Lucene search
K

89 matches found

The Hacker News
The Hacker News
added 2024/05/24 12:50 p.m.17 views

Beware: These Fake Antivirus Sites Spreading Android and Windows Malware

Threat actors have been observed making use of fake websites masquerading as legitimate antivirus solutions from Avast, Bitdefender, and Malwarebytes to propagate malware capable of stealing sensitive information from Android and Windows devices. "Hosting malicious software through sites which lo...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/02/06 2:9 p.m.58 views

Beware: Fake Facebook Job Ads Spreading 'Ov3r_Stealer' to Steal Crypto and Credentials

Threat actors are leveraging bogus Facebook job advertisements as a lure to trick prospective targets into installing a new Windows-based stealer malware codenamed Ov3rStealer. "This malware is designed to steal credentials and crypto wallets and send those to a Telegram channel that the threat...

8.8CVSS9.4AI score0.88196EPSS
Exploits2
The Hacker News
The Hacker News
added 2023/11/24 10:31 a.m.51 views

Hamas-Linked Cyberattacks Using Rust-Powered SysJoker Backdoor Against Israel

Cybersecurity researchers have shed light on a Rust version of a cross-platform backdoor called SysJoker, which is assessed to have been used by a Hamas-affiliated threat actor to target Israel amid the ongoing war in the region. "Among the most prominent changes is the shift to Rust language,...

7.9AI score
Exploits0
OSV
OSV
added 2023/11/20 12:0 p.m.5 views

RUSTSEC-2023-0117 `tauri-winrt-notifications` was removed from crates.io for malicious code

This crate was part of a typosquatting malware cluster published by the user gabielle55131 to run an arbitrary malware payload on Windows hosts. This advisory is to retrospectively document this attempted attack. The version information and download records of the malicious crate are no longer...

5.9AI score
Exploits0References2
RustSec
RustSec
added 2023/11/18 12:0 p.m.3 views

`hann-rs-service` was removed from crates.io for malicious code

This crate was part of a typosquatting malware cluster published by the user TerryDavisSoldier to run an arbitrary malware payload on Windows hosts. This advisory is to retrospectively document this attempted attack. The version information and download records of the malicious crate are no longe...

5.9AI score
Exploits0
RustSec
RustSec
added 2023/11/18 12:0 p.m.3 views

`windowsservice` was removed from crates.io for malicious code

This crate was part of a typosquatting malware cluster published by the user TerryDavisSoldier to run an arbitrary malware payload on Windows hosts. This advisory is to retrospectively document this attempted attack. The version information and download records of the malicious crate are no longe...

5.9AI score
Exploits0
OSV
OSV
added 2023/11/15 12:0 p.m.5 views

RUSTSEC-2023-0121 `libusb1-main` was removed from crates.io for malicious code

This crate was part of a typosquatting malware cluster published by the user Kraded to run an arbitrary malware payload on Windows hosts. This advisory is to retrospectively document this attempted attack. The version information and download records of the malicious crate are no longer available...

5.9AI score
Exploits0References2
OSV
OSV
added 2023/11/15 12:0 p.m.4 views

RUSTSEC-2023-0118 `win_run_rs` was removed from crates.io for malicious code

This crate was part of a typosquatting malware cluster published by the user Kraded to run an arbitrary malware payload on Windows hosts. This advisory is to retrospectively document this attempted attack. The version information and download records of the malicious crate are no longer available...

5.9AI score
Exploits0References2
RustSec
RustSec
added 2023/11/15 12:0 p.m.7 views

`winx-rs` was removed from crates.io for malicious code

This crate was part of a typosquatting malware cluster published by the user Kraded to run an arbitrary malware payload on Windows hosts. This advisory is to retrospectively document this attempted attack. The version information and download records of the malicious crate are no longer available...

