malware Archives - Page 2 of 57 - Cyber Security Minute

North Korea Debuts ‘SpectralBlur’ Malware Amid macOS Onslaught

Issued by: Dark Reading

The prolific North Korean state-backed threat actor known as TA444 is back with shiny new malware for targeting macOS users, dubbed “SpectralBlur.” The custom tool is the latest in a string of proprietary malware that the advanced persistent threat (APT) group has been consistently generating — a trait that sets it apart from other DPRK-sponsored…

Malware & Threats

Microsoft disables online Windows App Installer after attackers abuse it

Issued by: CSO Online

Microsoft has disabled the App Installer functionality that allowed Windows 10 apps to be installed directly from a web page by clicking on a link that used the ms-appinstaller URI scheme. This functionality has been heavily abused in recent months by different threat actors to deploy ransomware and other malicious implants. “Threat actors have likely…

News

Russian Military Intelligence Blamed for Blitzkrieg Hacks

Issued by: DataBreach Today

Ukrainian cyber defenders report that fast-acting Russian military intelligence hackers have been targeting government agencies as well as organizations in Poland using backdoor malware tied to phishing lures based on a fake letter from the Ukrainian deputy prime minister. The Computer Emergency Response Team of Ukraine on Thursday detailed a spear-phishing campaign that it has…

Malware & Threats

New Rugmi Malware Loader Surges with Hundreds of Daily Detections

Issued by: The Hacker News

A new malware loader is being used by threat actors to deliver a wide range of information stealers such as Lumma Stealer (aka LummaC2), Vidar, RecordBreaker (aka Raccoon Stealer V2), and Rescoms. Cybersecurity firm ESET is tracking the trojan under the name Win/TrojanDownloader.Rugmi. “This malware is a loader with three types of components: a downloader…

Mobile Security

Xamalicious Android malware distributed through the Play Store

Issued by: Security Affairs

McAfee Mobile Research Team discovered a new Android backdoor dubbed Xamalicious that can take full control of the device and perform fraudulent actions. The malware has been implemented with Xamarin, an open-source framework that allows building Android and iOS apps with .NET and C#. Xamalicious relies on social engineering to gain accessibility privileges, then it…

Malware & Threats

Chameleon Android Malware Can Bypass Biometric Security

Issued by: SecurityWeek

Active since early 2023, the malware initially targeted mobile banking applications in Australia and Poland, but has since expanded its reach to the UK and Italy. When initially uncovered, ThreatFabric explains, Chameleon used multiple loggers, had limited malicious functionality, and contained various unused commands, suggesting that it was still under development. Employing a proxy feature…

Malware & Threats

Expert warns of Turtle macOS ransomware

Issued by: Security Affairs

The popular cyber security researcher Patrick Wardle published a detailed analysis of the new macOS ransomware Turtle. Wardle pointed out that since Turtle was uploaded on Virus Total, it was labeled as malicious by 24 anti-malware solutions, suggesting it is not a sophisticated threat. However, the malicious code was generally detected as “Other:Malware-gen”, “Trojan.Generic”, or…

Malware & Threats

‘Hunters International’ Cyberattackers Take Over Hive Ransomware

Issued by: Dark Reading

The FBI may have successfully disrupted the destructive Hive ransomware operation earlier this year, but the group’s malware code continues to present a threat to organizations everywhere. In October, a security researcher’s analysis of a ransomware used by new group called Hunters International showed substantial code overlaps with Hive ransomware. A subsequent analysis by Bitdefender…

Malware & Threats

North Korea’s BlueNoroff APT Debuts ‘Dumbed Down’ macOS Malware

Issued by: Dark Reading

North Korean state hackers have debuted a fresh Mac malware targeting users in the US and Japan, which researchers characterize as “dumbed down” but effective. An arm of the DPRK’s notorious Lazarus Group, BlueNoroff has been known to raise money for the Kim regime by targeting financial institutions — banks, venture capital firms, cryptocurrency exchanges…

Software Security

‘KandyKorn’ macOS Malware Lures Crypto Engineers

Issued by: Dark Reading

The infamous North Korean advanced persistent threat (APT) group Lazarus has developed a form of macOS malware called “KandyKorn,” which it is using to target blockchain engineers connected to cryptocurrency exchanges. According to a report from Elastic Security Labs, KandyKorn has a full-featured set of capabilities to detect, access, and steal any data from the…