Collaborate Disseminate
Intezer announced the inception of its Endpoint Analysis solution, adding to the company’s Genetic Malware Analysis offerings. Located within the Intezer Analyze platform, the Endpoint Analysis solution consists of a zero-installation scanner tha… Continue reading Intezer unveils its Endpoint Analysis solution as an addition to Intezer Analyze platform
This is the first evidence of the China-linked threat actor’s activity since hacked the U.K. government and military in 2017 (which wasn’t made public until 2018). Continue reading APT15 Pokes Its Head Out With Upgraded MirageFox RAT
A sophisticated Chinese cybercrime group is using old, leaked computer code from a notorious cyber-arms dealer known as HackingTeam to breach thousands of companies, mostly based in Asia, according to new research by Israel cybersecurity firm Intezer. The latest observation shows how HackingTeam’s breach in 2015, when its wares leaked online for anyone to copy, is still having effects on global security. HackingTeam claims that it only sells its “lawful intercept” product to governments and law enforcement agencies, but prior investigations have shown the extent to which these tools are often abused by authoritarian regimes to target otherwise innocent dissidents. The 2015 leak provided these powerful capabilities to a wide array of people, including apparently cybercriminals. Intezer explained in a blog post published Tuesday that researchers first noticed a series of unique remote access trojans, cryptominers and ransomware variants for Windows, Linux and Android platforms while monitoring public data feeds. In addition, the group appears […]
The post Chinese group said to use HackingTeam tools to spread ransomware, cryptominers appeared first on Cyberscoop.
Continue reading Chinese group said to use HackingTeam tools to spread ransomware, cryptominers
A clever spearphishing campaign linked to North Korea has been taking advantage of a surge in public interest surrounding cryptocurrencies, like Bitcoin, in order to spread malware to people interested or involved in the budding industry, according new research from at least three different cybersecurity firms. The campaign appears to be carried out by a hacking group known as the “Lazarus Group,” which researchers have linked to North Korea in previous attacks, such as the 2014 Sony breach, an $81 million Bangladesh cyber heist in 2016 and the WannaCry worldwide ransomware attack in May. This scam focuses on convincing victims to download a Microsoft Word document that masquerades as a job posting for a position at a British cryptocurrency company. Once downloaded, the document prompts the user to “enable editing” and “enable content functions.” If the victim enables the prompt, a macro installs a backdoor that allows the attackers to install […]
The post North Korean hackers are impersonating a cryptocurrency company to target Bitcoin fans appeared first on Cyberscoop.