This article investigates a cybercriminal’s exposed server that contained various malicious tools, including DDoS scripts, SpyNote spyware disguised as popular apps, phishing pages targeting cryptocurrency companies, and ransom …
Tag: SPYWARE
Summary: Google Pixel phones, particularly the Pixel 9, have enhanced security features to protect against vulnerabilities in the cellular baseband, which manages network connectivity and can be a target for …
Summary: Scammers are creating fake activation pages for popular streaming services, using SEO techniques to appear in Google search results, leading victims to malicious sites that display alarming fake alerts. …
Short Summary:
The “Vilsa Stealer” is a newly identified malware discovered on GitHub, known for its efficiency in extracting sensitive data from various applications. It targets browser credentials, crypto wallets, …
Summary and Key Points
SummaryThis blog post discusses a long-standing issue regarding the reliance on output from webp without proper validation, highlighting the potential pitfalls associated with such trust.…
Summary: Threat actors are exploiting public interest in the scandal surrounding Sean “Diddy” Combs to distribute spyware disguised as files that claim to reveal deleted social media posts. Researchers have …
Summary and Key Points
Short SummaryThe primary mistake made by the WebP image format was over-reliance on the output from a tool called enough.c to calculate maximum possible table …
Summary: A long-running watering hole attack, dubbed SilentSelfie, has compromised 25 websites linked to the Kurdish minority, aiming to harvest sensitive information for over a year. The campaign utilizes various …
Summary: A recently patched vulnerability in OpenAI’s ChatGPT app for macOS, known as SpAIware, could have allowed attackers to implant persistent spyware in the app’s memory, facilitating continuous data exfiltration. …
A new Android spyware campaign has been identified targeting individuals in South Korea since June 2024. The spyware uses an Amazon AWS S3 bucket as its Command and …
Summary: The U.S. Treasury Department has sanctioned five individuals and one entity linked to the Intellexa Consortium, which is known for its development and sale of the Predator spyware. These …
Summary: Apple has voluntarily dismissed its lawsuit against NSO Group, citing concerns over the potential exposure of critical threat intelligence information amid a changing landscape in the commercial spyware industry. …
Summary: A Mandiant report highlights the escalating cyber threats faced by Mexico, driven by a mix of global espionage and local cybercrime targeting various sectors. The report reveals that nation-state …
Summary: A new Android malware named Trojan Ajina.Banker is targeting users in Central Asia by disguising itself as legitimate applications to steal banking information and intercept two-factor authentication (2FA) messages. …
Short Summary:
The cyber threat landscape in Mexico is characterized by a mix of global and local threats, including cyber espionage from state-sponsored actors and increasing incidents of ransomware and …
Summary: Insikt Group has reported a resurgence of Predator spyware infrastructure, which was thought to be inactive due to sanctions and public exposure. The entity behind Predator, Intellexa, has reengineered …
Summary: Recent international efforts have intensified to combat spyware and hack-for-hire services, revealing a complex web of entities involved in the spyware ecosystem. Despite sanctions against prominent vendors like NSO …
Summary: Despite sanctions imposed by U.S. officials in March, the commercial spyware tool Predator has shown resilience, with evidence of increased usage and new customers in various countries. Researchers indicate …
Short Summary:
The resurgence of Intellexa’s Predator spyware, following a decline due to US sanctions, poses renewed privacy and security risks, particularly to high-profile individuals. Recent findings indicate that Predator’s …
Summary: A new wave of sextortion emails has emerged, featuring personalized threats that include images of victims’ homes, aiming to increase the fear factor and compel payment. The emails falsely …
Short Summary:
This report from CYFIRMA analyzes a newly identified PowerShell-based keylogger that stealthily captures keystrokes and sensitive information from infected systems. The keylogger employs advanced techniques for command execution, …
Summary: The article discusses the emergence of a new mobile banking malware strain named Rocinante, originating from Brazil, which targets local banking institutions through keylogging, phishing, and remote access capabilities. …
Short Summary:
This blogpost discusses a novel phishing campaign targeting mobile users, particularly clients of Czech banks, through the use of Progressive Web Applications (PWAs) and WebAPKs. The campaign employs …
Summary: A pro-Russian hacker group named Vermin is exploiting Ukraine’s military operations to deploy malware, utilizing deceptive tactics involving images of alleged Russian war criminals. This campaign, reportedly backed by …
Summary: A dormant software vulnerability in Google’s Pixel devices, stemming from a pre-installed app called “Showcase.apk,” could allow malicious actors to execute code and install malware due to its excessive …
