323 matches found
Hackers Using New QuirkyLoader Malware to Spread Agent Tesla, AsyncRAT and Snake Keylogger
Cybersecurity researchers have disclosed details of a new malware loader called QuirkyLoader that's being used to deliver via email spam campaigns an array of next-stage payloads ranging from information stealers to remote access trojans since November 2024. Some of the notable malware families...
Malvertising campaign leads to PS1Bot, a multi-stage malware framework
Cisco Talos has observed an ongoing malware campaign that seeks to infect victims with a multi-stage malware framework, implemented in PowerShell and C, which we are referring to as "PS1Bot." PS1Bot features a modular design, with several modules delivered used to perform a variety of malicious...
Malicious code in css-keylogger (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4d7d5c0eac76577da5186e985efd72018e773d9ada891e44852188b9e5cd8632 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5683 Malicious code in css-keylogger (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4d7d5c0eac76577da5186e985efd72018e773d9ada891e44852188b9e5cd8632 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Pulsegram - Integrated Keylogger With Telegram
PulseGram is a keylogger integrated with a Telegram bot. It is a monitoring tool that captures keystrokes, clipboard content, and screenshots, sending all the information to a configured Telegram bot. It is designed for use in adversary simulations and security testing contexts. ⚠️ Warning: This...
A week in security (April 7 – April 13)
Last week on Malwarebytes Labs: The Pall Mall Pact and why it matters Child predators are lurking on dating apps, warns report Your 23andMe genetic data could be bought by China, senator warns WhatsApp for Windows vulnerable to attacks. Update now! Man accused of using keylogger to spy on...
Moukthar - Android Remote Administration Tool
Remote adminitration tool for android Features Permissions bypass android 12 below https://youtube.com/shorts/-w8H0lkFxb0 Keylogger https://youtube.com/shorts/Ll9dNrkjFOA Notifications listener SMS listener Phone call recording Image capturing and screenshots Video recording Persistence Read &...
Man accused of using keylogger to spy on colleagues, log in to their personal accounts and watch them at home
When you next type something sensitive on your computer keyboard, be sure that no-one else is watching. A recent case of alleged cyber-voyeurism shows how important it is to secure your computer against unwanted eavesdroppers using malwareware. In a class action lawsuit, six women have accused...
New Snake Keylogger Variant Leverages AutoIt Scripting to Evade Detection
A new variant of the Snake Keylogger malware is being used to actively target Windows users located in China, Turkey, Indonesia, Taiwan, and Spain. Fortinet FortiGuard Labs said the new version of the malware has been behind over 280 million blocked infection attempts worldwide since the start of...
Snake Keylogger Variant Hits Windows, Steals Data via Telegram Bots
The New Snake Keylogger variant targets Windows users via phishing emails, using AutoIt for stealth. Learn how it…...
North Korean APT Kimsuky Uses forceCopy Malware to Steal Browser-Stored Credentials
The North Korea-linked nation-state hacking group known as Kimsuky has been observed conducting spear-phishing attacks to deliver an information stealer malware named forceCopy, according to new findings from the AhnLab Security Intelligence Center ASEC. The attacks commence with phishing emails...
New TorNet Backdoor Exploits TOR Network in Advanced Phishing Attack
Advanced phishing campaign targets Poland and Germany, delivering Agent Tesla, Snake Keylogger and newly identified TorNet backdoor via…...
Hackers Hide Malware in Images to Deploy VIP Keylogger and 0bj3ctivity Stealer
Threat actors have been observed concealing malicious code in images to deliver malware such as VIP Keylogger and 0bj3ctivity Stealer as part of separate campaigns. "In both campaigns, attackers hid malicious code in images they uploaded to archive.org, a file-hosting website, and used the same...
Metasploit Weekly Wrap-Up 12/06/2024
Post-Thanksgiving Big Release This week's release is an impressive one. It adds 9 new modules, which will get you remote code execution on products such as Ivanti Connect Secure, VMware vCenter Server, Asterisk, Fortinet FortiManager and Acronis Cyber Protect. It also includes an account takeover...
MAL-2024-12309 Malicious code in my-service-manager (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 58c8e4c726cef11c6d7d60916210f532060a6ff7a98bb7fea5872eb10335dd5d While the package appears to be a manager for Windows service, the linked executable is an infostealer with capabilities like cookie stealing ang keylogger. Th...
Unwrapping the emerging Interlock ransomware attack
Cisco Talos Incident Response Talos IR recently observed an attacker conducting big-game hunting and double extortion attacks using the relatively new Interlock ransomware. Our analysis uncovered that the attacker used multiple components in the delivery chain including a Remote Access Tool RAT...
N. Korean Hackers Deploy New KLogEXE and FPSpy Malware in Targeted Attacks
Threat actors with ties to North Korea have been observed leveraging two new malware strains dubbed KLogEXE and FPSpy. The activity has been attributed to an adversary tracked as Kimsuky, which is also known as APT43, ARCHIPELAGO, Black Banshee, Emerald Sleet formerly Thallium, Sparkling Pisces,...
Andariel Hackers Target South Korean Institutes with New Dora RAT Malware
The North Korea-linked threat actor known as Andariel has been observed using a new Golang-based backdoor called Dora RAT in its attacks targeting educational institutes, manufacturing firms, and construction businesses in South Korea. "Keylogger, Infostealer, and proxy tools on top of the backdo...
MS Exchange Server Flaws Exploited to Deploy Keylogger in Targeted Attacks
An unknown threat actor is exploiting known security flaws in Microsoft Exchange Server to deploy a keylogger malware in attacks targeting entities in Africa and the Middle East. Russian cybersecurity firm Positive Technologies said it identified over 30 victims spanning government agencies, bank...
Panel.SmokeLoader MVID-2024-0682 Cross Site Request Forgery / Cross Site Scripting
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2024 Original source: https://malvuln.com/advisory/4b5fc3a2489985f314b81d35eac3560fB.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Panel.SmokeLoader Vulnerability: Cross Site Request Forgery CSRF - Persistent XSS Family:...