Cybaze-Yoroi ZLAB revealed interesting a hidden connection between the AZORult toolkit and specific Gootkit payload. Introduction In the last days, a huge attack campaign hit several organizations across the Italian cyberspace, as stated on bulletin N020219 the attack waves tried to impersonate legit communication from a known Express Courier. However, a deeper analysis by Cybaze-Yoroi ZLAB revealed interesting hidden aspects, […]
Security researcher Lukas Stefanko from ESET discovered the first Android cryptocurrency clipboard hijacker impersonating MetaMask on the official Google Play store. The rogue MetaMask app is a Clipboard Hikacker that monitors a device’s clipboard for Bitcoin and Ethereum addresses and replaces them with addresses of wallets under the control of the attacker. Using this trick the attackers can transfers funds […]
Security experts from Trend Micro have discovered a new strain of coin miner that targets the Linux platform and installs the XMR-Stak Cryptonight cryptocurrency miner. Security experts from Trend Micro have discovered a new strain of coin miner that targets the Linux platform and installs the XMR-Stak Cryptonight cryptocurrency miner, researchers observed it killing other Linux malware […]
A newly discovered malware campaign leverages steganography to hide GandCrab ransomware in an apparently innocent Mario image. Security experts at Bromium have discovered a malware campaign using steganography to hide the GandCrab ransomware in a Mario graphic package. According to Matthew Rowan, a researcher at Bromium, threat actors use steganography to hide the malicious code and […]
Cayosin Botnet: a deeper look at this threat supported by the psychological profile of the âyoungsters-wannabe-hackersâ Rolex boasters Money, botnet as service business and coding on the dark side of the life: âAt this point of my life⊠if it doesnât make me money, I donât make time for itâ, is stated in the picture […]
Yoroi ZLab â Cybaze uncovered a new wave of Ursnif attacks using a variant that implements an exotic process injection technique called AtomBombing Another wave of Ursnif attacks hits Italy. Ursnif is one of the most active banking trojans. It is also known as GOZI, in fact, it is a fork of the original Gozi-ISFB banking Trojan that […]
Malware researcher Marco Ramilli released for free the Malware Hunter tool a simple but interesting catching tool base on static YARA rules.Malware researcher Marco Ramilli released for free the Malware Hunter tool a simple but interesting catching tool base on static YARA rules.. Iâv been working on cybersecurity for most than 10 years. During my […]
A malware campaign using new LuckyCat-Linked RAT dubbed ExileRAT has been targeting the mailing list of the organization officially representing the Tibetan government-in-exile. Security experts at Talos group have uncovered a malware campaign using the ExileRAT backdoor to target the mailing list of the organization officially representing the Tibetan government-in-exile. Threat actors are delivering the malware via […]
Security experts at Check Point discovered a new backdoor dubbed âSpeakUpâ targeting Linux servers in East Asia and Latin America. Malware researchers at Check Point have spotted a new Linux backdoor dubbed âSpeakUpâ targeting servers in East Asia and Latin America, The SpeakUp backdoor leverages known vulnerabilities in six different Linux distros, it is also able to infect […]
Researchers at Trend Micro discovered at least 29 malicious photo editing and beauty apps that were able to perform several malicious activities. Crooks continue to abuse Google Play store to distribute malicious apps, this time experts at Trend Micro discovered at least 29 maliciousphoto editing and beauty apps that were stealing users’ photos. The malicious […]