Lucene search
K

19 matches found

Malwarebytes
Malwarebytes
added 2026/05/26 1:7 p.m.14 views

Fake software on GitHub and SourceForge distribute Deno RAT

During our threat hunting activities, we found fake installers and plugins impersonating popular software including ChatGPT, Claude, AutoTune, and Kontakt on GitHub and SourceForge distributing a Deno backdoor known as DinDoor. Attackers are using compromised YouTube channels to distribute links ...

6AI score
Exploits0
HackRead
HackRead
added 2026/04/07 5:56 p.m.3 views

Hackers Pose as Non-Profit Developers to Deploy Monero Mining Malware

REF1695 hackers spread Monero mining malware via fake non-profit installers, using stealth tactics to evade detection and hijack systems for profit...

5.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/03/06 11:11 a.m.9 views

Beware of fake OpenClaw installers, even if Bing points you to GitHub

Attackers are abusing OpenClaw’s popularity by seeding fake “installers” on GitHub, boosted by Bing AI search results, to deliver infostealers and proxy malware instead of the AI assistant users were looking for. OpenClaw is an open‑source, self‑hosted AI agent that runs locally on your machine...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2025/11/20 4:6 a.m.15 views

TamperedChef Malware Spreads via Fake Software Installers in Ongoing Global Campaign

Threat actors are leveraging bogus installers masquerading as popular software to trick users into installing malware as part of a global malvertising campaign dubbed TamperedChef. The end goal of the attacks is to establish persistence and deliver JavaScript malware that facilitates remote acces...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2025/10/10 2:25 p.m.3 views

Stealit Malware Abuses Node.js Single Executable Feature via Game and VPN Installers

Cybersecurity researchers have disclosed details of an active malware campaign called Stealit that has leveraged Node.js' Single Executable Application SEA feature as a way to distribute its payloads. According to Fortinet FortiGuard Labs, select iterations have also employed the open-source...

7.3AI score
Exploits0
HackRead
HackRead
added 2025/10/09 9:47 a.m.5 views

Fake Teams Installers Dropping Oyster Backdoor (aka Broomstick)

Hackers are using fake Microsoft Teams installers found in search results and ads to deploy the Oyster backdoor. Learn how to protect your PC from this remote-access threat...

6.9AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/05/22 12:0 p.m.40 views

NSIS Abuse and sRDI Shellcode: Anatomy of the Winos 4.0 Campaign

Co-authored byAnna Širokova and Ivan Feigl Executive summary Rapid7 has been tracking a malware campaign that uses fake software installers disguised as popular apps like VPN and QQBrowser—to deliver Winos v4.0, a hard-to-detect malware that runs entirely in memory and gives attackers remote...

7.8AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2025/01/10 12:0 a.m.3 views

How Cracks and Installers Bring Malware to Your Device

Our research shows how attackers use platforms like YouTube to spread fake installers via trusted hosting services, employing encryption to evade detection and steal sensitive browser data...

7.2AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2025/01/10 12:0 a.m.5 views

Trend Micro™ Managed XDR Analysis of Infection From Fake Installers and Cracks

Our research shows how attackers use platforms like YouTube to spread fake installers via trusted hosting services, employing encryption to evade detection and steal sensitive browser data...

7.2AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2025/01/10 12:0 a.m.7 views

Trend Micro Managed XDR Analysis of Infection From Fake Installers and Cracks

Our research shows how attackers use platforms like YouTube to spread fake installers via trusted hosting services, employing encryption to evade detection and steal sensitive browser data...

7.2AI score
Exploits0
hivepro
hivepro
added 2024/04/12 12:23 p.m.19 views

Malvertising Campaign Unleashes Nitrogen Malware Via Fake Installers

...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2023/02/16 1:42 p.m.3 views

Hackers Using Google Ads to Spread FatalRAT Malware Disguised as Popular Apps

Chinese-speaking individuals in Southeast and East Asia are the targets of a new rogue Google Ads campaign that delivers remote access trojans such as FatalRAT to compromised machines. The attacks involve purchasing ad slots to appear in Google search results and direct users looking for popular...

7.4AI score
Exploits0
ThreatPost
ThreatPost
added 2021/12/16 6:36 p.m.18 views

‘PseudoManuscrypt’ Mass Spyware Campaign Targets 35K Systems

Researchers have tracked new spyware – dubbed “PseudoManuscrypt” because it’s similar to “Manuscrypt” malware from the Lazarus advanced persistent threat APT group – that’s attempted to scribble itself across more than 35,000 targeted computers in 195 countries. Kaspersky researchers said in a...

8AI score
Exploits0References17
HackRead
HackRead
added 2021/12/04 5:13 p.m.17 views

Malvertising attack distributes malicious Chrome extensions, backdoors

By Waqas Researchers believe that the campaign has been active since 2018, and since then, the malware has been under development constantly. Cisco Talos researchers have identified malvertising campaigns using fake installers of popular games and applications, such as WeChat, Viber, Battlefield,...

3.3AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2021/09/27 12:0 a.m.18 views

Fake Installers Drop Malware and Open Doors for Opportunistic Attackers

We recently spotted fake installers of popular software being used to deliver bundles of malware onto victims’ devices. These installers are widely used lures that trick users into opening malicious documents or installing unwanted applications...

4AI score
Exploits0
ThreatPost
ThreatPost
added 2018/08/13 8:10 p.m.8 views

New Variant of KeyPass Ransomware Discovered

A new variant of the KeyPass ransomware has been gaining traction in August and is using new techniques like manual control to customize its encryption process, researchers said Monday. Researchers at Kaspersky Lab who posted about the trojan said that it is being propagated by means of fake...

0.2AI score
Exploits0References3
Securelist
Securelist
added 2018/08/13 12:21 p.m.59 views

KeyPass ransomware

In the last few days, our anti-ransomware module has been detecting a new variant of malware - KeyPass ransomware. Others in the security community have also noticed that this ransomware began to actively spread in August: Notification from MalwareHunterTeam Distribution model According to our...

6.7AI score
Exploits0
ThreatPost
ThreatPost
added 2013/01/22 5:23 p.m.12 views

Infected Site Spreading SMS Android Malware

The website of a popular watch retailer is reportedly redirecting users that visit the site on Android-based devices to a number of malicious domains serving up premium rate SMS malware. According to a WebRoot report, users that visit the unnamed watch-selling website in Bulgaria are redirected t...

1.7AI score
Exploits0References1
ThreatPost
ThreatPost
added 2012/02/16 6:48 p.m.40 views

Mobile, Android Threats Continued Sharp Growth in 2011

The occurrence of mobile malware increased by 155 percent across all platforms in 2011, and, according to Juniper Network’s 2011 Mobile Threat Report, malware specifically targeting the Android operating system saw its own increase of more than 3,000 percent. Juniper Networks attributes Android’s...

0.2AI score
Exploits0References3
Rows per page
Query Builder