Fake Antivirus App Spreads Android Malware to Spy on Russian Users

Doctor Web warns of Android.Backdoor.916.origin, a fake antivirus app that spies on Russian users by stealing data, streaming…...

YouTube Game Cheats Spread Arcane Stealer Malware to Russian-Speaking Users

YouTube videos promoting game cheats are being used to deliver a previously undocumented stealer malware called Arcane likely targeting Russian-speaking users. "What's intriguing about this malware is how much it collects," Kaspersky said in an analysis. "It grabs account information from VPN and...

SilentCryptoMiner Infects 2,000 Russian Users via Fake VPN and DPI Bypass Tools

A new mass malware campaign is infecting users with a cryptocurrency miner named SilentCryptoMiner by masquerading it as a tool designed to circumvent internet blocks and restrictions around online services. Russian cybersecurity company Kaspersky said the activity is part of a larger trend where...

Experts Warn of Browser Extensions Spying On Users via Cloud9 Chrome Botnet Network

The Keksec threat actor has been linked to a previously undocumented malware strain, which has been observed in the wild masquerading as an extension for Chromium-based web browsers to enslave compromised machines into a botnet. Called Cloud9 by security firm Zimperium, the malicious browser add-...

Experts Uncover 350 Browser Extension Variants Used in ABCsoup Adware Campaign

A malicious browser extension with 350 variants is masquerading as a Google Translate add-on as part of an adware campaign targeting Russian users of Google Chrome, Opera, and Mozilla Firefox browsers. Mobile security firm Zimperium dubbed the malware family ABCsoup, stating the "extensions are...

Microsoft Releases Workarounds for Office Vulnerability Under Active Exploitation

Microsoft on Monday published guidance for a newly discovered zero-day security flaw in its Office productivity suite that could be exploited to achieve code execution on affected systems. The weakness, now assigned the identifier CVE-2022-30190, is rated 7.8 out of 10 for severity on the CVSS...

Reddit: Domain Takeover of Reddit.ru via DNS Hijacking

Summary I discovered that Reddit.ru was vulnerable to DNS hijacking via DNS provider, Reg.ru. This would allow a malicious attacker to control the content on this domain, as well as, create email addresses associated with it... I'm going to be totally honest and say that any of us ethical hackers...

Scam Alert: You've Been Selected for 'Like of the Year 2020' Cash Prizes

Cybersecurity researchers have discovered a large-scale ongoing fraud scheme that lures unsuspecting Russian Internet users with promises of financial rewards to steal their payment card information. According to researchers at Group-IB, the multi-stage phishing attack exploited the credibility o...

Clop Ransomware

ARCHIVED STORY Clop Ransomware Alexandre Mundo · AUG 01, 2019 This new ransomware was discovered by Michael Gillespie on 8 February 2019 and it is still improving over time. This blog will explain the technical details and share information about how this new ransomware family is working. There a...

TAU Threat Intelligence Notification: Shade Ransomware

Summary Recently there is a new wave of malicious spam campaign distributing Shade ransomware via sending malicious JavaScript attachments. The spam campaign was mainly targeting users from Russia, and the ransom note was written in both Russian and English. This variant of Shade ransomware will...

Scarab ransomware: new variant changes tactics

The Scarab ransomware was discovered in June 2017. Since then, several variants have been created and discovered in the wild. The most popular or widespread versions were distributed via the Necurs botnet and initially written in Visual C compiled. However, after unpacking, we've found that anoth...

Apple Addresses New SMS Trojan in Malware Lists

Apple has made updates to its malware definitions to address yesterday’s news of a new OS X Trojan, SMSSend.3666, that was disguising itself as legitimate software and confounding Russian users. The Trojan, first blogged about by antivirus firm Dr. Web, tricked users into entering their cell phon...

new bugs in MyWebServer

Hi. Bugs founded in MyWebServer v.1.0.2. You can download it from www.mywebserver.org. 1. Buffer overflow in MWS Search Engine. Remote attacker can crash web-server and run shell-code by sending keyword with a large size. Xsploit:...