Malware

Researchers Detail Novel Malicious Frameworks Attacking Air-Gapped Networks

Leave a Comment / Malware, Uncategorized /

Air-gapped networks have been discovered to be attacked by four different malicious frameworks bringing the total number of such toolkits to 17 and offering adversaries a pathway to cyber espionage and exfiltrate classified information. Researchers have stated that the frameworks were designed to perform some form of espionage and they all used USB drives as […]

Researchers Detail Novel Malicious Frameworks Attacking Air-Gapped Networks Read More »

Trojan Source: A New Technique Allowing Hackers Hide Vulnerabilities in Source Code

Leave a Comment / Malware /

Dubbed “Trojan Source attacks,” the technique “exploits subtleties in text-encoding standards such as Unicode to produce source code whose tokens are logically encoded in a different order from the one in which they are displayed, which eventually leads to a vulnerability which could not have been perceived by direct human code review. The vulnerability affects

Trojan Source: A New Technique Allowing Hackers Hide Vulnerabilities in Source Code Read More »

FlawedGrace New Variant Is Spreading Through Mass Email Campaigns

Leave a Comment / Malware /

Cybersecurity researchers have on Tuesday discovered a mass volume of email attack notably targeting Germany and Australia. This campaign has beeen tied to the TA505 which is the name assigned to the financially motivated threat group that’s been in active cybercrime business since at least 2014 and is behind the infamous Dridex anking trojan as

FlawedGrace New Variant Is Spreading Through Mass Email Campaigns Read More »

The Operators Of TrickBot Now Expanding Malware Distribution Channel

Leave a Comment / Malware /

The operators of the TrickBot Malware have resurfaced with new tricks seeking to increase its foothold by expanding its distribution channels, ultimately leading to the deployment of ransomware such as Conti. The threat actor, tracked as Wizard Spider has been discovered to be in partnership with other cybercrime gangs such as Hive0105, Hive0106 and Hive0107

The Operators Of TrickBot Now Expanding Malware Distribution Channel Read More »

Demodex: The New Rootkit Used by Chinese Hackers to Spy on Targeted Windows 10 Users

Leave a Comment / Malware /

An operation aimed at South East Asian targets back in July 2020 to deploy a kernel-mode rootkit on compromised Windows systems has been linked to a Chinese-speaking threat actor. The hacking group nicknamed GhostEmperor by Kaspersky has been known to use “sophisticated multi-stage malware framework” allowing a persistent and remote control over the targeted hosts.

Demodex: The New Rootkit Used by Chinese Hackers to Spy on Targeted Windows 10 Users Read More »

Sidewalk Malware Attacks Linked to Grayfly Chinese Hacker Group

Leave a Comment / Cyber Attacks, Malware /

A previously undocumented backdoor that was recently found targeting an unnamed computer retail company based in the U.S. has been linked to a longstanding Chinese espionage operation dubbed Grayfly. In late August, Slovakian cybersecurity firm ESET disclosed details of an implant called SideWalk, which is designed to load arbitrary plugins sent from an attacker-controlled server,

Sidewalk Malware Attacks Linked to Grayfly Chinese Hacker Group Read More »

Hackers Take To Distribution of Jupyter Malware Version via MSI Installer

Leave a Comment / Malware /

The evolution of Jupyter, a .NET infostealer has been reported by Cybersecurity researchers. This is known for going at healthcare and education sectors, making it exceptional at defeating most endpoint security scanning solutions. Morphisec underscores that the malware has not just continued to remain active but also showcases “how threat actors continue to develop their

Hackers Take To Distribution of Jupyter Malware Version via MSI Installer Read More »

Hackers Behind SolarWinds Cyberattack Linked to New Tomiris Backdoor Found

Leave a Comment / Malware /

Cybersecurity researchers on Wednesday disclosed a previously undocumented backdoor likely designed and developed by the Nobelium advanced persistent threat (APT) behind last year’s SolarWinds supply chain attack, joining the threat actor’s ever-expanding arsenal of hacking tools. A previously undocumented backdoor likely designed and developed by Nobelium advanced persistent threat(APT) has been disclosed by Cybersecurity researchers

Hackers Behind SolarWinds Cyberattack Linked to New Tomiris Backdoor Found Read More »

GriftHorse: The Android Trojan Stealing Millions of Dollars from Users

Leave a Comment / Malware /

Millions of Android devices from over 70 countries have been affected by a newly discovered mobile campaign in the form of an Android app subscribing the individuals to premium services costing €36 (₦18,000) per month without their knowledge. This has been dubbed the “GriftHorse” by the Zimperium zLabs and the trojan is said to be

GriftHorse: The Android Trojan Stealing Millions of Dollars from Users Read More »

Microsoft cautions on FoggyWeb Malware Targeting Active Directory FS Servers

Leave a Comment / Malware /

A new Malware was revealed on Monday by Microsoft developed by the hacking group behind the SolarWinds supply chain attack last December to deliver additional payloads and steal sensitive information from Active Directory Federation Services (AD FS) servers. Microsofts’ Threat Intelligence Center (MSTIC) codenamed the “passive and highly targeted backdoor” FoggyWeb, making it the threat

Microsoft cautions on FoggyWeb Malware Targeting Active Directory FS Servers Read More »