31 matches found
Russian hacking group targets home and small office routers to spy on users
British security officials found that a group linked to the Russian military is spying on users of compromised Small Office/Home Office SOHO routers in a broad cyber espionage campaign. A Microsoft blog goes into the technical details of these attacks. The group, which we’ll refer to as APT28, bu...
APT28 Uses BEARDSHELL and COVENANT Malware to Spy on Ukrainian Military
The Russian state-sponsored hacking group tracked as APT28 has been observed using a pair of implants dubbed BEARDSHELL and COVENANT to facilitate long‑term surveillance of Ukrainian military personnel. The two malware families have been put to use since April 2024, ESET said in a new report shar...
Amazon: Russian GRU hackers favor misconfigured devices over vulnerabilities
Amazon Threat Intelligence reports Russian GRU hackers are increasingly breaking into critical infrastructure by abusing misconfigured devices instead of exploiting software vulnerabilities...
Russia-Linked Gamaredon Uses Troop-Related Lures to Deploy Remcos RAT in Ukraine
Entities in Ukraine have been targeted as part of a phishing campaign designed to distribute a remote access trojan called Remcos RAT. "The file names use Russian words related to the movement of troops in Ukraine as a lure," Cisco Talos researcher Guilherme Venere said in a report published last...
Who Stole 3.6M Tax Records from South Carolina?
For nearly a dozen years, residents of South Carolina have been kept in the dark by state and federal investigators over who was responsible for hacking into the states revenue department in 2012 and stealing tax and bank account information for 3.6 million people. The answer may no longer be a...
Why Malware Crypting Services Deserve More Scrutiny
If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or "crypt" your malware so that it appears benign to antivirus and security products. In fact, the process of "crypting" malware is sufficiently...
APT28 Targets Ukrainian Government Entities with Fake "Windows Update" Emails
The Computer Emergency Response Team of Ukraine CERT-UA has warned of cyber attacks perpetrated by Russian nation-state hackers targeting various government bodies in the country. The agency attributed the phishing campaign to APT28, which is also known by the names Fancy Bear, Forest Blizzard,...
New Report Reveals NikoWiper Malware That Targeted Ukraine Energy Sector
The Russia-affiliated Sandworm used yet another wiper malware strain dubbed NikoWiper as part of an attack that took place in October 2022 targeting an energy sector company in Ukraine. "The NikoWiper is based on SDelete, a command line utility from Microsoft that is used for securely deleting...
Experts Sound Alarm on DCRat Backdoor Being Sold on Russian Hacking Forums
Cybersecurity researchers have shed light on an actively maintained remote access trojan called DCRat aka DarkCrystal RAT that's offered on sale for "dirt cheap" prices, making it accessible to professional cybercriminal groups and novice actors alike. "Unlike the well-funded, massive Russian...
WatchGuard Didn't Explicitly Disclose a Flaw Exploited by Hackers
The security vendor kept a critical vulnerability in its firewall appliances quiet even as it was under attack from a Russian hacking group...
BlackGuard Password Stealing Malware Being Sold on Russian Hacking Forums
By Deeba Ahmed Zscaler ThreatLabz researchers have discovered sophisticated new info stealing malware available as malware-as-a-service on Russian hacking forums. In… This is a post from HackRead.com Read the original post: BlackGuard Password Stealing Malware Being Sold on Russian Hacking Forums...
Experts Shed Light on BlackGuard Infostealer Malware Sold on Russian Hacking Forums
A previously undocumented "sophisticated" information-stealing malware named BlackGuard is being advertised for sale on Russian underground forums for a monthly subscription of $200. "BlackGuard has the capability to steal all types of information related to Crypto wallets, VPN, Messengers, FTP...
New BloodyStealer malware steals data from gamers on EA, Epic, Steam
By Waqas The BloodyStealer malware is sold on Russian hacking forums while its capabilities include stealing gaming logs, login credentials, and much more. This is a post from HackRead.com Read the original post: New BloodyStealer malware steals data from gamers on EA, Epic, Steam...
Notorious Hacker 'Fxmsp' Outed After Widespread Access-Dealing
“Fxmsp,” a notorious hacker who made headlines last year for allegedly stealing and selling source code and customer access from McAfee, Symantec and Trend Micro, has been outed. He’s a Kazakh national named Andrey Turchin, and according to unsealed court documents, he faces hacking charges datin...
Russian Hackers Targeting Anti-Doping Agencies Ahead of 2020 Tokyo Olympics
As Japan gears up for the upcoming 2020 Summer Olympics in Tokyo for the next year, the country needs to brace itself for sophisticated cyberattacks, especially from state-sponsored hackers. Microsoft has issued a short notice, warning about a new wave of highly targeted cyberattacks by a group o...
Say hello to Baldr, a new stealer on the market
By William Tsing, Vasilios Hioureas, and Jérôme Segura Over the past few months, we have noticed increased activity and development of new stealers. Unlike many banking Trojans that wait for the victim to log into their bank's website, stealers typically operate in grab-and-go mode. This means th...
Former Russian Cybersecurity Chief Sentenced to 22 Years in Prison
A Russian court has handed down lengthy prison terms for two men convicted on treason charges for allegedly sharing information about Russian cybercriminals with U.S. law enforcement officials. The men -- a former Russian cyber intelligence official and an executive at Russian security firm...
A NASA Hack, a PewDiePie Fan, and More Security News
Amazon sends Echo recordings to the wrong person, Russians tried to get US Treasury dirt on Clinton donors, and more of the week's top security news...
A week in security (October 22 – 28)
Last week on Malwarebytes Labs, we took a look at some new Mac malware, gave you a roundup of 2018 exploit kits, and dispensed some advice on sextortion scams. We also looked at the Cathay Pacific breach, groaned at the revival of an old browser trick, and explained how voting machines and...
NSA Leaker 'Reality Winner' Gets More Than 5 Years in Prison
A former NSA contractor, who pleaded guilty to leaking a classified report on Russian hacking of the 2016 U.S. presidential election to an online news outlet last year, has been sentenced to five years and three months in prison. Reality Winner, a 26-year-old Georgia woman who held a top-secret...