The US DHS and the FBI have published a new joint report that includes technical details of a piece of malware allegedly used by the Hidden Cobra APT. A new joint report published by US DHS and FBI made the headlines, past document details TTPs associated with North Korea-linked threat groups, tracked by the US government as […]
Following the recent hack of a US Navy contractor security experts found evidence of very recent activity by the China-linked APT group tracked as APT15. The China-linked APT15 group (aka Ke3chang, Mirage, Vixen Panda, Royal APT and Playful Dragon) has developed a new strain of malware borrowing the code from one of the tool he used in past […]
A new crypto mining malicious code dubbed ADB.miner is targeting Android-based devices Amazon Fire TV and Fire Stick. Recently, security experts spotted the crypto mining malware ADB.miner (Android.CoinMine.15) targeting Amazon Fire TV and Fire TV Stick devices. The malicious code is active at least since February when researchers at Qihoo 360’s Netlab have spotted the Android mining botnet […]
This week, security experts observed a surge in port 8000 scan activity, researchers at Qihoo 360 Netlab determined that the unusual activity was associated with Satori IoT botnet. Experts from Qihoo 360 Netlab discovered that the author of the Satori botnet have integrated a the proof-of-concept (PoC) code for the XionMai web server software package after it was […]
Researchers uncovered a new malware campaign spreading a clipboard hijacker dubbed ClipboardWalletHijacker that has already infected over 300,000 computers. Security researchers from Qihoo 360 Total Security have spotted a new malware campaign spreading a clipboard hijacker, tracked as ClipboardWalletHijacker, that has already infected over 300,000 computers. Most of the victims are located in Asia, mainly China. “Recently, […]
The GitHub account of the Syscoin cryptocurrency was compromised by hackers that replaced the official Syscoin Windows client with a tainted version. The Syscoin clients allow users to mine Syscoin cryptocurrency or manage Syscoin funds. The other versions in the v3.0.4.1 release were not replaced, this means that Mac and Linux clients were not replaced by the hackers. The […]
Threat Fabric reports of a newly discovered banking Trojan, dubbed Mysterybot, targeting Android 7 and 8 versions, the malware seems to be linked to Lokibot. Threat Fabric (formerly known as SfyLabs) reports of a newly discovered banking Trojan targeting Android 7 and 8 versions. It seems to be linked to Lokibot, the hydra of the Android malware […]
Researchers have released a decryptor tool that could be used by victims of the Everbe Ransomware to decrypt their files for free. Good news for the victims of the Everbe Ransomware, the popular malware researchers Michael Gillespie and Maxime Meignan have released a decryptor that could be used by victims to decrypt their files for free. The Everbe Ransomware encrypts files […]
Fortinet discovered PyRoMineIoT, a new strain of crypto-currency miner that exploits the NSA-linked EternalRomance exploit to spread. PyRoMineIoT is a new strain of crypto-currency miner that exploits the NSA-linked EternalRomance remote code execution exploit to spread, the malware also abuses infected machines to scan for vulnerable Internet of Things (IoT) devices. PyRoMineIoT is quite similar to another crypto-currency miner dubbed PyRoMine that was […]
Malware researchers from ESET have spotted a new sophisticated piece of spyware, tracked as InvisiMole, used in targeted attacks in Russia and Ukraine in the last five years. Experts still haven’t attributed the malware to any threat actor, InvisiMole could be a nation-state malware developed for cyber espionage purpose or the result of a development […]