22 matches found
⚡ Weekly Recap: APT Campaigns, Browser Hijacks, AI Malware, Cloud Breaches and Critical CVEs
Cyber threats don't show up one at a time anymore. They're layered, planned, and often stay hidden until it's too late. For cybersecurity teams, the key isn't just reacting to alerts—it's spotting early signs of trouble before they become real threats. This update is designed to deliver clear,...
Operation Endgame Takes Down DanaBot Malware, Neutralizes 300 Servers
Operation Endgame takes down DanaBot malware network; 300 servers neutralized, €21.2M in crypto seized, 16 charged, 20 international warrants...
U.S. Dismantles DanaBot Malware Network, Charges 16 in $50M Global Cybercrime Operation
The U.S. Department of Justice DoJ on Thursday announced the disruption of the online infrastructure associated with DanaBotaka DanaTools and unsealed charges against 16 individuals for their alleged involvement in the development and deployment of the malware, which it said was controlled by a...
Oops: DanaBot Malware Devs Infected Their Own PCs
The U.S. government today unsealed criminal charges against 16 individuals accused of operating and selling DanaBot , a prolific strain of information-stealing malware that has been sold on Russian cybercrime forums since 2018. The FBI says a newer version of DanaBot was used for espionage, and...
Russian Hackers Using Fake Brand Sites to Spread DanaBot and StealC Malware
Cybersecurity researchers have shed light on a sophisticated information stealer campaign that impersonates legitimate brands to distribute malware like DanaBot and StealC. The activity cluster, orchestrated by Russian-speaking cybercriminals and collectively codenamed Tusk, is said to encompass...
DanaBot Stealer: Multistage MaaS Malware Resurfaces
Summary: DanaBot is a covert malware designed for the discreet theft of sensitive data for financial gain. Unlike ransomware, its focus is on prolonged persistence rather than immediate disruption. Functioning as a malware-as-a-service MaaS platform, DanaBot is versatile, targeting individuals,...
Microsoft Warns of Malvertising Scheme Spreading CACTUS Ransomware
Microsoft has warned of a new wave of CACTUS ransomware attacks that leverage malvertising lures to deploy DanaBot as an initial access vector. The DanaBot infections led to "hands-on-keyboard activity by ransomware operator Storm-0216 Twisted Spider, UNC2198, culminating in the deployment of...
New Malvertising Campaign Uses Fake Windows News Portal to Distribute Malicious Installers
A new malvertising campaign has been found to employ fake sites that masquerade as legitimate Windows news portal to propagate a malicious installer for a popular system profiling tool called CPU-Z. "This incident is a part of a larger malvertising campaign that targets other utilities like...
HijackLoader a Deceptive Modular Malware Loader
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new malware loader, HijackLoader, is swiftly gaining prominence within the cybercriminal sphere, being leveraged to disseminate an array of malicious malware strains, including DanaBot, SystemBC, and...
New HijackLoader Modular Malware Loader Making Waves in the Cybercrime World
A new malware loader called HijackLoader is gaining traction among the cybercriminal community to deliver various payloads such as DanaBot, SystemBC, and RedLine Stealer. "Even though HijackLoader does not contain advanced features, it is capable of using a variety of modules for code injection a...
IT threat evolution in Q1 2023. Non-mobile statistics
IT threat evolution in Q1 2023 IT threat evolution in Q1 2023. Non-mobile statistics IT threat evolution in Q1 2023. Mobile statistics These statistics are based on detection verdicts of Kaspersky products and services received from users who consented to providing statistical data. Quarterly...
FBI Cracks Down on Genesis Market: 119 Arrested in Cybercrime Operation
A joint international law enforcement operation has dismantled Genesis Market, an illegal online marketplace that specialized in the sale of stolen credentials associated with email, bank accounts, and social media platforms. Coinciding with the infrastructure seizure, the major crackdown, which...
Researchers Find Link b/w PrivateLoader and Ruzki Pay-Per-Install Services
Cybersecurity researchers have exposed new connections between a widely used pay-per-install PPI malware service known as PrivateLoader and another PPI platform offered by a cybercriminal actor dubbed ruzki. "The threat actor ruzki aka les0k, zhigalsz advertises their PPI service on underground...
DDoS attacks in Q1 2022
News overview The DDoS landscape in Q1 2022 was shaped by the ongoing conflict between Russia and Ukraine: a significant part of all DDoS-related news concerned these countries. In mid-January, the website of Kyiv Mayor Vitali Klitschko was hit by a DDoS attack, and the websites of a number of...
This malware hides behind free VPN, pirated security software keys
By Waqas The New Version of DanaBot is now found in pirated software keys including ones offering free VPN, anti-virus software and pirated games, etc. This is a post from HackRead.com Read the original post: This malware hides behind free VPN, pirated security software keys...
DanaBot Malware Roars Back into Relevancy
Researchers are warning that a new fourth version of the DanaBot banking trojan has surfaced after months of mysteriously going quiet. The latest variant, still under analysis by researchers, is raising concerns given the number of past DanaBot effective campaigns. From May 2018 to June 2020,...
Brand-New SystemBC Proxy Malware Spotted Using SOCKS5 for Stealth
A previously undocumented proxy malware, dubbed “SystemBC,” is upping the stealth game by using SOCKS5 to evade detection. It’s being distributed by the Fallout and RIG exploit kits EKs, according to researchers. Proofpoint researchers said on Thursday that in the most recently tracked example, t...
DanaBot Adds Ransomware to its Arsenal
A new sample of the DanaBot trojan spotted in a recent campaign reveals that operators behind the malware have now included a ransomware component into its code, along with new string encryption and communications protocols. The update, wrote Check Point researchers on Thursday, represents a...
ThreatList: Ransomware Trojans Picking Up Steam in 2019
With the number of unique cyberincidents continuing to grow, ransomware-based attacks in particular are on the rise in 2019, researchers said. Ransomware trojan-based infections jutted up from 9 percent in the fourth quarter of 2018 to 24 percent in the first quarter of 2019, said Positive...
CB TAU Threat Intelligence Notification: Danabot Trojan Targets Financial Services Industry via Stolen Credentials
Summary Danabot is a banking trojan written in the Delphi programming language. Delivery methods are typically via phishing emails that contain malicious attachments, which further call out to download the main payload using PowerShell or VBScript. Danabot is modular in nature and has capabilitie...