6 matches found
Newly identified RA Group compromises companies in U.S. and South Korea with leaked Babuk source code
Cisco Talos recently discovered a new ransomware actor called RA Group that has been operating since at least April 22, 2023. The actor is swiftly expanding its operations. To date, the group has compromised three organizations in the U.S. and one in South Korea across several business verticals,...
Attacker builds malware variant with leaked Mirai source code
By Sudais Asif The source code of Mirai was leaked in September 2016, on the hacking community Hackforums. This is a post from HackRead.com Read the original post: Attacker builds malware variant with leaked Mirai source code...
Unique Malspam Campaign Uses MS Publisher to Drop a RAT on Banks
UPDATE A malspam campaign targeting a slew of banks is turning researchers’ heads with its unusual use of a Microsoft Office Publisher file to infect victims’ systems with a well-known backdoor. Researchers with Trustwave said that they have seen a spate of emails with a Microsoft Office Publishe...
Revamped Nukebot Malware Changes Targets, Adds Functions
A revamped version of the Nukebot banking trojan dubbed Jimmy Nukebot has shifted focus from stealing bankcard data and now acts as a conduit for quietly downloading malicious payloads for web-injects, cryptocurrency mining, and taking screenshots of targeted systems. The code is a modification o...
Threat Round-up for Aug 11 - Aug 18
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between August 11 and August 18. As with previous round-ups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavior...
Carberp Web Panel C2 Backdoor Remote PHP Code Execution
This module exploits backdoors that can be found all over the leaked source code of the Carberp botnet C2 Web Panel. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Carberp Web Panel C2 Backdoo...