Lucene search
K

17 matches found

The Hacker News
The Hacker News
added 2025/11/06 3:31 p.m.7 views

Trojanized ESET Installers Drop Kalambur Backdoor in Phishing Attacks on Ukraine

A previously unknown threat activity cluster has been observed impersonating Slovak cybersecurity company ESET as part of phishing attacks targeting Ukrainian entities. The campaign, detected in May 2025, is tracked by the security outfit under the moniker InedibleOchotense , describing it as...

8.8CVSS7.4AI score0.80906EPSS
Exploits35
The Hacker News
The Hacker News
added 2025/09/15 5:47 a.m.4 views

HiddenGh0st, Winos and kkRAT Exploit SEO, GitHub Pages in Chinese Malware Attacks

Chinese-speaking users are the target of a search engine optimization SEO poisoning campaign that uses fake software sites to distribute malware. "The attackers manipulated search rankings with SEO plugins and registered lookalike domains that closely mimicked legitimate software sites," Fortinet...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/19 9:35 a.m.7 views

Trojanized Game Installers Deploy Cryptocurrency Miner in Large-Scale StaryDobry Attack

Users who are on the lookout for popular games were lured into downloading trojanized installers that led to the deployment of a cryptocurrency miner on compromised Windows hosts. The large-scale activity has been codenamed StaryDobry by Russian cybersecurity company Kaspersky, which first detect...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/07/01 12:44 p.m.32 views

Indian Software Firm's Products Hacked to Spread Data-Stealing Malware

Installers for three different software products developed by an Indian company named Conceptworld have been trojanized to distribute information-stealing malware. The installers correspond to Notezilla, RecentX, and Copywhiz, according to cybersecurity firm Rapid7, which discovered the supply...

7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/06/27 6:1 p.m.6 views

Supply Chain Compromise Leads to Trojanized Installers for Notezilla, RecentX, Copywhiz

The following Rapid7 analysts contributed to this research: Leo Gutierrez, Tyler McGraw, Sarah Lee, and Thomas Elkins. Executive Summary On Tuesday, June 18th, 2024, Rapid7 initiated an investigation into suspicious activity in a customer environment. Our investigation identified that the...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/06/21 9:51 a.m.27 views

Oyster Backdoor Spreading via Trojanized Popular Software Downloads

A malvertising campaign is leveraging trojanized installers for popular software such as Google Chrome and Microsoft Teams to drop a backdoor called Oyster aka Broomstick and CleanUpLoader. That's according to findings from Rapid7, which identified lookalike websites hosting the malicious payload...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/05/23 5:3 p.m.11 views

Ransomware Attacks Exploit VMware ESXi Vulnerabilities in Alarming Pattern

Ransomware attacks targeting VMware ESXi infrastructure follow an established pattern regardless of the file-encrypting malware deployed, new findings show. "Virtualization platforms are a core component of organizational IT infrastructure, yet they often suffer from inherent misconfigurations an...

7.7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/05/13 7:17 p.m.48 views

Ongoing Malvertising Campaign leads to Ransomware

Executive Summary Rapid7 has observed an ongoing campaign to distribute trojanized installers for WinSCP and PuTTY via malicious ads on commonly used search engines, where clicking on the ad leads to typo squatted domains. In at least one observed case, the infection has led to the attempted...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2023/05/29 12:15 p.m.53 views

AceCryptor: Cybercriminals' Powerful Weapon, Detected in 240K+ Attacks

A crypter alternatively spelled cryptor malware dubbed AceCryptor has been used to pack numerous strains of malware since 2016. Slovak cybersecurity firm ESET said it identified over 240,000 detections of the crypter in its telemetry in 2021 and 2022. This amounts to more than 10,000 hits per...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/30 6:31 a.m.42 views

3CX Desktop App Supply Chain Attack Leaves Millions at Risk - Urgent Update on the Way!

3CX said it's working on a software update for its desktop app after multiple cybersecurity vendors sounded the alarm on what appears to be an active supply chain attack that's using digitally signed and rigged installers of the popular voice and video conferencing software to target downstream...

6.4AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/30 6:31 a.m.2 views

3CX Desktop App Supply Chain Attack Leaves Millions at Risk - Urgent Update on the Way!

3CX said it's working on a software update for its desktop app after multiple cybersecurity vendors sounded the alarm on what appears to be an active supply chain attack that's using digitally signed and rigged installers of the popular voice and video conferencing software to target downstream...

6.1AI score
Exploits0
hivepro
hivepro
added 2023/03/15 12:45 p.m.14 views

Tick Launches Attack on East Asian Data-Loss Prevention Software Company

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Tick, an APT group, attacked an East Asian data-loss prevention software company, compromising update servers and distributing malware, using trojanized installers, to access computers of government and...

4.1AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/15 9:23 a.m.38 views

Tick APT Targeted High-Value Customers of East Asian Data-Loss Prevention Company

A cyberespionage actor known as Tick has been attributed with high confidence to a compromise of an East Asian data-loss prevention DLP company that caters to government and military entities. "The attackers compromised the DLP company's internal update servers to deliver malware inside the...

1.3AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/15 9:23 a.m.2 views

Tick APT Targeted High-Value Customers of East Asian Data-Loss Prevention Company

A cyberespionage actor known as Tick has been attributed with high confidence to a compromise of an East Asian data-loss prevention DLP company that caters to government and military entities. "The attackers compromised the DLP company's internal update servers to deliver malware inside the...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/02/16 1:42 p.m.44 views

Hackers Using Google Ads to Spread FatalRAT Malware Disguised as Popular Apps

Chinese-speaking individuals in Southeast and East Asia are the targets of a new rogue Google Ads campaign that delivers remote access trojans such as FatalRAT to compromised machines. The attacks involve purchasing ad slots to appear in Google search results and direct users looking for popular...

7.7AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2022/12/14 12:0 a.m.9 views

Probing Weaponized Chat Applications Abused in Supply-Chain Attacks

This report examines the infection chain and the pieces of malware used by malicious actors in supply-chain attacks that leveraged trojanized installers of chat-based customer engagement platforms...

2.9AI score
Exploits0
The Hacker News
The Hacker News
added 2020/12/17 10:28 a.m.5 views

Software Supply-Chain Attack Hits Vietnam Government Certification Authority

Cybersecurity researchers today disclosed a new supply-chain attack targeting the Vietnam Government Certification Authority VGCA that compromised the agency's digital signature toolkit to install a backdoor on victim systems. Uncovered by Slovak internet security company ESET early this month, t...

6AI score
Exploits0
Rows per page
Query Builder