Category: Malware

DLL Sideloading

Malicious PyPI Packages Bypass Security with DLL Sideloading

In a recent investigation conducted by security specialists from ReversingLabs, two malicious packages were identified within the Python Package Index (PyPI) repository, utilizing the DLL Sideloading technique to circumvent antivirus detection and execute malicious...

Anatsa Trojan

Anatsa Trojan Evades Google Play, Targets New Countries

In November of last year, researchers discovered the expansion of malicious activity by an Android trojan named Anatsa into Slovakia, Slovenia, and the Czech Republic. This expansion is part of a new campaign which,...

19-year-old hacker

Raccoon Infostealer Mastermind Extradited to US

On February 15, it was disclosed that Mark Sokolovsky, a 28-year-old Ukrainian and operator of the malicious software “Raccoon Stealer,” was extradited to the United States from the Netherlands to face upcoming legal proceedings....

Alpha ransomware

Ransomware Reborn: Alpha’s Links to Netwalker Exposed

Experts have uncovered disconcerting connections between the recently emerged Alpha ransomware and the criminal group Netwalker, which was dismantled several years ago. Netwalker operated from October 2019 to January 2021, offering its software to...

MMS Fingerprint

NSO’s “MMS Fingerprint”: Zero-Click Phone Hack?

In the documentation of the current legal battle between WhatsApp and the NSO Group, a firm specializing in espionage software, a hint at a previously unknown method of infection has been revealed. The contract...

GoldPickaxe

GoldFactory Expands GoldPickaxe Malware Operations

Cybercriminals have commenced targeting iPhone owners with malicious software designed to steal 3D facial scans, facilitating unauthorized access to bank accounts. This was disclosed by Group-IB, a cybersecurity firm, which uncovered that a Chinese...

TinyTurla-NG backdoor

Turla APT Deploys New TinyTurla-NG Backdoor

At the close of 2023, specialists at Cisco Talos identified a campaign orchestrated by the group Turla APT, targeting Polish non-governmental organizations. This assault utilized a novel backdoor, TinyTurla-NG. A distinctive feature of TinyTurla-NG...

Moobot botnet

Moobot Botnet Takedown: US Disrupts Hacker Operations

In a strikingly orchestrated endeavor during January, the United States authorities successfully dismantled a botnet implicated in conducting espionage and cyberattacks against American and international targets. This operation, spearheaded by law enforcement, entailed purging...

Bumblebee malware

Cybersecurity Alert: Bumblebee Malware Resurfaces

After a four-month hiatus, the Bumblebee malware has reemerged, launching extensive phishing campaigns against thousands of organizations within the United States. Bumblebee, a loader discovered in April 2022, is believed to have been developed by...

Zardoor backdoor

“Zardoor” Backdoor Spied on Non-Profit for Years

The Cisco Talos research team uncovered a vast espionage campaign targeted at a non-profit charitable organization in Saudi Arabia. Commencing in March 2021, the campaign employed a previously unknown custom backdoor named Zardoor, which...

Alcatel smartphones malicious programs

PikaBot Returns: Malware Loader Sheds Complexity in New Attacks

Experts at Zscaler ThreatLabz have identified significant modifications in the functionality of the malicious software PikaBot. The new version, labeled 1.18.32, is currently undergoing a development and testing phase, during which the developers have...

Royal Ransomware

Rhysida Ransomware Cracked: Decryption Key Found

Cybersecurity specialists have identified a vulnerability in the implementation of the Rhysida ransomware, which allowed the decryption keys to be recovered and the data locked by the malware to be decrypted. This discovery was...