Tag: Node.js Malware
-
Iranian Seedworm Group Infiltrates South Korean Tech Titan in Global Espionage Surge
The Iranian threat collective Seedworm maintained a clandestine presence within the infrastructure of a prominent South Korean electronics manufacturer for nearly a week. During this tenure, the adversaries systematically harvested telemetry, purloined credentials, and exfiltrated sensitive files via a ubiquitous document-sharing platform utilized by millions globally. The campaign afflicted at least nine organizations across nine…
-
The Spectral Proxy: How the RoadK1ll Malware Uses WebSockets to Vanish into Your Network
An imperceptible presence within a network remains the paramount trump card of digital malefactors, and a nascent discovery by the savants at Blackpoint illuminates the profound sophistication these instruments are attaining. A venomous module christened “RoadK1ll” empowers assailants not merely to entrench themselves within an architecture, but to soundlessly broaden their dominion to auxiliary nodes,…
-
Vectored Overloading: New “Ghost Network” Hijacks YouTube to Deploy Stealthy GachiLoader
Check Point researchers have uncovered a new campaign known as the so-called YouTube Ghost Network—a web of hijacked YouTube accounts used to distribute malware disguised as game cheats and pirated software. At the heart of the operation is an unusual Node.js–based loader and a previously undocumented Windows injection technique that allows malicious code to masquerade…