HackDig : Dig high-quality web security articles for hackers

Operation Spalax, an ongoing malware campaign targeting Colombian entities

Security experts from ESET uncovered an ongoing surveillance campaign, dubbed Operation Spalax, against Colombian government institutions and private companies. Malware researchers from ESET uncovered an ongoing surveillance campaign, dubbed Operation Spalax, against Colombian entities exclusively. The attacks aimed at government institutions and priva
Publish At:2021-01-14 16:18 | Read:169 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware Security hacking n

A week in security (January 4 – January 10)

Last week on Malwarebytes Labs, we released survey results about VPN usage and found that 36 percent of our respondents use it. We also talked about Adobe Flash Player reaching its end of life—meaning, Adobe won’t be supporting the updating and patching of its Flash Player software; covered the ransomware attack against Funke Media Group, one of German
Publish At:2021-01-11 12:42 | Read:140 | Comments:0 | Tags:A week in security Adobe Flash Player APT37 BitCoin Scam Bit

Fake Trump sex video used to spread QNode RAT

Researchers uncovered a malspam campaign that spreads the QNode remote access Trojan (RAT) using fake Trump’s sex scandal video as bait. Security experts from Trustwave uncovered a malspam campaign that is delivering the QNode remote access Trojan (RAT) using fake Trump’s sex scandal video as bait. The spam messages use the subject “GOOD LO
Publish At:2021-01-06 13:18 | Read:97 | Comments:0 | Tags:Breaking News Cyber Crime Malware Hacking hacking news infor

When zombie malware leads to big-money ransomware attacks

byPaul DucklinThe first thing people want to know when there’s a new ransomware story going around is: How much are the crooks asking for this time?Sadly, that is one question that victims themselves don’t need to ask, because the blackmailers who just attacked them will make jolly sure they know the “price”. In one recent and confron
Publish At:2020-12-17 10:25 | Read:240 | Comments:0 | Tags:Botnet Phishing Ransomware botnet Cybercrime malware ransomw

njRAT RAT operators leverage Pastebin C2 tunnels to avoid detection

Threat actors behind the njRAT Remote Access Trojan (RAT) are leveraging active Pastebin Command and Control Tunnels to avoid detection. Researchers from Palo Alto Networks’ Unit 42 reported that operators behind the njRAT Remote Access Trojan (RAT), aka Bladabindi, are leveraging Pastebin Command and Control tunnels to avoid detection.  “I
Publish At:2020-12-10 13:54 | Read:152 | Comments:0 | Tags:Breaking News Cyber Crime Malware Hacking hacking news infor

Malicious npm packages spotted delivering njRAT Trojan

npm security staff removed two packages that contained malicious code to install the njRAT remote access trojan (RAT) on developers’ computers. Security staff behind the npm repository removed two packages that were found containing the malicious code to install the njRAT remote access trojan (RAT) on computers of JavaScript and Node.js developers w
Publish At:2020-12-01 19:18 | Read:260 | Comments:0 | Tags:Breaking News Hacking Malware hacking news information secur

Phishers spoof reliable cybersecurity training company to garner clicks

“It happens to the best of us.” And, indeed, no adage is better suited to a phishing campaign that recently made headlines. Fraudsters used the brand, KnowBe4—a trusted cybersecurity company that offers security awareness training for organizations—to gain recipients’ trust, their Microsoft Outlook credentials, and other personally identifi
Publish At:2020-09-30 12:27 | Read:617 | Comments:0 | Tags:Scams Cofense cybersecurity training KnowBe4 phishing phishi

RATicate malware gang goes commercial

byPaul DucklinTwo months ago, we wrote about a malware gang that we dubbed RATicate.These criminals have been actively disseminating a range of remote access Trojans – thus the letters RAT in their nickname – aimed at giving them almost complete control over infected computers, all from a distance.As we explained earlier in the year, the jargon t
Publish At:2020-07-14 10:42 | Read:556 | Comments:0 | Tags:Malware SophosLabs bots malware RAT RATicate sophoslabs zomb

New LNK attack tied to Higaisa APT discovered

This post was authored by Hossein Jazi and Jérôme Segura On May 29th, we identified an attack that we believe is part of a new campaign from an Advanced Persistent Threat actor known as Higaisa. The Higaisa APT is believed to be tied to the Korean peninsula, and was first disclosed by Tencent Security Threat Intelligence Center in early 2019. The grou
Publish At:2020-06-04 12:55 | Read:929 | Comments:0 | Tags:Malware Threat analysis APT Higaisa korea LNK PlugX rat

New Mac variant of Lazarus Dacls RAT distributed via Trojanized 2FA app

This blog post was authored by Hossein Jazi, Thomas Reed and Jérôme Segura. We recently identified what we believe is a new variant of the Dacls Remote Access Trojan (RAT) associated with North Korea’s Lazarus group, designed specifically for the Mac operating system. Dacls is a RAT that was discovered by Qihoo 360 NetLab in December 2019 as a fu
Publish At:2020-05-18 13:43 | Read:953 | Comments:0 | Tags:Mac Malware Threat analysis APT Dacls Lazarus mac malware ra

New MacOS Dacls RAT Backdoor Shows Lazarus’ Multi-Platform Attack Capability

By Gabrielle Joyce Mabutas With additional insights/analysis from Kazuki Fujisawa A one-time password (OTP) system involves the use of a generated password that can only be used once to log in and access specific online services. Often managed by a third-party provider, this rolling password system aims to reduce unauthorized intrusions to systems via compro
Publish At:2020-05-18 12:48 | Read:713 | Comments:0 | Tags:Mac backdoor Lazarus RAT

WebMonitor RAT Bundled with Zoom Installer

By Raphael Centeno, Mc Justine De Guzman, and Augusto Remillano II The coronavirus pandemic has highlighted the usefulness of communication apps for work-from-home (WFH) setups. However, like they always do, cybercriminals are expected to exploit popular trends and user behavior. We have witnessed threats against several messaging apps including Zoom. In ear
Publish At:2020-05-03 06:08 | Read:1223 | Comments:0 | Tags:Malware RAT WebMonitor Zoom

LimeRAT malware delivered using 8-year-old VelvetSweatshop trick

Researchers spotted a campaign using Excel files to spread LimeRAT malware using the 8-year-old and well-known VelvetSweatshop bug. Researchers at the Mimecast Threat Center spotted a new campaign using Excel files to spread LimeRAT malware using the 8-year-old VelvetSweatshop bug. LimeRAT is a powerful Remote Administration Tool publicly available as
Publish At:2020-04-01 04:01 | Read:1149 | Comments:0 | Tags:Breaking News Cyber Crime Malware hacking news information s

Fake “Corona Antivirus” distributes BlackNET remote administration tool

Scammers and malware authors are taking advantage of the coronavirus crisis in full swing. We have seen a number of spam campaigns using COVID-19 as a lure to trick people into installing a variety of malware, but especially data stealers. As more of us work from home, the need to secure your computer, especially if you are connecting to your company̵
Publish At:2020-03-23 17:03 | Read:1233 | Comments:0 | Tags:Social engineering Threat analysis antivirus botnet coronavi

APT36 jumps on the coronavirus bandwagon, delivers Crimson RAT

Since the coronavirus became a worldwide health issue, the desire for more information and guidance from government and health authorities has reached a fever pitch. This is a golden opportunity for threat actors to capitalize on fear, spread misinformation, and generate mass hysteria—all while compromising victims with scams or malware campaigns. Profiti
Publish At:2020-03-16 14:22 | Read:1447 | Comments:0 | Tags:Threat analysis APT APT36 coronavirus coronavirus malware co


Tag Cloud