Google is alerting users to the existence of several threat actors that are disseminating a proof-of-concept (PoC) attack that uses its Calendar service to host command-and-control devices. Using a Gmail account, the application, known as Google Calendar RAT (GCR), uses Google Calendar Events for C2. It was initially released in June 2023 on GitHub. Developer […]
Hackers Can Create A C2 Channel Using Google Calendar Read More »
The threat actor with ties to Pakistan, SideCopy, has been seen using the WinRAR security flaw in its assaults against Indian government institutions to spread trojans that provide remote access, including DRat, Ares RAT, and AllaKore RAT. According to enterprise security firm SEQRITE, the campaign is multi-platform and includes attacks aimed at infiltrating Linux computers
SideCopy Exploiting WinRAR Flaw in Attacks Targeting Indian Government Entities Read More »
As part of its ongoing Operation Dream Job effort, the North Korea-affiliated Lazarus Group (also known as Hidden Cobra or TEMP.Hermit) has been seen employing trojanized Virtual Network Computing (VNC) programmes as enticements to target nuclear engineers and the defence sector. In its APT trends report for Q3 2023, Kaspersky stated that “the threat actor
Lazarus Group Targeting Defense Experts with Fake Interviews via Trojanized VNC Apps Read More »
Between February and September 2023, an undisclosed Middle Eastern country was the focus of an eight-month campaign by the Iran-linked threat actor OilRig. The Symantec Threat Hunter Team, a division of Broadcom, claimed in a report published with The Hacker News that the attack resulted in the loss of information and passwords and, in one
Iran-Linked OilRig Targets Middle East Governments in 8-Month Cyber Campaign Read More »
The U.S. Justice Department (DoJ) charged two founders of the Tornado Cash cryptocurrency mixer business with laundering more than $1 billion in illegal proceeds in an indictment that was unsealed on Wednesday. Roman Storm and Roman Semenov have both been accused of conspiring to commit money laundering, to violate sanctions, and to run an unregistered
Tornado Cash Founders Charged in Billion-Dollar Crypto Laundering Scandal Read More »
The U.S. Federal Bureau of Investigation (FBI) has issued a warning about online thieves who pose as non-fungible token (NFT) creators in order to steal cryptocurrencies and other digital assets from unwary consumers. In these fraudulent schemes, fraudsters frequently use deceptive advertising strategies to generate a sense of urgency to pull them off, either by
FBI Alert: Crypto Scammers are Masquerading as NFT Developers Read More »
In connection with the 2016 hack of cryptocurrency stock exchange Bitfinex, which resulted in the theft of around 120,000 bitcoin, a married couple from New York City has admitted guilt on counts of money laundering. The news comes more than a year after Ilya Lichtenstein, 35, and his wife Heather Morgan, 33, were taken into
Couple Pleads Guilty to Money Laundering in $3.6 Billion Bitfinex Hack Read More »
A new variant of AsyncRAT malware dubbed HotRat is being distributed via free, pirated versions of popular software and utilities such as video games, image and sound editing software, and Microsoft Office. According to Martin a Milánek, security researcher at Avast, “HotRat malware gives attackers a wide range of capabilities, including stealing login credentials, cryptocurrency
HotRat: New AsyncRAT Malware Variant Spreading Via Pirated Software Read More »
In reaction to new measures that would increase the amount of digital surveillance that state intelligence agencies are allowed to conduct, Apple has issued a warning that it would prefer to discontinue providing iMessage and FaceTime services in the U.K. than give in to pressure from the government. The iPhone manufacturer is the most recent
Apple Plans To Stop FaceTime and iMessage For iPhones in the UK. Read More »
According to Interpol, a suspected senior member of the French-speaking hacker group OPERA1ER has been detained as part of a global law enforcement investigation known as Nervone. “The group is believed to have stolen an estimated USD 11 million — potentially as much as 30 million — in more than 30 attacks across 15 countries
INTERPOL Nabs West African Hacking Crew Leader Behind $11 Million Cybercrime Read More »
