HackDig : Dig high-quality web security articles for hackers

Chinese tax software bundled with GoldenSpy backdoor targets western companies

A new malware dubbed GoldenSpy is being distributed embedded in tax payment software that some businesses operating in China are required to install. GoldenSpy is a new backdoor that is being distributed embedded in tax payment software (the Aisino Intelligent tax software) that some businesses operating in China are required to install. The c
Publish At:2020-06-29 07:08 | Read:105 | Comments:0 | Tags:Breaking News Hacking Malware backdoor China GoldenSpy backd

InvisiMole group targets military sector and diplomatic missions in Eastern Europe

Researchers uncovered a recent campaign carried out by the InvisiMole group that has been targeting a small number of high-profile organizations. Security researchers at ESET recently uncovered a campaign carried out by the InvisiMole group that has been targeting a small number of high-profile organizations in the military sector and diplomatic missions
Publish At:2020-06-18 16:19 | Read:181 | Comments:0 | Tags:APT Breaking News Hacking Malware backdoor Gamaredon hacking

BazarBackdoor: A new gateway to corporate systems

In mid-March, the number of brute force attacks on RDP connections skyrocketed. The aim of these attacks was to take advantage of the sudden increase in remote workers and take over their corporate computers. Exploiting the current COVID-19 pandemic in this way is just one of the many techniques that cybercriminals have for gaining access to companies’
Publish At:2020-06-01 09:29 | Read:204 | Comments:0 | Tags:Business Malware advanced cybersecurity b2b backdoor spear p

New Turla ComRAT backdoor uses Gmail for Command and Control

Researchers uncovered a new advanced variant of Turla’s ComRAT backdoor that leverages Gmail’s web interface as C2 infrastructure. Cybersecurity researchers discovered a new version of the ComRAT backdoor, also known as Agent.BTZ, which is a malware that was employed in past campaigns attributed to the Turla APT group. Earlier versions of A
Publish At:2020-05-26 12:23 | Read:214 | Comments:0 | Tags:APT Breaking News Cyber warfare Malware backdoor hacking new

Backdoor, Devil Shadow Botnet Hidden in Fake Zoom Installers

By Raphael Centeno and Llallum Victoria With additional insights from Bren Matthew Ebriega Cybercriminals are taking advantage of “the new normal” — involving employees’ remote working conditions and the popularity of user-friendly online tools — by abusing and spoofing popular legitimate applications to infect systems with malicious routines. We found two m
Publish At:2020-05-24 07:47 | Read:184 | Comments:0 | Tags:Bad Sites Botnets Malware application backdoor botnet Devil

Going dark: encryption and law enforcement

UPDATE, 05/22/2020: In the advent of the EARN IT Act, the debate on government subversion of encryption has reignited.  Given that the material conditions of the technology have not changed, and the arguments given in favor of the bill are not novel, we’ve decided to republish the following blog outlining our stance on the subject. Originally published
Publish At:2020-05-24 07:20 | Read:236 | Comments:0 | Tags:Government Privacy Security world backdoor Department of Jus

New MacOS Dacls RAT Backdoor Shows Lazarus’ Multi-Platform Attack Capability

By Gabrielle Joyce Mabutas With additional insights/analysis from Kazuki Fujisawa A one-time password (OTP) system involves the use of a generated password that can only be used once to log in and access specific online services. Often managed by a third-party provider, this rolling password system aims to reduce unauthorized intrusions to systems via compro
Publish At:2020-05-18 12:48 | Read:175 | Comments:0 | Tags:Mac backdoor Lazarus RAT

Naikon’s Aria

Our colleagues at Checkpoint put together a fine research writeup on some Naikon resources and activity related to “aria-body” that we detected in 2017 and similarly reported in 2018. To supplement their research findings, we are summarizing and publishing portions of the findings reported in our June 2018 “Naikon’s New AR Backdoor De
Publish At:2020-05-18 12:12 | Read:218 | Comments:0 | Tags:APT reports Featured APT Backdoor Cyber espionage Malware Te

Hiding in plain sight: PhantomLance walks into a market

In July 2019, Dr. Web reported about a backdoor trojan in Google Play, which appeared to be sophisticated and unlike common malware often uploaded for stealing victims’ money or displaying ads. So, we conducted an inquiry of our own, discovering a long-term campaign, which we dubbed “PhantomLance”, its earliest registered domain dating back
Publish At:2020-05-03 08:09 | Read:289 | Comments:0 | Tags:APT reports Featured Apple MacOS APT Backdoor Google Android

APT trends report Q1 2020

For more than two years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. The summaries are based on our threat intelligence research and provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports. They a
Publish At:2020-05-03 08:09 | Read:275 | Comments:0 | Tags:APT reports Featured Apple iOS APT Backdoor Chinese-speaking

Experts uncovered hidden behavior in thousands of Android Apps

A group of security researchers has found thousands of Android apps containing hidden backdoors and blacklists. Researchers from The Ohio State University, New York University, and CISPA Helmholtz Center for Information Security analyzed thousands of mobile applications for Android and discovered dangerous behavior, including backdoors and blacklists.
Publish At:2020-04-05 14:48 | Read:649 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware Mobile Android bac

Loncom packer: from backdoors to Cobalt Strike

The previous story described an unusual way of distributing malware under disguise of an update for an expired security certificate. After the story went out, we conducted a detailed analysis of the samples we had obtained, with some interesting findings. All of the malware we examined from the campaign was packed with the same packer, which we named Trojan-
Publish At:2020-04-02 06:58 | Read:558 | Comments:0 | Tags:Featured Malware descriptions Backdoor Malware Descriptions

Holy water: ongoing targeted water-holing attack in Asia

On December 4, 2019, we discovered watering hole websites that were compromised to selectively trigger a drive-by download attack with fake Adobe Flash update warnings. This campaign has been active since at least May 2019, and targets an Asian religious and ethnic group. The threat actor’s unsophisticated but creative toolset has been evolving a lot s
Publish At:2020-03-31 08:22 | Read:359 | Comments:0 | Tags:APT reports Featured Adobe Flash Backdoor drive-by attack Ja

iOS exploit chain deploys LightSpy feature-rich malware

A watering hole was discovered on January 10, 2020 utilizing a full remote iOS exploit chain to deploy a feature-rich implant named LightSpy. The site appears to have been designed to target users in Hong Kong based on the content of the landing page. Since the initial activity, we released two private reports exhaustively detailing spread, exploits, infrast
Publish At:2020-03-26 14:33 | Read:568 | Comments:0 | Tags:APT reports Featured Apple iOS APT Backdoor Google Android I

Malware campaign employs fake security certificate updates

Crooks are using a new phishing technique to trick victims into accepting the installation of a security certificate update and deliver malware. Security experts from Kaspersky Lab discovered spotted a new attack technique used by crooks to distribute malware by tricking victims into installing a malicious “security certificate update” when th
Publish At:2020-03-05 16:25 | Read:543 | Comments:0 | Tags:Breaking News Cyber Crime Malware backdoor Hacking informati


Share high-quality web security related articles with you:)