Malicious code in workingitme (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 77ec565b572be137d67ece8342d916cb970b501ee390e7250878e27277685fe9 During installation, if run under a specific username, the package downloads and installs two executables identified as backdoors trojans. --- Category:...

MAL-2026-2292 Malicious code in safecheckit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 84f17b127af2c89551ea0059e4741da3fb5158405fbeabf042f7d5d89a098b21 During installation the package downloads and installs two executables identified as backdoors trojans. --- Category: MALICIOUS - The campaign has clearly...

Black Cat Behind SEO Poisoning Malware Campaign Targeting Popular Software Searches

A cybercrime gang known as Black Cat has been attributed to a search engine optimization SEO poisoning campaign that employs fraudulent sites advertising popular software to trick users into downloading a backdoor capable of stealing sensitive data. According to a report published by the National...

Threat Round up for November 11 to 18

Today, Talos is publishing a glimpse into the most prevalent threats weve observed between Nov. 11 and Nov. 18. As with previous roundups, this post isnt meant to be an in-depth analysis. Instead, this post will summarize the threats weve observed by highlighting key behavioral characteristics,...

5 Linux malware families SMBs should protect themselves against

There’s no shortage of reasons why an SMB might use Linux to run their business: There are plenty of distros to choose from, it’s generally free, and perhaps above all — it’s secure. The common wisdom goes that Linux malware is rare, and for the most part this is true. Thanks to its built-in...

Hiding in plain sight: PhantomLance walks into a market

In July 2019, Dr. Web reported about a backdoor trojan in Google Play, which appeared to be sophisticated and unlike common malware often uploaded for stealing victims' money or displaying ads. So, we conducted an inquiry of our own, discovering a long-term campaign, which we dubbed "PhantomLance...

New Malware Family Uses Custom UDP Protocol for C&C Communications

Security researchers have uncovered a new highly-targeted cyber espionage campaign, which is believed to be associated with a hacking group behind KHRAT backdoor Trojan and has been targeting organizations in South East Asia. According to researchers from Palo Alto, the hacking group, which they...

HIDDEN COBRA Trojan 'Volgmer' Detection

This script tries to detect indicators in the Windows registry for malicious tools used by North Korean APT group SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

NetSarang Xmanager 5 Backdoor Trojan (ShadowPad)

The Xmanager 5, an X server for Windows, installed on the remote host has a nssock2.dll file identified by its MD5 hash that is infected with a trojan backdoor. The affected file includes an encrypted payload that could be remotely activated by a knowledgeable attacker. C Tenable Network Security...

Recently being a hot Word 0day vulnerability has been used for malware spreading and the country attack-vulnerability warning-the black bar safety net

Recently Microsoft Word 0day vulnerabilities is very hot, this month's Patch Tuesday, Microsoft also finally released for the CVE-2017-0199 vulnerability patch, and the previously reported difference is that this vulnerability also affects Microsoft's own WordPad. According to security firm FireE...

Hacker Who Used Linux Botnet to Send Millions of Spam Emails Pleads Guilty

A Russian man accused of infecting tens of thousands of computer servers worldwide to generate millions in illicit profit has finally entered a guilty plea in the United States and is going to face sentencing in August. Maxim Senakh, 41, of Velikii Novgorod, Russia, pleaded guilty in a US federal...

Scarlet Mimic Behind Espionage Campaign Against Tibetan, Uyghur Activists

Researchers believe a single group is responsible for a series of attacks over the years to spy on Tibetan and Uyghur activists. For four years the group has used a cornucopia of spearphishing emails, a watering hole attack, and a backdoor Trojan to carry out espionage. Dubbed Scarlet Mimic, the...

Warning! Invitation for PC Version of 'Grand Theft Auto V' Game infects Computers with Malware

Since all the versions of the popular game ‘Grand Theft’ gone blatant and during the first week of the release of the Grand Theft Auto 4 in 2008, it topped half of millions of dollars, sold 3.6 million copies and generated $310 million in sales i.e., earning about 5 times as much as the blockbust...

Facebook Cancellation Malware Disguised As Adobe Update Making Rounds

Users who receive e-mails that appear to come from Facebook asking if they’d like to cancel their accounts should beware that it’s more than likely an attempt to install malware on their computers. According to reports from ZDNet and Sophos, there’s been a rash of Facebook-centric e-mails making...

Sabpab - Another Mac os Backdoor Trojan Discovered

Sabpab - Another Mac os Backdoor Trojan Discovered Security firm Sophos has discovered more malware for the Mac OS X platform called Sabpab. It uses the same Java vulnerability as Flashback to install itself as a "drive-by download." Users of older versions of Java now have still more malware to...

Federal Trojan's Got A "Big Brother"

About two weeks ago, the German Chaos Computer Club CCC has published an analysis report of a backdoor trojan that they claim had been used by German police during investigations in order to capture VoIP and IM communication on a suspect’s PC. Our friends over at F-Secure published a blog post la...

Microsoft Targets SpyEye Trojan in Latest MSRT Update

The company takes aim at the ubiquitous SpyEye banking trojan with its free Malicious Software Removal Tool MSRT, saying that the malware is more common than ever, and is being used to grab data from sensitive online sessions. In a blog post on Wednesday on the company’s Malware Protection Center...

BlackHole RAT : Mac OS X backdoor Trojan !

'BlackHole' is the latest remote administration tool RAT and is available both in Windows and Mac. Hacktool such RAT employs client-server program that communicates to its victim's machine through its trojan server. The server application is installed on the victim while the client application is...

Update Protection against Recent Malware Threats (4-Oct-09)

The update includes new protections against 20 recent malware threats:Backdoor: Trojan.Win32.StartPageRogue-Software: 007 Anti-SpywareRogue-Software: Fast Antivirus 2009Rogue-Software: PC AntiSpyware 2010Rogue-Software: Personal AntivirusRogue-Software: Rogue-Software.AVCareRogue-Software: Smart...

Update Protection against Recent Malware Threats (1-Sep-09)

The update includes new protections against 9 recent malware threats:Backdoor-Trojan: Backdoor.Win32.Dreamy.bcTrickler: Trojan-Dropper.Win32.Agent.aqpnTrickler: Trojan-Downloader.Win32.Banload.bvkTrojan: Sus.BancDl-BTrojan: Trojan-Spy.Win32.VB.btmTrojan: Trojan-Downloader.Win32.VB.necTrojan:...