Lucene search
K

99 matches found

The Hacker News
The Hacker News
added 2026/06/24 3:59 p.m.7 views

Amadey and StealC Malware Network Disrupted, 27M Stolen Credentials Recovered

A coordinated law enforcement operation, in partnership with private sector companies, including Bitdefender, Bitsight, ESET, and Microsoft, has resulted in the takedown of criminal infrastructure powering Amadey and StealC. "The main common goal was to disrupt the 'assembly lines' cybercriminals...

5.8AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2026/06/24 12:30 p.m.16 views

StealC and Amadey: Breaking down infostealers and the cybercrime services that deliver them

In this article 1. The role of infostealers: From credential theft to intrusion 2. StealC: Infostealer for rent 3. Amadey: Malware-as-a-service for delivery of infostealers 4. Defending against StealC and Amadey intrusions 5. Microsoft Defender detections 6. Indicators of compromise Infostealers...

6.2AI score
Exploits0
Talos Blog
Talos Blog
added 2026/05/19 10:0 a.m.8 views

From PDB strings to MaaS: Tracking a commodity BadIIS ecosystem used by Chinese-speaking threat

Cisco Talos has uncovered a BadIIS variant -- identifiable by its embedded "demo.pdb" strings -- that functions as commodity malware. This variant is likely sold or shared among multiple Chinese-speaking cybercrime groups that operate under a malware-as-a-service MaaS model for continuous...

5.9AI score
Exploits0
Securelist
Securelist
added 2026/02/19 11:0 a.m.10 views

Arkanix Stealer: a C++ & Python infostealer

Introduction In October 2025, we discovered a series of forum posts advertising a previously unknown stealer, dubbed "Arkanix Stealer" by its authors. It operated under a MaaS malware-as-a-service model, providing users not only with the implant but also with access to a control panel featuring...

6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/12/01 3:33 p.m.10 views

New Android malware lets criminals control your phone and drain your bank account

Albiriox is a new family of Android banking malware that gives attackers live remote control over infected phones, letting them quietly drain bank and crypto accounts during real sessions. Researchers have analyzed a new Android malware family called Albiriox which is showing signs of developing...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2025/12/01 8:45 a.m.4 views

New Albiriox MaaS Malware Targets 400+ Apps for On-Device Fraud and Screen Control

A new Android malware named Albiriox has been advertised under a malware-as-a-service MaaS model to offer a "full spectrum" of features to facilitate on-device fraud ODF, screen manipulation, and real-time interaction with infected devices. The malware embeds a hard-coded list comprising over 400...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/11/13 10:15 a.m.5 views

We opened a fake invoice and fell down a retro XWorm-shaped wormhole

Somebody forwarded an “invoice” email and asked me to check the attachment because it looked suspicious. Good instinct—it was, and what we found inside was a surprisingly old trick hiding a modern threat. What it does If the recipient had opened the attached Visual Basic Script .vbs file, it woul...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2025/10/28 4:33 p.m.8 views

New Android Trojan 'Herodotus' Outsmarts Anti-Fraud Systems by Typing Like a Human

Cybersecurity researchers have disclosed details of a new Android banking trojan called Herodotus that has been observed in active campaigns targeting Italy and Brazil to conduct device takeover DTO attacks. "Herodotus is designed to perform device takeover while making first attempts to mimic...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/09/05 2:7 p.m.5 views

TAG-150 Develops CastleRAT in Python and C, Expanding CastleLoader Malware Operations

The threat actor behind the malware-as-a-service MaaS framework and loader called CastleLoader has also developed a remote access trojan known as CastleRAT. "Available in both Python and C variants, CastleRAT's core functionality consists of collecting system information, downloading and executin...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/08/07 6:26 p.m.8 views

SocGholish Malware Spread via Ad Tools; Delivers Access to LockBit, Evil Corp, and Others

The threat actors behind the SocGholish malware have been observed leveraging Traffic Distribution Systems TDSs like Parrot TDS and Keitaro TDS to filter and redirect unsuspecting users to sketchy content. "The core of their operation is a sophisticated Malware-as-a-Service MaaS model, where...

