Lucene search
K

39 matches found

thn
thn
added 2023/07/13 4:7 p.m.50 views

PicassoLoader Malware Used in Ongoing Attacks on Ukraine and Poland

Government entities, military organizations, and civilian users in Ukraine and Poland have been targeted as part of a series of campaigns designed to steal sensitive data and gain persistent remote access to the infected systems. The intrusion set, which stretches from April 2022 to July 2023,...

6.7AI score
Exploits0
thn
thn
added 2023/05/29 12:15 p.m.2 views

AceCryptor: Cybercriminals' Powerful Weapon, Detected in 240K+ Attacks

A crypter alternatively spelled cryptor malware dubbed AceCryptor has been used to pack numerous strains of malware since 2016. Slovak cybersecurity firm ESET said it identified over 240,000 detections of the crypter in its telemetry in 2021 and 2022. This amounts to more than 10,000 hits per...

7.1AI score
Exploits0
thn
thn
added 2023/05/29 12:15 p.m.54 views

AceCryptor: Cybercriminals' Powerful Weapon, Detected in 240K+ Attacks

A crypter alternatively spelled cryptor malware dubbed AceCryptor has been used to pack numerous strains of malware since 2016. Slovak cybersecurity firm ESET said it identified over 240,000 detections of the crypter in its telemetry in 2021 and 2022. This amounts to more than 10,000 hits per...

7.2AI score
Exploits0
thn
thn
added 2023/05/08 6:10 a.m.36 views

CERT-UA Warns of SmokeLoader and RoarBAT Malware Attacks Against Ukraine

An ongoing phishing campaign with invoice-themed lures is being used to distribute the SmokeLoader malware in the form of a polyglot file, according to the Computer Emergency Response Team of Ukraine CERT-UA. The emails, per the agency, are sent using compromised accounts and come with a ZIP...

7.3AI score
Exploits0
thn
thn
added 2023/05/08 6:10 a.m.4 views

CERT-UA Warns of SmokeLoader and RoarBAT Malware Attacks Against Ukraine

An ongoing phishing campaign with invoice-themed lures is being used to distribute the SmokeLoader malware in the form of a polyglot file, according to the Computer Emergency Response Team of Ukraine CERT-UA. The emails, per the agency, are sent using compromised accounts and come with a ZIP...

7.2AI score
Exploits0
hivepro
hivepro
added 2022/12/30 1:33 p.m.17 views

Trading platforms are in jeopardy due to ArkeiStealer

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Threat actors are currently disseminating ArkeiStealer via Windows Installer binaries disguised as trading applications. The trading application has been backdoored with the SmokeLoader downloader, which...

4.1AI score
Exploits0
thn
thn
added 2022/12/13 9:8 a.m.22 views

Cybersecurity Experts Uncover Inner Workings of Destructive Azov Ransomware

Cybersecurity researchers have published the inner workings of a new wiper called Azov Ransomware that's deliberately designed to corrupt data and "inflict impeccable damage" to compromised systems. Distributed through another malware loader known as SmokeLoader, the malware has been described as...

1.2AI score
Exploits0
thn
thn
added 2022/11/08 1:40 p.m.16 views

New Laplas Clipper Malware Targeting Cryptocurrency Users via SmokeLoader

Cryptocurrency users are being targeted with a new clipper malware strain dubbed Laplas by means of another malware known as SmokeLoader. SmokeLoader, which is delivered by means of weaponized documents sent through spear-phishing emails, further acts as a conduit for other commodity trojans like...

0.5AI score
Exploits0
thn
thn
added 2022/07/26 7:18 a.m.49 views

SmokeLoader Infecting Targeted Systems with Amadey Info-Stealing Malware

An information-stealing malware called Amadey is being distributed by means of another backdoor called SmokeLoader. The attacks hinge on tricking users into downloading SmokeLoader that masquerades as software cracks, paving the way for the deployment of Amadey, researchers from the AhnLab Securi...

