Tag: 2024-10-31

ThreatLabz has developed SmokeBuster, a tool to detect, analyze, and remove SmokeLoader malware from infected systems. Despite Operation Endgame's disruption in May 2024, SmokeLoader continues to be used by threat groups. SmokeBuster supports various SmokeLoader versions and Windows systems, offeri…

An unknown threat actor is conducting a phishing campaign targeting Facebook business and advertising account users in Taiwan. The campaign uses emails impersonating legal departments, claiming copyright infringement to lure victims into downloading malware. The attackers abuse Google's Appspot dom…

A sophisticated fraud scheme dubbed 'Phish 'n' Ships' has been uncovered, involving fake web shops that exploit digital payment providers to steal consumers' money and credit card information. The operation, traced back to 2019, has infected over 1,000 websites, created 121 fake web stores, and res…

Sophos unveils a five-year investigation tracking China-based threat actors targeting perimeter devices, particularly Sophos firewalls. The report details multiple attack campaigns, including Asnarök, Bookmark Buffer Overflow, and Covert Channels, which exploited zero-day vulnerabilities to gain ac…

Russian hackers, identified as UNC5812, are targeting the Ukrainian military through a sophisticated cyber operation. The attackers use a deceptive Telegram channel and website posing as a civil defense service to distribute malware for both Windows and Android devices. The Windows attack deploys P…

CraxsRAT, an Android trojan, has been targeting Russian and Belarusian users since summer 2024. It masquerades as legitimate apps like government services, antivirus software, and telecom operators. The malware spreads through social engineering tactics, prompting users to download malicious APK fi…

LUNAR SPIDER, a Russian-speaking financially motivated threat group, has resumed operations following law enforcement disruptions. They've shifted from using IcedID to leveraging Latrodectus and Brute Ratel C4 malware, targeting financial services through SEO poisoning malvertising campaigns. The g…