Latest Malware news

Xenomorph Android malware now targets U.S. banks and crypto wallets

Security researchers discovered a new campaign that distributes a new version of the Xenomorph malware to Android users in the United States, Canada, Spain, Italy, Portugal, and Belgium.
- Bill Toulas
- September 25, 2023
- 11:16 AM
- 0
New stealthy and modular Deadglyph malware used in govt attacks

A novel and sophisticated backdoor malware named 'Deadglyph' was seen used in a cyberespionage attack against a government agency in the Middle East.
- Bill Toulas
- September 23, 2023
- 05:00 PM
- 0
Evasive Gelsemium hackers spotted in attack against Asian govt

A stealthy advanced persistent threat (APT) tracked as Gelsemium was observed in attacks targeting a Southeast Asian government that spanned six months between 2022 and 2023.
- Bill Toulas
- September 23, 2023
- 11:09 AM
- 0
‘Sandman’ hackers backdoor telcos with new LuaDream malware

A previously unknown threat actor dubbed 'Sandman' targets telecommunication service providers in the Middle East, Western Europe, and South Asia, using a modular info-stealing malware named 'LuaDream.'
- Bill Toulas
- September 21, 2023
- 03:50 PM
- 0
P2PInfect botnet activity surges 600x with stealthier malware variants

The P2PInfect botnet worm is going through a period of highly elevated activity volumes starting in late August and then picking up again in September 2023.
- Bill Toulas
- September 20, 2023
- 06:08 PM
- 0
Free Download Manager releases script to check for Linux malware

The developers of Free Download Manager (FDM) have published a script to check if a Linux device was infected through a recently reported supply chain attack.
- Bill Toulas
- September 20, 2023
- 03:02 PM
- 0
Hackers backdoor telecom providers with new HTTPSnoop malware

New malware named HTTPSnoop and PipeSnoop are used in cyberattacks on telecommunication service providers in the Middle East, allowing threat actors to remotely execute commands on infected devices.
- Bill Toulas
- September 19, 2023
- 11:14 AM
- 0
APT36 state hackers infect Android devices using YouTube app clones

The APT36 hacking group, aka 'Transparent Tribe,' has been observed using at least three Android apps that mimic YouTube to infect devices with their signature remote access trojan (RAT), 'CapraRAT.'
- Bill Toulas
- September 18, 2023
- 06:06 PM
- 0
Bumblebee malware returns in new attacks abusing WebDAV folders

The malware loader 'Bumblebee' has broken its two-month vacation with a new campaign that employs new distribution techniques that abuse 4shared WebDAV services.
- Bill Toulas
- September 18, 2023
- 12:47 PM
- 0
New SprySOCKS Linux malware used in cyber espionage attacks

A Chinese espionage-focused hacker tracked as 'Earth Lusca' was observed targeting government agencies in multiple countries, using a new Linux backdoor dubbed 'SprySOCKS.'
- Bill Toulas
- September 18, 2023
- 10:05 AM
- 2
New 'MetaStealer' malware targets Intel-based macOS systems

A new information stealer malware named 'MetaStealer' has appeared in the wild, stealing a wide variety of sensitive information from Intel-based macOS computers.
- Bill Toulas
- September 12, 2023
- 05:06 PM
- 0
Free Download Manager site redirected Linux users to malware for years

A reported Free Download Manager supply chain attack redirected Linux users to a malicious Debian package repository that installed information-stealing malware.
- Bill Toulas
- September 12, 2023
- 11:25 AM
- 5
Iranian hackers backdoor 34 orgs with new Sponsor malware

A nation-state threat actor known as 'Charming Kitten' (Phosphorus, TA453, APT35/42) has been observed deploying a previously unknown backdoor malware named 'Sponsor' against 34 companies around the globe.
- Bill Toulas
- September 11, 2023
- 12:19 PM
- 0
Facebook Messenger phishing wave targets 100K business accounts per week

Hackers use a massive network of fake and compromised Facebook accounts to send out millions of Messenger phishing messages to target Facebook business accounts with password-stealing malware.
- Bill Toulas
- September 11, 2023
- 11:01 AM
- 0
Microsoft Teams phishing attack pushes DarkGate malware

A new phishing campaign is abusing Microsoft Teams messages to send malicious attachments that install the DarkGate Loader malware.
- Bill Toulas
- September 09, 2023
- 10:50 AM
- 1
US and UK sanction 11 TrickBot and Conti cybercrime gang members

The USA and the United Kingdom have sanctioned eleven Russian nationals associated with the TrickBot and Conti ransomware cybercrime operations.
- Lawrence Abrams
- September 07, 2023
- 10:27 AM
- 0
Mirai variant infects low-cost Android TV boxes for DDoS attacks

A new Mirai malware botnet variant has been spotted infecting inexpensive Android TV set-top boxes used by millions for media streaming.
- Bill Toulas
- September 06, 2023
- 12:56 PM
- 2
Chaes malware now uses Google Chrome DevTools Protocol to steal data

The Chaes malware has returned as a new, more advanced variant that includes a custom implementation of the Google DevTools protocol for direct access to the victim's browser functions, allowing it to steal data using WebSockets.
- Bill Toulas
- September 05, 2023
- 01:01 PM
- 0
GRU hackers attack Ukrainian military with new Android malware

Hackers working for the Main Directorate of the General Staff of the Armed Forces of the Russian Federation, more commonly known as the GRU, have been targeting Android devices in Ukraine with a new malicious framework named 'Infamous Chisel.
- Bill Toulas
- August 31, 2023
- 10:48 AM
- 0
Trojanized Signal and Telegram apps on Google Play delivered spyware

Trojanized Signal and Telegram apps containing the BadBazaar spyware were uploaded onto Google Play and Samsung Galaxy Store by a Chinese APT hacking group known as GREF.
- Bill Toulas
- August 30, 2023
- 11:16 AM
- 0