0.4AI score
Exploits0
hackread
hackread
added 2022/02/20 6:30 p.m.15 views

Kraken botnet bypass Windows Defender to steal crypto wallet data

By Deeba Ahmed Kraken botnet utilizes SmokeLoader malware, and its operators have already been raking in around $3,000 per month. ZeroFox… This is a post from HackRead.com Read the original post: Kraken botnet bypass Windows Defender to steal crypto wallet data...

4.3AI score
Exploits0
threatpost
threatpost
added 2022/02/17 5:28 p.m.58 views

Baby Golang-Based Botnet Already Pulling in $3K/Month for Operators

There’s a new, still-under-development, Golang-based botnet called Kraken with a level of brawn that belies its youth: It’s using the SmokeLoader malware loader to spread like wildfire and is already raking in a tidy USD $3,000/month for its operators, researchers report. Though its name may soun...

9AI score
Exploits0References9
thn
thn
added 2022/02/17 8:16 a.m.26 views

Researchers Warn of a New Golang-based Botnet Under Continuous Development

Cybersecurity researchers have unpacked a nascent Golang-based botnet called Kraken that's under active development and features an array of backdoor capabilities to siphon sensitive information from compromised Windows hosts. "Kraken already features the ability to download and execute secondary...

1.1AI score
Exploits0
threatpost
threatpost
added 2021/11/29 4:37 p.m.34 views

Shape-Shifting ‘Tardigrade’ Malware Hits Vaccine Makers

An APT has attacked two separate vaccine manufacturers this year using a shape-shifting malware that appears at first to be a ransomware attack but later shows to be far more sophisticated, researchers have found. Dubbed Tardigrade by the Bioeconomy ​​Information Sharing and Analysis Center...

7.1AI score
Exploits0References12
thn
thn
added 2021/11/26 1:20 p.m.49 views

Hackers Targeting Biomanufacturing Facilities With Tardigrade Malware

An advanced persistent threat APT has been linked to cyberattacks on two biomanufacturing companies that occurred this year with the help of a custom malware loader called "Tardigrade." That's according to an advisory published by Bioeconomy Information Sharing and Analysis Center BIO-ISAC this...

6.8AI score
Exploits0
talosblog
talosblog
added 2020/09/03 11:0 a.m.14 views

Threat Source newsletter for Sept. 3, 2020

Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. We recently uncovered a series of email campaigns utilizing links to malicious documents hosted on legitimate file-sharing platforms to spread malware. The campaigns distributed various malware payloads including Gozi ISFB, ZLoade...

2.2AI score
Exploits0
talosblog
talosblog
added 2020/09/03 8:6 a.m.17 views

Salfram: Robbing the place without removing your name tag

By Holger Unterbrink and Edmund Brumaghin. Threat summary Cisco Talos recently uncovered a series of email campaigns utilizing links to malicious documents hosted on legitimate file-sharing platforms to spread malware.The campaigns distributed various malware payloads including Gozi ISFB, ZLoader...

1.5AI score
Exploits0
talosblog
talosblog
added 2020/01/31 12:51 p.m.442 views

Threat Roundup for January 24 to January 31

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Jan. 24 and Jan. 31. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics...

10CVSS10AI score0.99999EPSS
Exploits123
threatpost
threatpost
added 2019/07/25 7:24 p.m.154 views

New Loader Variant Behind Widespread Malware Attacks

Behind a recent wave of cyberattacks, pelting PCs with FormBook, LokiBot, SmokeLoader malware, is an updated version of a malware-loading technique called TxHollower. It is described as a new “significant threat”, according to researchers, who added, attacks using TxHollower have “spread like...

0.5AI score
Exploits0References3
talosblog
talosblog
added 2018/10/12 11:18 a.m.27 views

Threat Roundup for October 5 to October 12

Today, as we do every week, Talos is giving you a glimpse into the most prevalent threats we’ve observed this week — covering the dates between Oct. 5 and 12. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, we will summarize the threats we’ve observed by...

0.3AI score
Exploits0
Rows per page
Query Builder