Lucene search
K

8 matches found

The Hacker News
The Hacker News
added 2026/03/13 1:38 p.m.9 views

Storm-2561 Spreads Trojan VPN Clients via SEO Poisoning to Steal Credentials

Microsoft has disclosed details of a credential theft campaign that employs fake virtual private network VPN clients distributed through search engine optimization SEO poisoning techniques. "The campaign redirects users searching for legitimate enterprise software to malicious ZIP files on...

5.9AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2026/03/12 5:0 p.m.7 views

Storm-2561 uses SEO poisoning to distribute fake VPN clients for credential theft

In this article 1. From search to stolen credentials: Storm-2561 attack chain 2. Defending against credential theft campaigns 3. Microsoft Defender detection and hunting guidance 4. Indicators of compromise In mid-January 2026, Microsoft Defender Experts identified a credential theft campaign tha...

5.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/10/13 7:19 a.m.6 views

A week in security (October 6 – October 12)

Last week on Malwarebytes Labs: Apple voices concerns over age-check law that could put user privacy at risk Your passwords don’t need so many fiddly characters, NIST says Millions of very private chats exposed by two AI companion apps Fake VPN and streaming app drops malware that drains your ban...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/08/06 8:0 p.m.10 views

Fake VPN and Spam Blocker Apps Tied to VexTrio Used in Ad Fraud, Subscription Scams

The malicious ad tech purveyor known as VexTrio Viper has been observed developing several malicious apps that have been published on Apple and Google's official app storefronts under the guise of seemingly useful applications. These apps masquerade as VPNs, device "monitoring" apps, RAM cleaners...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/25 7:36 a.m.31 views

Hackers Use Fake VPN and Browser NSIS Installers to Deliver Winos 4.0 Malware

Cybersecurity researchers have disclosed a malware campaign that uses fake software installers masquerading as popular tools like LetsVPN and QQ Browser to deliver the Winos 4.0 framework. The campaign, first detected by Rapid7 in February 2025, involves the use of a multi-stage, memory-resident...

7.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/04/03 9:20 a.m.2 views

Crypto-Stealing OpcJacker Malware Targets Users with Fake VPN Service

A piece of new information-stealing malware called OpcJacker has been spotted in the wild since the second half of 2022 as part of a malvertising campaign. "OpcJacker's main functions include keylogging, taking screenshots, stealing sensitive data from browsers, loading additional modules, and...

6.9AI score
Exploits0
HackRead
HackRead
added 2022/11/24 5:28 p.m.23 views

Bahamut Using Fake VPN Apps to Steal Android User Credentials

By Deeba Ahmed Researchers believe that the attack is ongoing, in which hackers are using malicious versions of SoftVPN, SecureVPN, and OpenVPN software. This is a post from HackRead.com Read the original post: Bahamut Using Fake VPN Apps to Steal Android User Credentials...

2.7AI score
Exploits0
The Hacker News
The Hacker News
added 2022/11/24 10:55 a.m.37 views

Bahamut Cyber Espionage Hackers Targeting Android Users with Fake VPN Apps

The cyber espionage group known as Bahamut has been attributed as behind a highly targeted campaign that infects users of Android devices with malicious apps designed to extract sensitive information. The activity, which has been active since January 2022, entails distributing rogue VPN apps...

0.7AI score
Exploits0
Rows per page
Query Builder