Pierluigi Paganini
February 09, 2025
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Malicious packages deepseeek and deepseekai published in Python Package Index Coyote Banking Trojan: A Stealthy Attack via LNK Files The Mac Malware of 2024 Take My Money: OCR Crypto Wallet Thieves on Google Play and App […]
Pierluigi Paganini
February 08, 2025
Researchers spotted North Korea’s Kimsuky APT group launching spear-phishing attacks to deliver forceCopy info-stealer malware. Researchers from AhnLab Security Intelligence Center (ASEC) observed North Korea’s Kimsuky APT group conducting spear-phishing attacks to deliver forceCopy info-stealer malware. Kimsuky cyberespionage group (aka ARCHIPELAGO, Black Banshee, Thallium, Velvet Chollima, APT43) was first spotted by Kaspersky researchers in 2013. The group works under the control […]
Pierluigi Paganini
February 06, 2025
The North Korea-linked APT group Lazarus uses a cross-platform JavaScript stealer to target crypto wallets in a new hacking campaign. Bitdefender researchers reported that the North Korea-linked Lazarus group uses fake LinkedIn job offers in the cryptocurrency and travel sectors to deliver a cross-platform JavaScript stealer to target crypto wallets in a new hacking campaign. Scammers lure […]
Pierluigi Paganini
February 05, 2025
In late 2024, Kaspersky experts discovered a malicious campaign, called SparkCat, spreading malware to target crypto wallets. In March 2023, ESET found malware in modified versions of messengers using OCR to scan the victim’s gallery for images with recovery phrases to restore access to crypto wallets. In late 2024, Kaspersky discovered a new malicious campaign, […]
Pierluigi Paganini
February 04, 2025
Coyote Banking Trojan targets Brazilian users, stealing data from over 70 financial applications and websites. FortiGuard Labs researchers detected a campaign using LNK files executing PowerShell commands to deploy the Coyote Banking Trojan. Threat actors target Brazilian users by stealing financial data, the malware can harvest sensitive information from over 70 financial applications and numerous […]
Pierluigi Paganini
February 03, 2025
Casio Website Infected With Skimmer A threat actor has installed a web skimmer on all pages of the Casio UK’s website, except the checkout page. Jscrambler researchers uncovered a web skimmer campaign targeting multiple websites, including Casio one (casio.co.uk). The experts confirmed that at least 17 victim sites have been compromised, though the number may […]
Pierluigi Paganini
February 03, 2025
The Russian-speaking Crazy Evil group runs over 10 social media scams, tricking victims into installing StealC, AMOS, and Angel Drainer malware. Since 2021, the Crazy Evil gang has become a major cybercriminal group, using phishing, identity fraud, and malware to steal cryptocurrency. Security experts identified six Crazy Evil’s subteams, called AVLAND, TYPED, DELAND, ZOOMLAND, DEFI, […]
Pierluigi Paganini
February 02, 2025
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. ESXi Ransomware Attacks: Stealthy Persistence through SSH Tunneling MintsLoader: StealC and BOINC Delivery Cloud Ransomware Developments | The Risks of Customer-Managed Keys New TorNet backdoor seen in widespread campaign Active Exploitation: New Aquabot Variant Phones Home […]
Pierluigi Paganini
February 02, 2025
Meta announced the disruption of a malware campaign via WhatsApp that targeted journalists with the Paragon spyware. Meta announced that discovered and dismantled a malware campaign via WhatsApp that targeted journalists and civil society members with the Paragon spyware (aka Graphite). The hacking campaign targeted 90 users and was disrupted in December, WhatsApp already alerted […]
Pierluigi Paganini
February 02, 2025
Indian multinational technology company Tata Technologies suspended some IT services following a ransomware attack. Indian multinational Tata Technologies, a Tata Motors subsidiary, suspended some IT services following a ransomware attack. The company, which is engaged in product engineering, provides services to automotive and aerospace original equipment manufacturers as well as industrial machinery companies. As of 2023, the IT giant has over […]
