HackDig : Dig high-quality web security articles for hackers

xHelper: Android Trojan disguised as cleaning app on smartphones

An Android theft malware disguised as a cleanup application “xHelper” has spread to tens of thousands of smartphones with Google operating systems. Although the application has been around for about a year, security experts are now issuing a new warning. This is because it has proven to be very difficult to locate the malware and it is very costl
Publish At:2020-05-24 08:27 | Read:119 | Comments:0 | Tags:Business Malware News b2b Germany Trojan

IT threat evolution Q1 2020

Targeted attacks and malware campaigns Operation AppleJeus: the sequel In 2018, we published a report on Operation AppleJeus, one of the more notable campaigns of the threat actor Lazarus, currently one of the most active and prolific APT groups. One notable feature of this campaign was that it marked the first time Lazarus had targeted macOS targets, with t
Publish At:2020-05-24 07:11 | Read:81 | Comments:0 | Tags:Featured Malware reports Apple iOS Apple MacOS APT Data leak

Refocusing Cybersecurity Best Practices on Security Hygiene

While organizations around the world are rightly focused on the COVID-19 pandemic, the work of cybersecurity must continue. In fact, attackers often increase their efforts to breach networks and systems during times of trouble, counting on the chaos as a useful distraction. In such times, the best cybersecurity practices should actually refocus on the most b
Publish At:2020-05-24 06:18 | Read:109 | Comments:0 | Tags:CISO Antivirus Chief Information Security Officer (CISO) Cyb

QNodeService: Node.js Trojan Spread via Covid-19 Lure

Insights and Analysis by Matthew Stewart We recently noticed a Twitter post by MalwareHunterTeam that showed a Java downloader with a low detection rate. Its name, “Company PLP_Tax relief due to Covid-19 outbreak CI+PL.jar”, suggests it may have been used in a Covid-19-themed phishing campaign. Running this file led to the download of a new, undetected malwa
Publish At:2020-05-18 12:48 | Read:110 | Comments:0 | Tags:Malware Node.js QNodeService Trojan

Cyberthreats on lockdown

Every year, our anti-malware research team releases a series of reports on various cyberthreats: financial malware, web attacks, exploits, etc. As we monitor the increase, or decrease, in the number of certain threats, we do not usually associate these changes with concurrent world events – unless these events have a direct relation to the cyberthreats, that
Publish At:2020-05-18 12:12 | Read:160 | Comments:0 | Tags:Research Credentials theft Cybercrime Phishing websites Rans

Trojans instead of holidays in Germany

Spam emails are currently being sent to citizens throughout Germany, supposedly from the Federal Ministry of Health. In these e-mails, the recipient is asked to view the modified application form for “family and sick leave”. The form is attached to the e-mail as a Word document. However, this file contains malware that loads the Trojan Trickbot,
Publish At:2020-05-03 10:16 | Read:339 | Comments:0 | Tags:Business Malware b2b Germany Phishing Trojan

TrickBot Campaigns Targeting Users via Department of Labor FMLA Spam

IBM X-Force monitors billions of spam emails a year, mapping trending, malicious campaigns and their origins. Recent analysis from our spam traps uncovered a new Trickbot campaign that currently targets email recipients with fake messages purporting to come from the U.S. Department of Labor (DoL). The spam leverages the Family and Medical Leave Act (FMLA), w
Publish At:2020-05-03 08:13 | Read:336 | Comments:0 | Tags:Malware Threat Intelligence Banking Trojan Cybercrime Fraud

APT trends report Q1 2020

For more than two years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. The summaries are based on our threat intelligence research and provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports. They a
Publish At:2020-05-03 08:09 | Read:227 | Comments:0 | Tags:APT reports Featured Apple iOS APT Backdoor Chinese-speaking

New Android Banking Trojan Targets Spanish, Portuguese Speaking Users

IBM X-Force research recently analyzed a new Android banking Trojan that appears to be targeting users in countries that speak Spanish or Portuguese, namely Spain, Portugal, Brazil and other parts of Latin America. This Trojan, which was created atop an existing, simpler SMSstealer.BR, was supplemented with more elaborate overlay capabilities. That portion o
Publish At:2020-04-21 06:45 | Read:446 | Comments:0 | Tags:Malware Mobile Security Android Android Malware Banking Malw

TA505 Continues to Infect Networks With SDBbot RAT

IBM X-Force Incident Response and Intelligence Services (IRIS) responds to security incidents around the globe. During analysis and comparison of malicious activity on enterprise networks, our team identified attacks likely linked to Hive0065, also known as TA505. We observed that Hive0065 continues to spread the SDBbot remote-access Trojan (RAT) alongside o
Publish At:2020-04-14 12:36 | Read:457 | Comments:0 | Tags:Advanced Threats Incident Response Command-and-Control (C&C)

Grandoreiro Malware Now Targeting Banks in Spain

During the past few months, IBM X-Force researchers have noticed a familiar malware threat that typically affects bank customers in Brazil has spread to attack banks in Spain. The rise in campaigns prompted us to look into it further. Grandoreiro, a remote-overlay banking Trojan, has migrated to Spain without significant modification, proving that attackers
Publish At:2020-04-13 10:30 | Read:350 | Comments:0 | Tags:Malware Threat Research Banking Banking Malware Banking Troj

ITG08 (aka FIN6) Partners With TrickBot Gang, Uses Anchor Framework

The past two years have borne witness to the increasing collaboration between organized cybercrime groups to avoid duplication of efforts and maximize profits. Although this collaboration has primarily occurred between gangs developing and distributing well-known banking Trojans, such as Emotet, TrickBot and IcedID, it does not stop there. In a new and dange
Publish At:2020-04-07 08:25 | Read:446 | Comments:0 | Tags:Advanced Threats Threat Intelligence Banking Trojan Collabor

Breaking the Ice: A Deep Dive Into the IcedID Banking Trojan’s New Major Version Release

The IcedID banking Trojan was discovered by IBM X-Force researchers in 2017. At that time, it targeted banks, payment card providers, mobile services providers, payroll, webmail and e-commerce sites, mainly in the U.S. IcedID has since continued to evolve, and while one of its more recent versions became active in late-2019, X-Force researchers have identifi
Publish At:2020-04-01 07:12 | Read:422 | Comments:0 | Tags:Fraud Protection Malware Threat Research Banking Malware Ban

Zeus Sphinx Trojan Awakens Amidst Coronavirus Spam Frenzy

The recent months have created a new reality in the world as the novel Coronavirus pandemic spread from country to country raising concerns among people everywhere. With spammers and malware distributors already being accustomed to riding trending news, the COVID-19 theme has been exploited thoroughly by a large variety of spam and malspam campaigns. It appe
Publish At:2020-03-30 02:05 | Read:383 | Comments:0 | Tags:Malware Threat Intelligence Banking Malware Banking Trojan C

WildPressure, a new APT group targets the Middle East’s industrial sector

Security experts from Kaspersky Lab have uncovered the activity of a new threat actor, tracked as WildPressure, targeting the industrial sector in the Middle East. The WildPressure was spotted for the first time in August 2019 when researchers detected a never-before-seen malware that has no similarities with other samples analyzed by the experts. 
Publish At:2020-03-24 18:55 | Read:357 | Comments:0 | Tags:APT Breaking News Hacking Malware information security news

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud