A novel and sophisticated backdoor malware named Deadglyph was seen used in a cyberespionage campaign targeting a government agency in the Middle East. The malware is attributed to the Stealth Falcon hacking group, which is infamous for targeting activists, journalists, and dissidents. Deadglyph infection method While the exact delivery method is currently unknown, it is […]
In the latest cybersecurity news, researchers have found a new Python malware targeting Tatar language-speaking users. The Tatar language is a Turkic language spoken primarily by the Tatars, an ethnic group in Russia and neighboring countries. This Python malware strain, sourced by Cyble, can capture screenshots on the victim’s systems and send them over to […]
Sep 22, 2023THNMalware / Cyber Threat An active malware campaign targeting Latin America is dispensing a new variant of a banking trojan called BBTok, particularly users in Brazil and Mexico. “The BBTok banker has a dedicated functionality that replicates the interfaces of more than 40 Mexican and Brazilian banks, and tricks the victims into entering […]
SINGAPORE: The police on Wednesday (Sep 20) issued an advisory about a new variant of Android malware scams, where scammers would initiate a factory reset on infected devices after the malware executes unauthorised transactions on the phone’s i-banking app. There have been more than 750 cases of victims downloading the malware into their phones in the […]
Key Takeaways Proofpoint has observed an increase in activity from specific malware families targeting Chinese-language speakers. Campaigns include Chinese-language lures and malware typically associated with Chinese cybercrime activity. Newly observed ValleyRAT is emerging as a new malware among Chinese-themed cybercrime activity, while Sainbox RAT and related variants are recently active as well. The increase in […]
A recently discovered Linux backdoor malware, named SprySOCKS, was observed in a cyberespionage campaign targeting government agencies in multiple countries. The campaign was attributed to the Chinese hacking group Earth Lusca. More about SprySOCKS In the campaign, the attackers used a Linux variant of the ELF injector called mandibule to drop SprySOCKS. The backdoor employs […]
Researchers have uncovered fresh malware samples attributed to ransomware group Cuba, representing new versions of BurntCigar malware, which offers next-level stealth to the group. Researchers at Kaspersky uncovered the malware in an ongoing investigation, after first detecting an incident on a client’s system in December. The attack chain ultimately led to the loading of a […]
A new information-stealing malware named MetaStealer has appeared in the wild, targeting macOS systems. This malicious software is built using the Go programming language and can steal a variety of sensitive data from victims. Distribution process According to SentinelOne researchers, many samples of the malware are targeting macOS business users through social engineering tactics, where […]
Sep 12, 2023THNEndpoint Security / Data Security A new information stealer malware called MetaStealer has set its sights on Apple macOS, making the latest in a growing list of stealer families focused on the operating system after Stealer, Pureland, Atomic Stealer, and Realst. “Threat actors are proactively targeting macOS businesses by posing as fake clients […]