Collaborate Disseminate
A recent attack wave involving HawkEye malware sends data stolen from its victims to another keylogger provider’s website. On 21 May, My Online Security came across a new sample of HawkEye. The actual delivery mechanism itself wasn’t unique… Continue reading HawkEye Attack Wave Sends Stolen Data to Another Keylogger Provider
After the HawkEye malware kit underwent an ownership change and new development, researchers are spotting the keylogger used in several malicious email campaigns. Continue reading Malspam Campaigns Distribute HawkEye Keylogger Post Ownership Change
If you have downloaded the VSDC multimedia editing software between late February to late March this year, there are high chances that your computer has been infected with a banking trojan and an information stealer.
The official website of the VSDC s… Continue reading Popular Video Editing Software Website Hacked to Spread Banking Trojan
This is a weird one and I can’t determine what the final payload does via running the files in an online sandbox. I really don’t know if the bad actor has messed up or whether it is an anti-vm or anti-sandbox protection on it. The .z attach… Continue reading Fake Bitcoin investment scam delivers malware
I published the following diary on isc.sans.edu: “Simple Powershell Keyloggers are Back”: Powershell is a very nice language in Windows environments. With only a few lines of code, we can implement nice features… for the good or the bad! While hunting, I found a bunch of malicious Powershell scripts that
[The post [SANS ISC] Simple Powershell Keyloggers are Back has been first published on /dev/random]
Continue reading [SANS ISC] Simple Powershell Keyloggers are Back
By Waqas
Password Managers aren’t as secure as you might assume – Security researchers claim that hackers can steal master passwords in PC memory. Password managers are considered as one of the most suitable options when it comes to keeping your … Continue reading Severe flaws in password managers let hackers extract clear-text passwords
By Waqas
Google has left no stone unturned in preventing malware and banking trojan from invading the applications uploaded on its official Play Store. Despite having anti-malware protection, shady applications somehow make it to the platform. In fact,… Continue reading Malicious apps deploy Anubis banking trojan using motion detection
It’s the latest Naked Security Podcast – you’re welcome! Continue reading Big breach, Creep-O-Meter and Black Friday [PODCAST]
The free online office suite software is used by more than 30 million people and is a ripe target for criminals. Continue reading Keyloggers Turn to Zoho Office Suite in Droves for Data Exfiltration
After a messy domain takedown last week in response to phishing complaints, new research suggests that an Indian IT company’s domain is being exploited to exfiltrate the bulk of keylogger data collected by malicious programs. Zoho, an Indian company that provides office tools and IT management platforms, had its domain taken down temporarily last week as a result of complaints about phishing abuse. Domain registrar TierraNet told ZDNet that it took down the domain after repeatedly asking Zoho to mitigate the phishing issues. Zoho’s domain has since been brought back online, but anyone using Zoho was out of luck while it was down. A report released Tuesday by Cofense, a company that provides phishing protection services, suggests that the complaints of abuse were not unfounded. Cofense says that, based on an analysis of keylogger data theft where email is used for to exfiltrate the data, domains owned by Zoho account for moving […]
The post Report: Zoho’s domain regularly exploited to move keylogger data appeared first on Cyberscoop.
Continue reading Report: Zoho’s domain regularly exploited to move keylogger data