Bleeping Computer
Atomic Stealer malware strikes macOS via fake browser updates
The 'ClearFake' fake browser update campaign has expanded to macOS, targeting Apple computers with Atomic Stealer (AMOS) malware.
The Hacker News
ClearFake Campaign Expands to Deliver Atomic Stealer on Mac Systems
macOS users beware! Atomic Stealer, a $1,000/month malware, is now spreading through deceptive web browser updates via ClearFake.
Bleeping Computer
Lumma malware can allegedly restore expired Google auth cookies
The Lumma information-stealer malware (aka 'LummaC2') is promoting a new feature that allegedly allows cybercriminals to restore expired Google cookies, which can be used to hijack Google accounts.
Bleeping Computer
Malware dev says they can revive expired Google auth cookies
The Lumma information-stealer malware (aka 'LummaC2') is promoting a new feature that allegedly allows cybercriminals to restore expired Google cookies, which can be used to hijack Google accounts.
Infosecurity News
Infostealer Lumma Evolves With New Anti-Sandbox Method
Outpost24 explained the technique relies on trigonometry to discern genuine human behavior
Bleeping Computer
Lumma Stealer malware now uses trigonometry to evade detection
The Lumma information-stealing malware is now using an interesting tactic to evade detection by security software - the measuring of mouse movements using trigonometry to determine if the malware is running on a real machine or an antivirus sandbox.
The Hacker News
LummaC2 Malware Deploys New Trigonometry-Based Anti-Sandbox Technique
New LummaC2 malware uses trigonometry-based tactic to differentiate between users and security systems, evading sandboxes and security analyses.
The Hacker News
New Jupyter Infostealer Version Emerges with Sophisticated Stealth Tactics
Jupyter Infostealer is back with stealthy changes. Cyber attackers use manipulated SEO tactics to trick users into downloading malware.
Cyber Security News
Hackers Infect Windows Users with Weaponized MSIX App Packages
MSIX packages can be distributed & installed without administrative privileges, allowing malicious software to traditional security controls.
CSO
New malware campaign uses MSIX packages to infect Windows PCs
The Ghostpulse loader, injected through MSIX packages, is a stealthy dropper that avoids detection by the victim’s scanners.
The Hacker News
Hackers Using MSIX App Packages to Infect Windows PCs with GHOSTPULSE Maware
Cyber criminals are using fake MSIX Windows app packages of popular software to deliver GHOSTPULSE malware loader
DarkReading
‘Etherhiding’ Blockchain Technique Hides Malware in WordPress Sites
The ClearFake campaign uses fake browser updates to lure victims and spread RedLine, Amadey, and Lumma stealers.
Cyber Security News
EtherHiding: A Novel Technique to Hide Malicious Code Using Binance's Smart Chain
“EtherHiding” which abuses Binance's Smart Chain (BSC) contracts to host parts of a malicious code chain to hide them inside the blockchain.
The Hacker News
Binance's Smart Chain Exploited in New 'EtherHiding' Malware Campaign
Malicious actors are using Binance's Smart Chain (BSC) contracts to host malicious code and serve it on compromised WordPress
Trend Micro
Beware Lumma Stealer Distributed via Discord CDN
This blog discusses how threat actors abuse Discord’s content delivery network (CDN) to host and spread Lumma Stealer, and talks about added capabilities to the information stealing malware.
The Hacker News
ShellBot Uses Hex IPs to Evade Detection in Attacks on Linux SSH Servers
Ever heard of an IP address in hexadecimal notation? It's the latest disguise hackers use to deploy DDoS malware on Linux systems.
Cyber Security News
New Android Banking Malware Pose as Government App to Target Users
In the cybercrime landscape, researchers at Securelist have also reported on new Lumma stealer and Zanubis Android banking malware versions.
The Hacker News
Cybercriminals Using New ASMCrypt Malware Loader Flying Under the Radar
Cybercriminals are currently employing ASMCrypt, an advanced iteration of DoubleFinger, to evade detection by security tools.
The Hacker News
Microsoft's AI-Powered Bing Chat Ads May Lead Users to Malware-Distributing Sites
Using Bing Chat? Stay alert! Researchers reveal malicious ads lurking in Bing's AI chatbot, leading users to install malware unknowingly.
Infosecurity News
Android Banking Trojan Zanubis Evolves to Target Peruvian Users
The Trojan utilizes the Obfuscapk obfuscator for Android APK files, Kaspersky explained
The Hacker News
New ZenRAT Malware Targeting Windows Users via Fake Password Manager Software
⚠️ Beware of ZenRAT! This new modular malware strain targets Windows users through trojanized Bitwarden installers.
The Hacker News
Xenomorph Banking Trojan: A New Variant Targeting 35+ U.S. Financial Institutions
A new variant of the Xenomorph Banking Trojan has been uncovered, targeting 35+ U.S. financial institutions.
Cyber Security News
Hackers Use New .NET Loader Malware to Deliver Wide Range of Payloads
An unrecorded .NET Loader was identified during routine threat hunting that downloads, decrypts, and executes a malicious payloads.
The Hacker News
BlackCat Operators Distributing Ransomware Disguised as WinSCP via Malvertising
BlackCat ransomware now spreading via malvertising! Watch out for rogue installers disguised as legitimate apps like WinSCP.
The Hacker News
YouTube Videos Distributing Aurora Stealer Malware via Highly Evasive Loader
A new report has revealed the advanced techniques used by threat actors to deliver the Aurora information stealer malware through the in2al5d p3in4er
The Hacker News
CryptoClippy: New Clipper Malware Targeting Portuguese Cryptocurrency Users
New CryptoClippy malware steals cryptocurrency by replacing wallet addresses during transactions.
CSO
Russian hacktivists deploy new AresLoader malware via decoy installers
The new malware loader can give attackers remote access and the ability to deliver other payloads.
The Hacker News
Fake ChatGPT Chrome Extension Hijacking Facebook Accounts for Malicious Advertising
A fake ChatGPT Chrome browser extension has been found to hijack Facebook accounts and create rogue admin accounts.
The Hacker News
Warning: AI-generated YouTube Video Tutorials Spreading Infostealer Malware
Threat actors have been using AI-generated YouTube Videos to spread stealer malware such as Raccoon, RedLine, and Vidar.
The Record
Hackers use ChatGPT phishing websites to infect users with malware
Cyble says cybercriminals are setting up phishing websites that mimic the branding of ChatGPT, an AI tool that has exploded in popularity.
Infosecurity News
Phishing Sites Use ChatGPT as Lure
Fake pages designed to steal credit card information and install malware
Bleeping Computer
Hackers use fake ChatGPT apps to push Windows, Android malware
Threat actors are actively exploiting the popularity of OpenAI's ChatGPT AI tool to distribute Windows malware, infect Android devices with spyware, or direct unsuspecting victims to phishing pages.