Nitrogen shelling malware from hacked sites

Nitrogen is the name given to a campaign and associated malware that have been distributed via malicious search ads. Its signature move is using Python and DLL side-loading to connect to the attackers command and control server. In this blog post, we look at a recent Nitrogen campaign and...

Spear-Phishing Campaign Exploits Glitch Platform to Steal Credentials

A long-term spear-phishing campaign is targeting employees of major corporations with emails containing PDFs that link to short-lived Glitch apps hosting credential-harvesting SharePoint phishing pages, researchers have found. Researchers from DomainTools discovered the suspicious PDFs – which...

WordPress Sites Abused in Aggah Spear-Phishing Campaign

Threat actors are using compromised WordPress websites to target manufacturers across Asia with a new spear-phishing campaign that delivers the Warzone RAT, a commodity infostealer available widely for purchase on criminal forums, researchers have found. The threat group Aggah, believed to be...

Analysis: Flashback Spread Via Social Engineering, Then Java Exploits

Kaspersky Lab‘s latest analysis of the Mac OS X Flashback botnet reveals that the botnet’s malware was spread via drive-by downloads on hacked WordPress web sites. From September 2011 until February 2012, the Flashback creators distributed the trojan through compromised WordPress sites that...