11 matches found
Malicious ISO File Used in Romance Scam Targeting German Speakers
Sublime Security reveals a cunning romance/adult-themed scam targeting German speakers, leveraging Keitaro TDS to deliver an AutoIT-based malware loader. Learn how this sophisticated campaign operates, its deceptive tactics, and the hidden payload...
Cyber Threats in Costume: When Attacks Hide Behind a Mask
Introduction As Halloween approaches, the idea of costumes and disguises takes center stage, but the spirit of deception isn’t limited to one night. In the digital world, cyberattacks can also wear masks, concealing their true intentions to slip past defenses. Just as a costume can obscure who’s...
Episode 2: Behind the Scenes of a Tailor-Made Massive Phishing Campaign Part 2
Executive Summary Last summer, we investigated a massive, global phishing campaign impersonating almost 350 legitimate companies. Our continued investigation into this expansive phishing campaign revealed leaked backend source code, shedding light on the infrastructure behind the operation. This...
Python’s Poisoned Package: Another ‘Blank Grabber’ Malware in PyPI
Python Package Index PyPI is a platform that offers an extensive range of packages to simplify and enhance the development process. Malicious actors regularly upload phishing packages in the platform’s repository aimed at delivering malware to steal the victims information, or more frequently, to...
Arid Viper Targeting Arabic Android Users with Spyware Disguised as Dating App
The threat actor known as Arid Viper aka APT-C-23, Desert Falcon, or TAG-63 has been attributed as behind an Android spyware campaign targeting Arabic-speaking users with a counterfeit dating app designed to harvest data from infected handsets. "Arid Viper's Android malware has a number of featur...
Unveiling the Minas Miner’s Deceptive Tactics
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Minas is a multi-stage cryptocurrency miner with a concealed presence. It evades detection through encryption, randomization, and persistence techniques, showcasing determined network compromise. To...
New Android Malware 'FluHorse' Targeting East Asian Markets with Deceptive Tactics
Various sectors in East Asian markets have been subjected to a new email phishing campaign that distributes a previously undocumented strain of Android malware called FluHorse that abuses the Flutter software development framework. "The malware features several malicious Android applications that...
Researchers Uncover Chinese Nation State Hackers' Deceptive Attack Strategies
A recent campaign undertaken by Earth Preta indicates that nation-state groups aligned with China are getting increasingly proficient at bypassing security solutions. The threat actor, active since at least 2012, is tracked by the broader cybersecurity community under Bronze President, HoneyMyte,...
Google Location Tracking Lambasted in Arizona Lawsuit
Google has been hit by a lawsuit alleging that it violates user privacy by collecting location data via various means – and claiming that Google makes it nearly “impossible” for users to opt out of such data tracking. The lawsuit, filed by Arizona Attorney General Mark Brnovich, alleges that Goog...
Stripchat bot spells block
Here at Malwarebytes, we spent a lot of time and effort scouring the Internet looking for malicious websites that we can protect our users from. Sometimes, these websites are pushing malware or some kind of scam. Other times it comes down to bad advertising practices that are used to fool the use...
Fake iPhone Camera+ App Allowed in App Store
A fake version of the popular Camera+ iPhone application was offered on Apple’s App Store over the weekend, according to a post by Glyn Evans on the iPhoneography blog on Saturday, just the latest example of suspicious and malicious applications to slip through Apple’s shadowy application vetting...