Collaborate Disseminate
Introduction
The MineBridge RAT was first identified in January 2020 by security researchers at FireEye, who observed the backdoor attacking financial institutions in the United States with some targets located in South Korea as well. MineBridge … Continue reading MineBridge Is on the Rise, With a Sophisticated Delivery Mechanism
In one of his regular sweeps for new malicious software targeting Android phones, security researcher Vitor Ventura came across what looked like a run-of-the mill hacking tool. Like so many pieces of code before it, the malware was capable of stealing information from a mobile device and sending it back to a command and control server. But when Ventura dug deeper, he found that the remote access trojan (or RAT, as the tool is commonly known) was capable of surreptitiously recording conversations and taking screenshots. Spying, rather than immediately making money off of the illicit access, was the apparent goal. On Tuesday, Ventura and his colleagues at Talos, Cisco’s threat intelligence unit, publicly connected the new Android tool to the malware developers behind a multi-year effort to spy on people from South America to Bangladesh. Much about the people behind the hacking campaign is a mystery. Ventura and his colleagues […]
The post New hacking tool targeting Bangladesh Android users blurs lines between spying and stealing appeared first on CyberScoop.
Introduction
In this post, we will be covering CinaRAT loader`s evasive TTPs (tactics, techniques, and procedures) as have been identified and prevented by Morphisec’s zero-trust endpoint security solution, powered by moving target defense technol… Continue reading CinaRAT Resurfaces With New Evasive Tactics and Techniques
Criminals are using the end of the Trump presidency to deliver a new remote-access trojan (RAT) variant disguised as a sex video of the outgoing POTUS, researchers report. Continue reading It’s Not the Trump Sex Tape, It’s a RAT
Romanian police have arrested two people for allegedly distributing malicious software designed to evade anti-virus protections to more than 1,560 accused cybercriminals, Europol, the European Union’s law enforcement agency, said Friday. The international crackdown, which Europol and the FBI supported, targeted a decade-long scheme that provided crooks with relatively cheap access to victim computers, which they used to carry out information-stealing and ransomware attacks. The two Romanian suspects, whom authorities did not identify, allegedly ran “crypting” services designed to sneak malicious code past anti-virus software. The services, dubbed CyberSeal and Dataprotector, sold for between $40 to $300, according to Europol. The two suspects also allegedly offered cybercriminals access to a platform to test their malware against anti-virus software for as little as $7. It’s the latest effort by global law enforcement agencies to strike at the heart of infrastructure used by people accused of facilitating costly hacking schemes. Europol and Australian police […]
The post Police arrest 2 in connection with CyberSeal, Dataprotector crime services appeared first on CyberScoop.
Continue reading Police arrest 2 in connection with CyberSeal, Dataprotector crime services
Turla has outfitted a trio of backdoors with new C2 tricks and increased interop, as seen in an attack on a European government. Continue reading Russian Espionage Group Updates Custom Malware Suite
Brazilians are warned of a new Vizom malware masquerading as video conferencing and browser software. Continue reading Overlay Malware Targets Windows Users with a DLL Hijack Twist
Security researchers at Bitdefender have discovered a new Golang-written RAT that targets devices by using the CVE-2019-2725 (Oracle WebLogic RCE) vulnerability identified last year. Unlike other bots that have exploited this vulnerability, it doesn’t … Continue reading There’s a New a Golang-written RAT in Town
More than 200 people have died in clashes between ethnic Armenian separatists and Azerbaijani government forces over the breakaway region of Nagorno-Karabakh in the last 10 days. It’s the worst outbreak of violence related to Nagorno-Karabakh since Armenia and Azerbaijan, two former Soviet republics, fought a war over the enclave in the 1990s. And this time, hacking has come with the fighting. Unidentified spies have in recent weeks been quietly breaching Azerbaijani government IT networks and accessing the diplomatic passports of certain officials, according to new research from Talos, Cisco’s threat intelligence unit. The Talos data shows how digital espionage often coincides with bursts of violence in modern war. Days after Azerbaijan’s president made a call to mobilize reserve soldiers, the hackers used a fake Azerbaijani government document on the same subject as bait. The malicious code embedded in the document can exfiltrate data from a compromised computer and gives the […]
The post Spies hacked Azerbaijan government officials as Nagorno-Karabakh conflict escalated appeared first on CyberScoop.
Continue reading Spies hacked Azerbaijan government officials as Nagorno-Karabakh conflict escalated
A variant of the Mirai botnet, called Ttint, has added espionage capabilities to complement its denial-of-service functions. Continue reading Tenda Router Zero-Days Emerge in Spyware Botnet Campaign