trojan,
-
A vulnerability was found in Sendmail 7.6. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to improper privilege management (Trojan Horse). This vulnerability is known as CVE-1999-0661. The attack can be launched remotely. Furthermore, there is an exploit available. Due to its background and reception, this…
-
arXiv:2412.15503v1 Announce Type: new Abstract: Hateful meme detection aims to prevent the proliferation of hateful memes on various social media platforms. Considering its impact on social environments, this paper introduces a previously ignored but significant threat to hateful meme detection: backdoor attacks. By injecting specific triggers into meme samples, backdoor attackers can manipulate the detector…
-
McAfee Labs has revealed the discovery of a new Android banking trojan targeting Indian users, exploiting the country’s dependence on utility and banking apps to steal sensitive financial information. This sophisticated malware, detected as Android/Banker, has already infected 419 devices, intercepted 4,918 SMS messages, and stolen 623 entries of card and bank-related information, with numbers…
-
zLabs has uncovered AppLite, a sophisticated new variant of the AntiDot banking trojan, targeting Android devices through a wide-reaching phishing campaign. This malware, disguised as legitimate apps like Chrome, TikTok, and corporate tools, is capable of stealing sensitive credentials and taking full control of infected devices.
-
Zloader, the modular Trojan with roots in the infamous Zeus malware, has once again evolved, presenting a new and sophisticated challenge to cybersecurity professionals. ThreatLabz, the security research team at Zscaler, has uncovered a fresh iteration of Zloader (version 2.9.4.0), which introduces a custom DNS tunneling protocol for command-and-control (C2) communications.
-
MalBot December 10, 2024, 10:00pm 1 Banking trojan gives attackers access to corporate credentials, apps, and data when employees run remote access sessions on their Androids.
-
The Ursnif banking Trojan, one of the most notorious forms of malware targeting financial data, has been observed in a sophisticated campaign using advanced techniques to avoid detection and steal sensitive information.
-
Key takeaways Cyble Research and Intelligence Labs (CRIL) has identified a malicious campaign likely targeting business professionals across the United States. The campaign employs a malicious LNK file, masquerading as a PDF with encoded data. This file is decoded by leveraging certutil.exe, which then delivers the next-stage payload: an HTA file. The HTML Application (HTA)…
-
The North Korean threat group Lazarus was observed attempting to smuggle code using custom extended file attributes via a new macOS trojan called “RustyAttr.”
-
Cybercriminals are always looking for new ways to bypass security defenses, and the latest tactic, as reported by Perception Point, involves using ZIP concatenation to deliver Trojan malware to Windows users. This technique leverages the ZIP file format’s flexibility, allowing attackers to embed malicious payloads in ways that evade detection methods.
-
Windows PCs have been subjected to intrusions involving the newly discovered SteelFox malware bundle dropper package that impersonates activators for widely used software, including JetBrains, AutoCAD, and Foxit PDF Editor, and exploits a vulnerable driver to facilitate cryptomining and data exfiltration activities, reports BleepingComputer.
-
Cybersecurity researchers at Kaspersky Labs uncovered a dangerous new trojan named “SteelFox,” which has been affecting users worldwide by masquerading as popular software activators. The sophisticated crimeware combines data-stealing capabilities with cryptocurrency mining functions.
-
Introduction In August 2024, our team identified a new crimeware bundle, which we named “SteelFox”. Delivered via sophisticated execution chains including shellcoding, this threat abuses Windows services and drivers. It spreads via forums posts, torrent trackers and blogs, imitating popular software like Foxit PDF Editor and AutoCAD. It also uses stealer malware to extract the…
-
In a new report, Cleafy’s Threat Intelligence team has detailed the emergence of a banking trojan known as ToxicPanda, a sophisticated Android malware that has quickly gained prominence by targeting financial institutions across Europe and Latin America. With over 1,500 infected devices already identified, ToxicPanda’s strategic approach and operational focus signal a notable shift in…
-
ToxicPanda Android banking trojan targets Europe and LATAM, with a focus on Italy
-
The QiAnXin Threat Intelligence Center recently reported the discovery of a new Trojan, dubbed “MiyaRat,” developed by the Bitter Group (APT-Q-37). This threat actor, known for targeting South Asian entities, continues its campaign with tactics aimed at bypassing detection through diverse attack methods and tools. As QiAnXin analysts explain, “The tactics of these groups have…
-
MalBot October 31, 2024, 3:20pm 1 Malicious sites have been leveraged to redirect to a CAPTCHA, with clicking the “I’m not a robot” button followed by the copying and execution of malicious code prompting the distribution of the Lumma infostealer.
-
Much of the new obfuscation is the result of hiding malicious code in a dynamically decrypted and loaded .dex file of the apps. As a result, Zimperium initially believed the malicious apps they were analyzing were part of a previously unknown malware family. Then the researchers dumped the .dex file from an infected device’s memory…
-
In a recent report, 360 Security Center revealed a new threat to Brazilian banking customers with the emergence of SolarSys, a Trojan framework designed to steal sensitive data while evading detection. The framework is active primarily in Brazil, a known hotspot for banking Trojans, and uses sophisticated evasion techniques and varied attack modules to compromise…