7.8CVSS6.3AI score0.05722EPSS
Exploits0
The Hacker News
The Hacker News
added 2025/06/19 5:23 p.m.13 views

New Android Malware Surge Hits Devices via Overlays, Virtualization Fraud, and NFC Theft

Cybersecurity researchers have exposed the inner workings of an Android malware called AntiDot that has compromised over 3,775 devices as part of 273 unique campaigns. "Operated by the financially motivated threat actor LARVA-398, AntiDot is actively sold as a Malware-as-a-Service MaaS on...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/06/10 2:20 p.m.27 views

Rust-based Myth Stealer Malware Spread via Fake Gaming Sites Targets Chrome, Firefox Users

Cybersecurity researchers have shed light on a previously undocumented Rust-based information stealer called Myth Stealer that's being propagated via fraudulent gaming websites. "Upon execution, the malware displays a fake window to appear legitimate while simultaneously decrypting and executing...

7.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/05/22 12:17 p.m.6 views

Lumma information stealer infrastructure disrupted

The US Department of Justice DOJ and Microsoft have disrupted the infrastructure of the Lumma information stealer infostealer. Lumma Stealer, also known as LummaC or LummaC2, first emerged in late 2022 and quickly established itself as one of the most prolific infostealers. Infostealers is the na...

7.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/04/24 1:39 p.m.14 views

Android malware turns phones into malicious tap-to-pay machines

Got an Android phone? Got a tap-to-pay card? Then you're like millions of other users now at risk from a new form of cybercrime - malware that can read your credit or debit card and hand its data over to an attacker. A newly discovered malicious program effectively turns Android phones into...

7AI score
Exploits0
Securelist
Securelist
added 2025/04/21 12:0 p.m.36 views

Lumma Stealer – Tracking distribution channels

Introduction The evolution of Malware-as-a-Service MaaS has significantly lowered the barriers to entry for cybercriminals, with information stealers becoming one of the most commercially successful categories in this underground economy. Among these threats, Lumma Stealer has emerged as a...

7.6AI score
Exploits0
Trellix
Trellix
added 2025/04/21 12:0 a.m.10 views

A Deep Dive into the Latest Version of Lumma InfoStealer

Unmasking the Evolving Threat: A Deep Dive into the Latest Version of Lumma InfoStealer with Code Flow Obfuscation By Mohideen Abdul Khader · April 21, 2025 Summary Lumma Stealer, first identified in 2022, remains a significant threat to this day, continuously evolving its tactics, techniques, an...

6AI score
Exploits0
Securelist
Securelist
added 2025/03/11 10:0 a.m.8 views

DCRat backdoor returns

Since the beginning of the year, we've been tracking in our telemetry a new wave of DCRat distribution, with paid access to the backdoor provided under the Malware-as-a-Service MaaS model. The cybercriminal group behind it also offers support for the malware and infrastructure setup for hosting t...

7.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/02/20 3:49 p.m.8 views

Google Docs used by infostealer ACRStealer as part of attack

An infostealer known as ACRStealer is using legitimate platforms like Google Docs and Steam as part of an attack, according to researchers. ACRStealer is often distributed via the tried and tested method of download as cracks and keygens, which are used in software piracy. The infostealer has bee...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/09 1:40 p.m.7 views

New Banshee Stealer Variant Bypasses Antivirus with Apple's XProtect-Inspired Encryption

Cybersecurity researchers have uncovered a new, stealthier version of a macOS-focused information-stealing malware called Banshee Stealer. "Once thought dormant after its source code leak in late 2024, this new iteration introduces advanced string encryption inspired by Apple's XProtect," Check...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/06 8:22 a.m.6 views

More_eggs MaaS Expands Operations with RevC2 Backdoor and Venom Loader

The threat actors behind the Moreeggs malware have been linked to two new malware families, indicating an expansion of its malware-as-a-service MaaS operation. This includes a novel information-stealing backdoor called RevC2 and a loader codenamed Venom Loader, both of which are deployed using...

8.4AI score
Exploits0
Rows per page
Query Builder