The DanaBot banking Trojan continues to evolve and spread across the continents, now moving from Australia to European countries. DanaBot is a multi-stage modular banking Trojan written in Delphi that first appeared on the threat landscape in 2018. The malware implements a modular structure that allows operators to add new functionalities by adding new plug-ins. The […]
Apparently financially-motivated threat actors carried out a long-term campaign against the Balkans involving a backdoor and a RAT to compromise the targets. Security experts from ESET uncovered a long-running campaign carried out by a financially-motivated threat actor. The attackers combined a backdoor dubbed BalkanDoor and a remote access Trojan tracked as BalkanRAT to take control […]
Security experts analyzed a new interesting Android banking Trojan, dubbed Cerberus, that is offered for rent by its author. A new malware-as-a-service dubbed Cerberus has emerged in the threat landscape, it is an Android RAT developed from scratch that doesn’t borrow the code from other malware. According to researchers at Threat Fabric who analyzed the threat, Cerberus […]
Cloud Atlas threat actors used a new piece of polymorphic malware in recent attacks against government organizations. The Cloud Atlas cyberespionage group, aka Inception, continues to carry out attacks against government organizations and was observed using a new piece of polymorphic malware dubbed VBShower. The Cloud Atlas was first observed by researchers at Kaspersky Lab […]
Canon DSLR Camera Infected with Ransomware Over the Air A researcher discovered 6 flaws in the image transfer protocol used in Canon EOS 80D DSLR cameras that allow him to infect the device with ransomware over the air. Security researcher Eyal Itkin from Check Point analyzed the Picture Transfer Protocol (PTP) implementation in Canon EOS […]
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs Hi folk, let me inform you that I suspended the newsletter service, anyway I’ll continue to provide you a list of published posts every week through the blog. Once again thank you! DealPly adware abuses reputation services to remain […]
A new Spambot Trojan, tracked as Varenyky was spotted white targeting users as part of a new alleged sextortion campaign. The malware records the victim’s screen when they are visiting adult-related sites. Varenyky was discovered by researchers at ESET in May and reported by Any.run in June. “In May 2019, ESET researchers observed a spike in ESET telemetry data regarding malware targeting […]
Experts at Dr Web discovered that a set of Android Apps with over 100 million installations that contains a clicker Trojan tracked as Android.Click.312.origin. Malware researchers at antivirus firm Dr Web discovered more than 33 Android Apps in the Google Play Store with over 100 million installations that contain a clicker Tojan tracked as Android.Click.312.origin. […]
Security researchers at Emsisoft have released a new decryptor tool that allows the victims of the JSWorm 4.0 ransomware to decrypt their files for free. Thanks to the experts at Emsisoft the victims of the JSWorm 4.0 ransomware can decrypt their files for free. Like previous versions of the malware, the JSWorm 4.0 ransomware is […]
Avast spotted a new strain of Clipsa malware that is used to mine and steal cryptocurrencies along with carrying out brute-force attacks on WordPress sites. Clipsa is a malware that is well known to cyber security community is able to steal cryptocurrency via clipoard hijacking and mine cryptocurrency after installing a miner. Avast recently discovered […]