Latest Malware news

New Qbot malware variant uses fake Adobe installer popup for evasion

The developer of Qakbot malware, or someone with access to the source code, seems to be experimenting with new builds as fresh samples have been observed in email campaigns since mid-December.
- Bill Toulas
- February 15, 2024
- 08:27 AM
- 0
New ‘Gold Pickaxe’ Android, iOS malware steals your face for fraud

A new iOS and Android trojan named 'GoldPickaxe' employs a social engineering scheme to trick victims into scanning their faces and ID documents, which are believed to be used to generate deepfakes for unauthorized banking access.
- Bill Toulas
- February 15, 2024
- 03:00 AM
- 2
Ubuntu 'command-not-found' tool can be abused to spread malware

A logic flaw between Ubuntu's 'command-not-found' package suggestion system and the snap package repository could enable attackers to promote malicious Linux packages to unsuspecting users.
- Bill Toulas
- February 14, 2024
- 11:00 AM
- 0
Hackers used new Windows Defender zero-day to drop DarkMe malware

Microsoft has patched today a Windows Defender SmartScreen zero-day exploited in the wild by a financially motivated threat group to deploy the DarkMe remote access trojan (RAT).
- Sergiu Gatlan
- February 13, 2024
- 03:52 PM
- 0
FBI seizes Warzone RAT infrastructure, arrests malware vendor

The FBI dismantled the Warzone RAT malware operation, seizing infrastructure and arresting two individuals associated with the cybercrime operation.
- Bill Toulas
- February 12, 2024
- 06:09 PM
- 1
Hackers exploit Ivanti SSRF flaw to deploy new DSLog backdoor

Hackers are exploiting a server-side request forgery (SSRF) vulnerability in Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy the new DSLog backdoor on vulnerable devices.
- Bill Toulas
- February 12, 2024
- 11:20 AM
- 0
Raspberry Robin malware evolves with early access to Windows exploits

Recent versions of the Raspberry Robin malware are stealthier and implement one-day exploits that are deployed only on systems that are susceptible to them.
- Bill Toulas
- February 10, 2024
- 10:11 AM
- 2
New RustDoor macOS malware impersonates Visual Studio update

A new Rust-based macOS malware spreading as a Visual Studio update to provide backdoor access to compromised systems uses infrastructure linked to the infamous ALPHV/BlackCat ransomware gang.
- Bill Toulas
- February 09, 2024
- 10:53 AM
- 1
Android XLoader malware can now auto-execute after installation

A new version of the XLoader Android malware was discovered that automatically executes on devices it infects, requiring no user interaction to launch.
- Bill Toulas
- February 08, 2024
- 01:34 PM
- 0
Facebook ads push new Ov3r_Stealer password-stealing malware

A new password-stealing malware named Ov3r_Stealer is spreading through fake job advertisements on Facebook, aiming to steal account credentials and cryptocurrency.
- Bill Toulas
- February 07, 2024
- 04:24 PM
- 1
No, 3 million electric toothbrushes were not used in a DDoS attack

A widely reported story that 3 million electric toothbrushes were hacked with malware to conduct distributed denial of service (DDoS) attacks is likely a hypothetical scenario instead of an actual attack.
- Lawrence Abrams
- February 07, 2024
- 12:21 PM
- 4
Chinese hackers infect Dutch military network with malware

A Chinese cyber-espionage group breached the Dutch Ministry of Defence last year and deployed malware on compromised devices, according to the Military Intelligence and Security Service (MIVD) of the Netherlands.
- Sergiu Gatlan
- February 06, 2024
- 01:49 PM
- 0
PurpleFox malware infects thousands of computers in Ukraine

The Computer Emergency Response Team in Ukraine (CERT-UA) is warning about a PurpleFox malware campaign that has infected at least 2,000 computers in the country.
- Bill Toulas
- February 01, 2024
- 12:10 PM
- 0
Hackers push USB malware payloads via news, media hosting sites

A financially motivated threat actor using USB devices for initial infection has been found abusing legitimate online platforms, including GitHub, Vimeo, and Ars Technica, to host encoded payloads embedded in seemingly benign content.
- Bill Toulas
- January 31, 2024
- 05:31 PM
- 2
FBI disrupts Chinese botnet by wiping malware from infected routers

The FBI has disrupted the KV-botnet used by Chinese Volt Typhoon state hackers to evade detection during attacks targeting U.S. critical infrastructure.
- Sergiu Gatlan
- January 31, 2024
- 12:43 PM
- 0
Microsoft Teams phishing pushes DarkGate malware via group chats

New phishing attacks abuse Microsoft Teams group chat requests to push malicious attachments that install DarkGate malware payloads on victims' systems.
- Sergiu Gatlan
- January 30, 2024
- 12:47 PM
- 0
Police disrupt Grandoreiro banking malware operation, make arrests

The Federal Police of Brazil and cybersecurity researchers have disrupted the Grandoreiro banking malware operation, which has been targeting Spanish-speaking countries with financial fraud since 2017.
- Bill Toulas
- January 30, 2024
- 10:46 AM
- 0
Russian TrickBot malware dev sentenced to 64 months in prison

Russian national Vladimir Dunaev has been sentenced to five years and four months in prison for his role in creating and distributing the Trickbot malware used in attacks against hospitals, companies, and individuals worldwide.
- Sergiu Gatlan
- January 25, 2024
- 01:52 PM
- 0
Cracked macOS apps drain wallets using scripts fetched from DNS records

Hackers are using a stealthy method to deliver to macOS users information-stealing malware through DNS records that hide malicious scripts.
- Bill Toulas
- January 22, 2024
- 05:27 PM
- 0
Google: Russian FSB hackers deploy new Spica backdoor malware

Google says the ColdRiver Russian-backed hacking group is pushing previously unknown backdoor malware using payloads masquerading as a PDF decryption tool.
- Sergiu Gatlan
- January 18, 2024
- 09:00 AM
- 0