Lucene search
K

6 matches found

The Hacker News
The Hacker News
added 2026/03/13 1:38 p.m.8 views

Storm-2561 Spreads Trojan VPN Clients via SEO Poisoning to Steal Credentials

Microsoft has disclosed details of a credential theft campaign that employs fake virtual private network VPN clients distributed through search engine optimization SEO poisoning techniques. "The campaign redirects users searching for legitimate enterprise software to malicious ZIP files on...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/06/23 10:40 a.m.2 views

Powerful JavaScript Dropper PindOS Distributes Bumblebee and IcedID Malware

A new strain of JavaScript dropper has been observed delivering next-stage payloads like Bumblebee and IcedID. Cybersecurity firm Deep Instinct is tracking the malware as PindOS , which contains the name in its "User-Agent" string. Both Bumblebee and IcedID serve as loaders, acting as a vector fo...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2023/06/15 1:48 p.m.3 views

Vidar Malware Using New Tactics to Evade Detection and Anonymize Activities

The threat actors behind the Vidar malware have made changes to their backend infrastructure, indicating attempts to retool and conceal their online trail in response to public disclosures about their modus operandi. "Vidar threat actors continue to rotate their backend IP infrastructure, favorin...

6.3AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/28 12:8 p.m.46 views

IcedID Malware Shifts Focus from Banking Fraud to Ransomware Delivery

Multiple threat actors have been observed using two new variants of the IcedID malware in the wild with more limited functionality that removes functionality related to online banking fraud. IcedID, also known as BokBot, started off as a banking trojan in 2017. It's also capable of delivering...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2022/08/18 9:20 a.m.61 views

Hackers Using Bumblebee Loader to Compromise Active Directory Services

The malware loader known as Bumblebee is being increasingly co-opted by threat actors associated with BazarLoader, TrickBot, and IcedID in their campaigns to breach target networks for post-exploitation activities. "Bumblebee operators conduct intensive reconnaissance activities and redirect the...

1.1AI score
Exploits0
The Hacker News
The Hacker News
added 2022/04/28 10:39 a.m.42 views

Cybercriminals Using New Malware Loader 'Bumblebee' in the Wild

Cybercriminal actors previously observed delivering BazaLoader and IcedID as part of their malware campaigns are said to have transitioned to a new loader called Bumblebee that's under active development. "Based on the timing of its appearance in the threat landscape and use by multiple...

7.2AI score
Exploits0
Rows per page
Query Builder