Latest Malware news

QNAP VioStor NVR vulnerability actively exploited by malware botnet

A Mirai-based botnet named 'InfectedSlurs' is exploiting a remote code execution (RCE) vulnerability in QNAP VioStor NVR (Network Video Recorder) devices to hijack and make them part of its DDoS (distributed denial of service) swarm.
- Bill Toulas
- December 16, 2023
- 11:17 AM
- 0
New NKAbuse malware abuses NKN blockchain for stealthy comms

A new Go-based multi-platform malware identified as 'NKAbuse' is the first malware abusing NKN (New Kind of Network) technology for data exchange, making it a stealthy threat.
- Bill Toulas
- December 14, 2023
- 05:15 PM
- 0
Ten new Android banking trojans targeted 985 bank apps in 2023

This year has seen the emergence of ten new Android banking malware families, which collectively target 985 bank and fintech/trading apps from financial institutes across 61 countries.
- Bill Toulas
- December 14, 2023
- 02:40 PM
- 0
Cold storage giant Americold discloses data breach after April malware attack

Cold storage and logistics giant Americold has confirmed that over 129,000 employees and their dependents had their personal information stolen in an April attack, later claimed by Cactus ransomware.
- Sergiu Gatlan
- December 11, 2023
- 12:50 PM
- 0
Krasue RAT malware hides on Linux servers using embedded rootkits

Security researchers discovered a remote access trojan they named Krasue that is targeting Linux systems of telecommunications companies and managed to remain undetected since 2021.
- Bill Toulas
- December 07, 2023
- 01:00 AM
- 0
SpyLoan Android malware on Google Play downloaded 12 million times

More than a dozen malicious loan apps, which are generically named SpyLoan, have been downloaded more than 12 million times this year from Google Play but the count is much larger since they are also available on third-party stores and suspicious websites.
- Bill Toulas
- December 05, 2023
- 09:27 AM
- 0
Stealthier version of P2Pinfect malware targets MIPS devices

The latest variants of the P2Pinfect botnet are now focusing on infecting devices with 32-bit MIPS (Microprocessor without Interlocked Pipelined Stages) processors, such as routers and IoT devices.
- Bill Toulas
- December 04, 2023
- 04:10 PM
- 0
TrickBot malware dev pleads guilty, faces 35 years in prison

On Thursday, a Russian national pleaded guilty to charges related to his involvement in developing and deploying the Trickbot malware, which was used in attacks against hospitals, companies, and individuals in the United States and worldwide.
- Sergiu Gatlan
- December 01, 2023
- 04:51 PM
- 0
Hackers use new Agent Raccoon malware to backdoor US targets

A novel malware named 'Agent Raccoon' (or Agent Racoon) is being used in cyberattacks against organizations in the United States, the Middle East, and Africa.
- Bill Toulas
- December 01, 2023
- 02:15 PM
- 0
FjordPhantom Android malware uses virtualization to evade detection

A new Android malware named FjordPhantom has been discovered using virtualization to run malicious code in a container and evade detection.
- Bill Toulas
- November 30, 2023
- 09:00 AM
- 0
New Rust-based SysJoker backdoor linked to Hamas hackers

A new version of the multi-platform malware known as 'SysJoker' has been spotted, featuring a complete code rewrite in the Rust programming language.
- Bill Toulas
- November 26, 2023
- 10:09 AM
- 0
Atomic Stealer malware strikes macOS via fake browser updates

The 'ClearFake' fake browser update campaign has expanded to macOS, targeting Apple computers with Atomic Stealer (AMOS) malware.
- Bill Toulas
- November 25, 2023
- 10:11 AM
- 0
Microsoft: Lazarus hackers breach CyberLink in supply chain attack

Microsoft says a North Korean hacking group has breached Taiwanese multimedia software company CyberLink and trojanized one of its installers to push malware in a supply chain attack targeting potential victims worldwide.
- Sergiu Gatlan
- November 22, 2023
- 01:06 PM
- 0
Malware dev says they can revive expired Google auth cookies

The Lumma information-stealer malware (aka 'LummaC2') is promoting a new feature that allegedly allows cybercriminals to restore expired Google cookies, which can be used to hijack Google accounts.
- Bill Toulas
- November 21, 2023
- 02:29 PM
- 0
DarkGate and Pikabot malware emerge as Qakbot’s successors

A sophisticated phishing campaign pushing the DarkGate malware infections has recently added the PikaBot malware into the mix, making it the most advanced phishing campaign since the Qakbot operation was dismantled.
- Bill Toulas
- November 21, 2023
- 10:55 AM
- 0
Gamaredon's LittleDrifter USB malware spreads beyond Ukraine

A recently discovered worm that researchers call LittleDrifter has been spreading over USB drives infecting systems in multiple countries as part of a campaign from the Gamaredon state-sponsored espionage group.
- Bill Toulas
- November 20, 2023
- 05:32 PM
- 0
Kinsing malware exploits Apache ActiveMQ RCE to plant rootkits

The Kinsing malware operator is actively exploiting the CVE-2023-46604 critical vulnerability in the Apache ActiveMQ open-source message broker to compromise Linux systems.
- Bill Toulas
- November 20, 2023
- 11:54 AM
- 0
Lumma Stealer malware now uses trigonometry to evade detection

The Lumma information-stealing malware is now using an interesting tactic to evade detection by security software - the measuring of mouse movements using trigonometry to determine if the malware is running on a real machine or an antivirus sandbox.
- Bill Toulas
- November 20, 2023
- 09:40 AM
- 1
MySQL servers targeted by 'Ddostf' DDoS-as-a-Service botnet

MySQL servers are being targeted by the 'Ddostf' malware botnet to enslave them for a DDoS-as-a-Service platform whose firepower is rented to other cybercriminals.
- Bill Toulas
- November 16, 2023
- 03:11 PM
- 0
IPStorm botnet with 23,000 proxies for malicious traffic dismantled

The U.S. Department of Justive announced today that Federal Bureau of Investigation took down the network and infrastructure of a botnet proxy service called IPStorm.
- Bill Toulas
- November 14, 2023
- 07:05 PM
- 0