MAL-2025-2461 Malicious code in dexter-monitor (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 004306bbcac485618bf220d12e4cf5870da6b06f07741f2efeb35b44ce3dd9da Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in dexter-monitor (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 004306bbcac485618bf220d12e4cf5870da6b06f07741f2efeb35b44ce3dd9da Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Desert Dexter Targets 900 Victims Using Facebook Ads and Telegram Malware Links

The Middle East and North Africa have become the target of a new campaign that delivers a modified version of a known malware called AsyncRAT since September 2024. "The campaign, which leverages social media to distribute malware, is tied to the region's current geopolitical climate," Positive...

Malicious code in dexter-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware af68f212ffdb2522ba261549728dc70fe8cb18c52beaed06290818706c688606 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-2151 Malicious code in dexter-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware af68f212ffdb2522ba261549728dc70fe8cb18c52beaed06290818706c688606 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in dexter-angular-app (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d6bf5598a2ab8cfa28dc285027cc8774d194d3b78d22da1d849cd6ef4d140d28 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-10233 Malicious code in dexter-angular-app (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d6bf5598a2ab8cfa28dc285027cc8774d194d3b78d22da1d849cd6ef4d140d28 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

dexter-app.com Cross Site Scripting vulnerability OBB-3363881

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

lbcentre.com.au XSS vulnerability

Vulnerable URL: https://lbcentre.com.au/Dexter-Animal-Search.php?searchmembno==%27%22%3E%3Csvg%2Fonload%3Dconfirm%2FOPENBUGBOUNTY%2F%3E=======&searchbd1;=&searchbd2;======ASC=Search Details: Description| Value ---|--- Patched:| No Latest check for patch:| 12.01.2018 Vulnerability type:| XSS...

Dexter: Hidden Darkness - Customized SSL, Dangerous filesystem permissions, Exported ContentProvider vulnerabilities

HackApp vulnerability scanner discovered that application Dexter: Hidden Darkness published at the 'play' market has multiple vulnerabilities...

Dexter (CasinoLoader) Panel - SQL Injection

No description provided by source. Exploit Title: Dexter CasinoLoader Panel SQLi Date: Feb, 13, 2014 Exploit Author: Brian Wallace @botnethunter Version: CasinoLoader Tested on: Windows 7, Ubuntu, Debian import pycurl import urllib import cStringIO import base64 import argparse import sys import...

Soraya Malware Packs Form Grabbing, Memory Scraping Functionality

Malware capable of infecting point-of-sale devices once was a novelty, but it’s quickly becoming more common. Researchers at Arbor Networks have unearthed a new strain of PoS malware called Soraya that can scrape memory and has the ability to intercept information sent from Web forms, a specialty...

Dexter, Project Hook Point of Sale Malware Still Prevalent

While the Target data breach may be in the rear view mirror, research this week shows it’s clear that many attackers are still using point of sale malware, namely Dexter and Project Hook, in active attacks. Researchers at Arbor Networks’ Security Engineering & Response Team ASERT looked at severa...

Dexter (CasinoLoader) Panel - SQL Injection Exploit

Exploit for multiple platform in category web applications import pycurl import urllib import cStringIO import base64 import argparse import sys import string import pygeoip version = "0.1-httpbots-PoC" def PrintHelp: global version print "usage: dexter.PoC.py -h action gateway url" print "" prin...

Dexter (CasinoLoader) - SQL Injection (Metasploit)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "Dexter CasinoLoader SQL Injection", 'Description' = %q This module exploits a vulnerability found in the command and control panel us...

Dexter (CasinoLoader) Panel - SQL Injection

Exploit Title: Dexter CasinoLoader Panel SQLi Date: Feb, 13, 2014 Exploit Author: Brian Wallace @botnethunter Version: CasinoLoader Tested on: Windows 7, Ubuntu, Debian import pycurl import urllib import cStringIO import base64 import argparse import sys import string import pygeoip version =...

Dexter (CasinoLoader) SQL Injection

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "Dexter CasinoLoader SQL Injection", 'Description' = %q This module exploits a vulnerability found in the command and control panel us...

Dexter CasinoLoader SQL Injection Vulnerability

This Metasploit module exploits a vulnerability found in the command and control panel used to control Dexter Point of Sale malware. This is done by accessing the PHP page used by bots to report in gateway.php which does not sanitize input. Input is encrypted and encoded, but the key is supplied ...

Dexter CasinoLoader SQL Injection

Exploit Title: Dexter CasinoLoader Panel SQLi Date: Feb, 13, 2014 Exploit Author: Brian Wallace @botnethunter Version: CasinoLoader Tested on: Windows 7, Ubuntu, Debian import pycurl import urllib import cStringIO import base64 import argparse import sys import string import pygeoip version =...

New Dexter Point-of-Sale Malware Campaigns Discovered

The pesky Dexter point-of-sale malware, discovered more than a year ago, remains active primarily in Russia, the Middle East and Southeast Asia, while its cousin Project Hook is finding similar success in the United States, prompting experts to sound an alarm as holiday commerce ramps up...