A surge of fake or stolen X (Twitter) Gold accounts has been flooding marketplaces and forums both on the surface web and the dark web over the past year, according to CloudSEK. Threat actors have used multiple techniques to forge or steal X Gold accounts since Elon Musk’s firm introduced its new verified accounts program […]
Attackers have used hundreds of fake profiles on LinkedIn — many very convincing — to target professionals at companies in Saudi Arabia, not only for financial fraud, but to convince employees in specific roles to provide sensitive corporate information. In a presentation at the Black Hat Middle East and Africa conference last month, researchers said […]
The fake plugin, once installed, creates a hidden admin user and sends victim information to the attackers, while also downloading a backdoor payload that allows for file management, SQL client, and server environment information access.
Scammers are exploiting the trust placed in reputable accounts by creating fake accounts with similar names and spreading fabricated security breach claims to deceive users into clicking on malicious links and revealing their wallet information.
A targeted campaign against the gaming community exploits Discord channels and fake download sites to distribute types of information-stealing malware. Multiple information stealer families, including BBy Stealer, Nova Sentinel, Doenerium, and Epsilon Stealer, were identified. To counter similar threats, online gamers are urged to download software exclusively from official and trustworthy websites.
When users click on the ad, they are redirected to a fake Windows news site, where they are prompted to download a digitally signed CPU-Z installer. This installer contains a malicious PowerShell script known as the ‘FakeBat’ malware loader.
Nov 09, 2023NewsroomEndpoint Security / Malware A new malvertising campaign has been found to employ fake sites that masquerade as legitimate Windows news portal to propagate a malicious installer for a popular system profiling tool called CPU-Z. “This incident is a part of a larger malvertising campaign that targets other utilities like Notepad++, Citrix, and […]
The fake Ledger Live app on the Microsoft Store deceived users into downloading malware, which stole their Bitcoin and Ethereum funds. Hackread.com has been actively following the cryptocurrency space as it has lately been a prominent target of scams and cyberattacks. Hackers are eyeing the crypto industry to steal valuable assets and even NFTs. For […]
Chinese scammers are using fake loan apps and India’s Unified Payments Interface (UPI) to deceive victims and launder money. The scammers pose as loan providers and promise easy repayments in exchange for a fee.