using compromised secure USB drives to target government systems in the Asia-Pacific region.
- Bill Toulas
- October 22, 2023
- 11:18 AM
- 0