Since September 2021, up to 85 command-and-control (C2) servers have been identified as being used by the ShadowPad malware. Along with infrastructure being founded…
Malware
Ukrainian hacker charged by the US for involvement in the Raccoon Stealer Malware Service
An American court has filed charges against a 26-year-old Ukrainian national for his alleged involvement in the Raccoon Stealer malware-as-a-service (MaaS) enterprise. On March…
Cybercriminals Use Two PoS Malware to Steal Over 167,000 Credit Cards
A threat actor has used two point-of-sale (PoS) malware variants to collect details about more than 167,000 credit cards from payment terminals. Cybercriminals use…
New PHP Malware Disseminated Through Cracked Microsoft Office Apps, Telegram, and Other Methods
The Zscaler ThreatLabz research team discovered a PHP (malware) version of the ‘Ducktail’ Infostealer distributed as a cracked application installer for a variety of…
Organizations in Poland and Ukraine are affected by the new “Prestige” malware.
The Microsoft Threat Intelligence Center (MSTIC) has found evidence of a fresh ransomware campaign using a hitherto unnamed ransomware payload that targets businesses in…
Hacking group POLONIUM uses ‘Creepy’ malware against Israel
Security experts have discovered previously undiscovered Creepy Malware that is employed by the threat actors that appear to target Israeli firms only, members of…
New LilithBot malware is being offered as a service to cybercriminals by Eternity Group hackers.
LilithBot malware, has been connected to the threat actor responsible for the malware-as-a-service (MaaS) named Eternity. Researchers Shatak Jain and Aditya Sharma from Zscaler…
Findings of New Malware Families Aimed at VMware ESXi Hypervisors
VMware’s virtualization software has been revealed to be used by threat actors to implant never-before-seen post-compromise implants. The implants allow them to take control…
Hackers from Brazil’s Prilex Group Resurface with Advanced Point-of-Sale Malware
After a year-long operational sabbatical, the Brazilian threat actor Prilex has returned with sophisticated and intricate Point-of-Sale Malware to steal money through fraudulent transactions.…
The new campaign uses government, union-themed lures to deliver Cobalt Strike beacons
Cisco Talos found a malicious campaign using a modularized attack method to distribute Cobalt Strike beacons on compromised endpoints. The initial attack vector is…