5.9AI score
Exploits0
RustSec
RustSec
added 2023/11/15 12:0 p.m.6 views

`win_run_rs` was removed from crates.io for malicious code

This crate was part of a typosquatting malware cluster published by the user Kraded to run an arbitrary malware payload on Windows hosts. This advisory is to retrospectively document this attempted attack. The version information and download records of the malicious crate are no longer available...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/07/10 12:22 p.m.3 views

New TOITOIN Banking Trojan Targeting Latin American Businesses

Businesses operating in the Latin American LATAM region are the target of a new Windows-based banking trojan called TOITOIN since May 2023. "This sophisticated campaign employs a trojan that follows a multi-staged infection chain, utilizing specially crafted modules throughout each stage," Zscale...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/06/29 4:48 a.m.4 views

Newly Uncovered ThirdEye Windows-Based Malware Steals Sensitive Data

A previously undocumented Windows-based information stealer called ThirdEye has been discovered in the wild with capabilities to harvest sensitive data from infected hosts. Fortinet FortiGuard Labs, which made the discovery, said it found the malware in an executable that masqueraded as a PDF fil...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2023/04/27 3:56 p.m.34 views

Google Gets Court Order to Take Down CryptBot That Infected Over 670,000 Computers

Google on Wednesday said it obtained a temporary court order in the U.S. to disrupt the distribution of a Windows-based information-stealing malware called CryptBot and "decelerate" its growth. The tech giant's Mike Trinh and Pierre-Marc Bureau said the efforts are part of steps it takes to "not...

6.3AI score
Exploits0
The Hacker News
The Hacker News
added 2023/04/27 3:56 p.m.2 views

Google Gets Court Order to Take Down CryptBot That Infected Over 670,000 Computers

Google on Wednesday said it obtained a temporary court order in the U.S. to disrupt the distribution of a Windows-based information-stealing malware called CryptBot and "decelerate" its growth. The tech giant's Mike Trinh and Pierre-Marc Bureau said the efforts are part of steps it takes to "not...

6.4AI score
Exploits0
The Hacker News
The Hacker News
added 2023/04/27 1:42 p.m.3 views

Paperbug Attack: New Politically-Motivated Surveillance Campaign in Tajikistan

A little-known Russian-speaking cyber-espionage group has been linked to a new politically-motivated surveillance campaign targeting high-ranking government officials, telecom services, and public service infrastructures in Tajikistan. The intrusion set, dubbed Paperbug by Swiss cybersecurity...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/01/10 12:54 p.m.1 views

Italian Users Warned of Malware Attack Targeting Sensitive Information

A new malware campaign has been observed targeting Italy with phishing emails designed to deploy an information stealer on compromised Windows systems. "The info-stealer malware steals sensitive information like system info, crypto wallet and browser histories, cookies, and credentials of crypto...

6.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/10/27 4:45 p.m.24 views

Fake Proof-of-Concepts used to lure security professionals

Researchers from the Leiden University published a paper detailing how cybercriminals are using fake Proof-of-Concepts PoCs to install malware on researchers' systems. The researchers found these fake PoCs on a platform where security professionals would usually expect to find them--the public co...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2022/08/17 6:20 a.m.57 views

North Korea Hackers Spotted Targeting Job Seekers with macOS Malware

The North Korea-backed Lazarus Group has been observed targeting job seekers with malware capable of executing on Apple Macs with Intel and M1 chipsets. Slovak cybersecurity firm ESET linked it to a campaign dubbed "Operation Interception" that was first disclosed in June 2020 and involved using...

6.8AI score
Exploits0
Snyk
Snyk
added 2022/08/15 1:54 p.m.2 views

Malicious Package

Overview pippytests is a malicious package. This is one of 12 malicious packages created by the same actor and discovered by Snyk. It downloads and executes malicious exe files containing malicious code that attempts to steal information from Google Chrome, tokens from Discord, and Injects a...

9.8CVSS7AI score
Exploits0References2
Snyk
Snyk
added 2022/08/15 1:54 p.m.2 views

Malicious Package

Overview rblxtools is a malicious package. This is one of 12 malicious packages created by the same actor and discovered by Snyk. It downloads and executes malicious exe files containing malicious code that attempts to steal information from Google Chrome, tokens from Discord, and Injects a Disco...

9.8CVSS7AI score
Exploits0References2
Rows per page
Query Builder