In an effort to make malware appear legitimate and help it sneak past security software, groups using two well-known trojans are inserting news text from Coronavirus stories into their file descriptions. Padding malware with fake news is not new but Bleeping Computer has found Trickbot and Emotet now being used in
Tag: malware
Malicious coronavirus map hides AZORult info-stealing malware
Cyberattackers continue to seize on the dire need for information surrounding the novel coronavirus. In one of the latest examples, adversaries have created a weaponized coronavirus map app that infects victims with a variant of the information-stealing AZORult malware. The malicious online map, found at www.Corona-Virus-Map[.]com, appears very polished and convincing,
Years-long malware operation hides njRAT in cracked hacking tools
Malicious actors have been secretly embedding the njRAT remote access trojan in free hacking tools as well as cracks of those tools, in a bid to compromise anyone who downloads this software from various websites and forums. Essentially, this adversary is trying to turn other hackers into victims, taking over their machines
Hidden Cobra adds to its malware arsenal: CISA
The DHS Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation have released a report on six new or upgraded malware variants being used by North Korea. The malware types included are Bistromath, Slickshoes, Crowdedflounder, Hotcroissant, Artfulpie, Buffetline and Hoplight. Hoplight is a previously recorded malware believed to be used by the North Korean
Cybercriminals abuse Bitbucket to infect users with potpourri of malware
A newly discovered attack campaign has been abusing the online storage platform Bitbucket to maintain and update a wide assortment of malware, in a plot to infect computer users who download free, cracked versions of commercial software from the internet. Researchers at Cybereason’s Nocturnus team, who uncovered the threat, estimate that
Federally funded Unimax smartphone pre-loaded with malware
The Unimax UMX U686CL is a Chinese-made smartphone distributed by the federally funded Assured Wireless by Virgin Mobile has been found to come pre-loaded with two malicious applications. Malwarebytes researchers found the malware every owner finds on their phone is Wireless Update and amazingly the device’s own Settings app, neither of which can be removed from the
Attackers distill essence of Mirai IoT botnet into LiquorBot malware
Researchers recently uncovered another descendant of the Mirai Internet of Things botnet, this one featuring Monero cryptocurrency mining capabilities. Dubbed LiquorBot, the botnet malware is written in Go programming language and seems to use the same command-and-control infrastructure as Mirai. Sometimes, attack campaigns have even paired both LiquorBot and Mirai together
Travelex sidelines online financial services following malware discovery
Foreign exchange financials company Travelex has suspended its UK-based digital services offline since New Year’s Eve, following the discovery of an undisclosed malware program. As of Jan. 3 at 11:30 a.m. ET, the London-based company remains unable to conduct monetary transactions via its website or app. Services are still being conducted
Travelex suspends services after malware attack
Travelex, a major international foreign currency exchange, has confirmed it has suspended some services after it was hit by malware on December 31. The London-based company, which operates more than 1,500 stores globally, said it took systems offline “as a precautionary measure in order to protect data” and to stop
Krampus-3PC malware redirects iPhone users to phishing pages
iPhone users who visited certain publishing websites that were compromised by a malvertising campaign may have gotten an unwelcome visit from the holiday Krampus. No, not the mythical monster that punishes naughty children around Christmastime. In this case, we’re referring to Krampus-3PC, a new mobile malware that seeks out victims’ device