Latest Malware news

Ragnar Locker ransomware developer arrested in France

Law enforcement agencies arrested a malware developer linked with the Ragnar Locker ransomware gang and seized the group's dark web sites in a joint international operation.
- Sergiu Gatlan
- October 20, 2023
- 11:58 AM
- 1
Fake Corsair job offers on LinkedIn push DarkGate malware

A threat actor is using fake LinkedIn posts and direct messages about a Facebook Ads specialist position at hardware maker Corsair to lure people into downloading info-stealing malware like DarkGate and RedLine.
- Bill Toulas
- October 20, 2023
- 08:48 AM
- 0
MATA malware framework exploits EDR in attacks on defense firms

An updated version of the MATA backdoor framework was spotted in attacks between August 2022 and May 2023, targeting oil and gas firms and the defense industry in Eastern Europe.
- Bill Toulas
- October 18, 2023
- 11:17 AM
- 0
Qubitstrike attacks rootkit Jupyter Linux servers to steal credentials

Hackers are scanning for internet-exposed Jupyter Notebooks to breach servers and deploy a cocktail of malware consisting of a Linux rootkit, crypto miners, and password-stealing scripts.
- Bill Toulas
- October 18, 2023
- 06:00 AM
- 0
SpyNote Android malware spreads via fake volcano eruption alerts

Android malware 'SpyNote' was seen in an Italy-focused campaign that uses a phony 'IT-alert' public alert service website to infect visitors.
- Bill Toulas
- October 17, 2023
- 11:54 AM
- 1
Discord still a hotbed of malware activity — Now APTs join the fun

Discord continues to be a breeding ground for malicious activity by hackers and now APT groups, with it commonly used to distribute malware, exfiltrate data, and targeted by threat actors to steal authentication tokens.
- Bill Toulas
- October 16, 2023
- 05:29 PM
- 4
Fake 'RedAlert' rocket alert app for Israel installs Android spyware

Israeli Android users are targeted by a malicious version of the 'RedAlert - Rocket Alerts' app that, while it offers the promised functionality, acts as spyware in the background.
- Bill Toulas
- October 16, 2023
- 11:18 AM
- 0
Steam enforces SMS verification to curb malware-ridden updates

Valve has announced implementing additional security measures for developers publishing games on Steam, including SMS-based confirmation codes. This is to deal with a recent outbreak of malicious updates pushing malware from compromised publisher accounts.
- Bill Toulas
- October 15, 2023
- 11:12 AM
- 4
Women Political Leaders Summit targeted in RomCom malware phishing

A new, lightweight variant of the RomCom backdoor was deployed against participants of the Women Political Leaders (WPL) Summit in Brussels, a summit focusing on gender equality and women in politics.
- Bill Toulas
- October 15, 2023
- 10:16 AM
- 0
DarkGate malware spreads through compromised Skype accounts

Between July and September, DarkGate malware attacks have used compromised Skype accounts to infect targets through messages containing VBA loader script attachments.
- Sergiu Gatlan
- October 14, 2023
- 10:09 AM
- 0
Ubuntu discovers 'hate speech' in release 23.10 — how to upgrade?

Ubuntu, the most popular Linux distribution, has pulled its Desktop release 23.10 after its Ukrainian translations were discovered to contain hate speech. According to the Ubuntu project, a malicious contributor is behind anti-Semitic, homophobic, and xenophobic slurs that were injected into the distro via a "third party tool."
- Ax Sharma
- October 14, 2023
- 06:00 AM
- 2
New WordPress backdoor creates rogue admin to hijack websites

A new malware has been posing as a legitimate caching plugin to target WordPress sites, allowing threat actors to create an administrator account and control the site's activity.
- Bill Toulas
- October 11, 2023
- 05:23 PM
- 8
Mirai DDoS malware variant expands targets with 13 router exploits

A Mirai-based DDoS (distributed denial of service) malware botnet tracked as IZ1H9 has added thirteen new payloads to target Linux-based routers and routers from D-Link, Zyxel, TP-Link, TOTOLINK, and others.
- Bill Toulas
- October 10, 2023
- 04:35 PM
- 1
Hundreds of malicious Python packages found stealing sensitive data

A malicious campaign that researchers observed growing more complex over the past half year, has been planting on open-source platforms hundreds of info-stealing packages that counted about 75,000 downloads.
- Bill Toulas
- October 04, 2023
- 05:31 PM
- 0
New BunnyLoader threat emerges as a feature-rich malware-as-a-service

Security researchers discovered a new malware-as-a-service (MaaS) named 'BunnyLoader' advertised on multiple hacker forums as a fileless loader that can steal and replace the contents of the system clipboard.
- Bill Toulas
- October 02, 2023
- 03:59 PM
- 2
Bing Chat responses infiltrated by ads pushing malware

Malicious advertisements are now being injected into Microsoft's AI-powered Bing Chat responses, promoting fake download sites that distribute malware.
- Bill Toulas
- September 28, 2023
- 02:35 PM
- 7
Budworm hackers target telcos and govt orgs with custom malware

A Chinese cyber-espionage hacking group tracked as Budworm has been observed targeting a telecommunication firm in the Middle East and a government entity in Asia using a new variant of its custom 'SysUpdate' backdoor.
- Bill Toulas
- September 28, 2023
- 09:52 AM
- 0
New AtlasCross hackers use American Red Cross as phishing lure

A new APT hacking group named 'AtlasCross' targets organizations with phishing lures impersonating the American Red Cross to deliver backdoor malware.
- Bill Toulas
- September 26, 2023
- 11:35 AM
- 0
Android malware Xenomorph runs new campaign targeting the U.S.

After several months of operational hiatus, Xenomorph Android malware has launched a new campaign that targets users in the United States, Canada, Spain, Italy, Portugal, and Belgium.
- Bill Toulas
- September 25, 2023
- 11:24 AM
- 0
New stealthy and modular Deadglyph malware used in govt attacks

A novel and sophisticated backdoor malware named 'Deadglyph' was seen used in a cyberespionage attack against a government agency in the Middle East.
- Bill Toulas
- September 23, 2023
- 05:00 PM
- 0