Short Summary:
Check Point Research has uncovered Styx Stealer, a new malware variant capable of stealing sensitive data from browsers, messaging apps, and cryptocurrency wallets. The developer, linked to the …
Short Summary:
A sophisticated spear phishing campaign, attributed to the Russian Federal Security Service (FSB), has been targeting civil society organizations in the West and Russia. The campaign, known as …
Summary: The United Kingdom and France are set to initiate a consultation aimed at addressing the proliferation and misuse of commercial cyber intrusion tools, as part of the Pall Mall …
The report discusses a rise in cyberattacks targeting Russian government agencies and IT firms by various Advanced Persistent Threat (APT) groups. These attacks utilize sophisticated malware techniques, highlighting …
Summary: This report discusses the use of Dynamic DNS (DDNS) by threat actors, particularly focusing on the DarkComet malware, which is frequently deployed through various malicious methods. It highlights the …
“`html Short Summary:
In March 2024, a new Android spyware named LianSpy was discovered, targeting individuals in Russia. Active since July 2021, it captures screencasts, exfiltrates user files, and harvests …
Summary: This report highlights a recent case of brand impersonation involving Google ads, where users searching for Google Authenticator were misled into downloading malware. The attack exploited a fake advertisement …
Summary: Security researchers have identified a new version of Mandrake, a sophisticated Android cyber-espionage malware that evaded detection for years while hidden in Google Play applications. The updated malware features …
“`html Short Summary:
This article discusses a recent incident of brand impersonation involving Google ads, where users searching for Google Authenticator were misled into downloading malware. The fraudulent ad directed …
In May 2020, Bitdefender released a white paper containing a detailed analysis of Mandrake, a sophisticated Android cyber-espionage platform, which had been active in the wild for at least …
Summary: The rise of the Telegram clicker game Hamster Kombat has attracted both enthusiastic players and malicious actors looking to exploit its popularity. ESET researchers have identified various threats targeting …
In the past few months, the Telegram clicker game Hamster Kombat has taken the world of cryptocurrency game enthusiasts by storm. Even though the gameplay, which mostly entails repeatedly tapping …
Summary: The content discusses the new version of the HardBit ransomware, which includes binary obfuscation enhancement with passphrase protection, making it more difficult for security researchers to analyze.
Threat Actor: …
Cybereason Security Services issue Threat Analysis reports to inform on impacting threats. The Threat Analysis reports investigate these threats and provide practical recommendations for protecting against them.…
Summary: The report warns of a resurgence of CapraRAT spyware targeting mobile gamers and weapons enthusiasts through malicious Android applications.
Threat Actor: Transparent Tribe, also known as APT36 | Transparent …
Summary: The content discusses the decline in activity of the Predator spyware group, indicating that sanctions and exposure have impacted their operations.
Threat Actor: Predator spyware group | Predator spyware …
Affected Platforms: Microsoft WindowsImpacted Users: Microsoft WindowsImpact: The stolen information can be used for future attackSeverity Level: High
Spyware is malicious software engineered to covertly monitor and gather information from …
Summary: Polish prosecutors have seized Pegasus spyware systems from a government agency in Warsaw as part of an investigation into the alleged abuse of the surveillance tool by the previous …
Summary: The Security Service of Ukraine (SSU) has dismantled the infrastructure used by pro-Russia Ukraine residents to break into soldiers’ devices and deploy spyware. The infrastructure included bot farms and …
The Hi-Tech Crime Trends report by Group-IB highlights a growing cybercriminal focus on Apple devices due to their increasing popularity. This shift has led to a rise in malware …
ESET researchers have identified five campaigns targeting Android users with trojanized apps. Most probably carried out by the Arid Viper APT group, these campaigns started in 2022 and three of …
Summary: This content discusses five cyber espionage campaigns targeting Android users in Egypt and Palestine, attributed to the Arid Viper hacking group.
Threat Actor: Arid Viper | Arid Viper Victim: …
By Gi7w0rm, Asheer Malhotra and Vitor Ventura.
Cisco Talos is disclosing a new malware campaign called “Operation Celestial Force” running since at least 2018. It is still active today, employing…In the ever-evolving landscape of digital security, cyber threats are continually adapting and becoming more sophisticated. Among these threats, …
In the ever-evolving cybersecurity landscape, staying informed with the latest statistics and trends is not just beneficial—it’s imperative. The year 2024 is shaping up to be pivotal, with threats becoming …