Nowadays, more malware developers are using unconventional programming languages to bypass advanced detection systems. The Node.js malware Lu0Bot is a testament to this trend. By targeting a platform-agnostic runtime environment common in modern web apps and employing multi-layer obfuscation, Lu0Bot is a serious threat to organizations and individuals. Although currently, the malware has low activity, […]
Endpoint Security APT 41 Used Android, iOS Surveillance Malware to Target APAC Victims Since 2018 Jayant Chakravarti (@JayJay_Tech) • October 3, 2023 A WeChat Pay payment services sign at Cafe De Coral in Hong Kong (Image; Shutterstock) Security researchers linked a surveillance toolkit called LightSpy to Chinese cyberespionage group APT41. The group used […]
Attack. Remediate. Repeat? Speak to any organization infiltrated by ransomware—the most dangerous malware in the world—and they’ll be blunt: They’d do anything to avoid getting hit twice. But ransomware attacks have been ramping up in 2023 and reinfections are occurring all over the globe, forcing lean IT teams to prepare. Why are businesses getting hit […]
LightSpy, a malware deployed in a 2020 watering hole attack against iOS users, has been found to be embedded with a set of 14 plugins that are responsible for private data exfiltration. Researchers have attributed the malware to the Chinese state-sponsored APT41 group, which previously had used DragonEgg and WyrmSpy spyware to target Android users. […]
The attack involves creating fake commit messages titled “fix” to introduce malware that extracts secrets from targeted repositories and steals passwords from web-form submissions.
A new malware strain called ZenRAT has emerged in the wild to steal information from Windows systems. While the exact distribution process remains unknown, past instances of similar threats have often used SEO poisoning, adware bundles, or malspam campaigns. Attack overview According to Proofpoint researchers, ZenRAT was initially discovered on a website pretending to be […]
The group’s malware includes trojans named DangerAds and AtlasAgent, with AtlasAgent being a custom C++ trojan that can execute various commands and evade detection by security tools.
Sep 27, 2023THNMalware / Cyber Threat A new malware strain called ZenRAT has emerged in the wild that’s distributed via bogus installation packages of the Bitwarden password manager. “The malware is specifically targeting Windows users and will redirect people using other hosts to a benign web page,” enterprise security firm Proofpoint said in a technical […]
Key Takeaways Proofpoint identified a new malware called ZenRAT being distributed via fake installation packages of the password manager Bitwarden. The malware is specifically targeting Windows users and will redirect people using other hosts to a benign webpage. At this time, it is unknown how the malware is being distributed. The malware is a modular […]