Category: Malware

AgentTesla malware

Fileless Attack: AgentTesla Strikes with .NET Injection

In a recent campaign involving the dissemination of the AgentTesla malware, as meticulously analyzed by experts at SonicWall, perpetrators employed VBA macros in Word documents to conduct a fileless injection attack, where the malicious...

PlugX worm

2.5 Million Infected: PlugX Malware Network Revealed

Researchers from Sekoia have revealed alarming details about the malicious worm PlugX, which, having been abandoned by its creators many years ago, continues to autonomously spread and infect millions of computers worldwide. PlugX, believed...

Brokewell

Fake Chrome Update Hides Android Brokewell Spyware

ThreatFabric has identified a new malicious application named Brokewell, capable of recording every action on a device, from keystrokes to text input and application launches. The Trojan is distributed through a counterfeit Google Chrome...

GuptiMiner

eScan Update Delivers Backdoors & Cryptominers

North Korean hackers exploited the eScan antivirus update mechanism to embed backdoors into corporate networks and disseminate cryptocurrency miners using the malicious software, GuptiMiner. Cybersecurity firm Avast reports that the perpetrators conducted an adversary-in-the-middle...

malicious package Discord

PyPI Package Exposed: Fortinet Warns of Discord Data Theft

Cybersecurity experts from Fortinet have identified a new malicious package in the PyPI registry for developers, aimed at stealing user data from Discord. The package, named “discordpy_bypass-1.7,” was published on March 10, 2024, and...

Akira Ransomware

Cybercrime Trend: Fewer Firms Pay Ransoms

In the first quarter of 2024, the percentage of companies that agreed to pay ransoms to cybercriminals reached a record low of 28%. This statistic was provided by Coveware, a firm specializing in cybersecurity....

Junk gun ransomware

Ransomware for Sale: Your Data Held Hostage

From June 2023 to February 2024, specialists from Sophos‘s cyber intelligence division identified 19 different types of ransomware being offered for sale on four dark web forums for relatively modest sums, ranging from $20...

Spy Pet

Discord Messages for Sale: Spy Pet Raises Alarms

A service called Spy Pet has raised alarms among Discord users by offering archival and activity tracking services on the platform for a nominal fee of $5. Spy Pet enables third parties, potentially including...

SoumniBot

SoumniBot: Android Malware with Evasive Tactics

A new type of banking malware for Android, named “SoumniBot,” employs an unconventional obfuscation method that leverages vulnerabilities in the process of extracting and analyzing the Android manifest. This allows it to circumvent standard...