Financial Malware

Financial Malware Page 1

Ransomware Cyberttack Operation Disruption MOPT Costa Rica North America

A ransomware attack disrupted the MOPT in Costa Rica

The government sector in Costa Rica has suffered another ransomware attack, a separate campaign from the recent disruption caused by the Conti ransomware actors. Last week, the country’s Ministry of Public Works and Transport (MOPT) disclosed that 12 of its servers were encrypted by attackers. Moreover, the government contacted Costa Rica’s National Security Directorate and...
Continue Reading
Titan Stealer Golang Infostealer Malware

Titan Stealer, the latest addition to Golang-based infostealer

Threat actors now offer a new Golang-based information stealer called Titan Stealer on a Telegram channel. Reports revealed that this newly emerged infostealer could steal information from compromised Windows devices, such as saved data from browsers and cryptocurrency wallets. Other investigations revealed that this infostealer could harvest FTP client details, and critical files, take screenshots,...
Continue Reading
Batloader Malware Final Quarter 2022 Financial Trojan

Batloader exploited legitimate tools in the final quarter of 2022

The Batloader malware operators actively utilised numerous malicious operations globally last year. Researchers revealed that during the group’s campaign, it had adopted multiple attack strategies, including exploiting legitimate tools and malvertising techniques to spread malware. A research group tracked an entire cluster of operations used by the malware operators under ‘Water Minyades’ that started in...
Continue Reading
CrySIS Ransomware Capabilities Malware

CrySIS ransomware continues to upgrade its capabilities

The CrySIS ransomware family has evolved to newer versions, which allowed them to remain active in the cybercriminal landscape. Its operators have continued to repurpose and utilise new versions despite the leak of source code in one of its variants. Hence, the ransomware stayed afloat, and researchers encountered new variants of this ransomware family. CrySIS...
Continue Reading
Gootkit Malware Australia Healthcare Medical

Gootkit malware targets Australia’s healthcare sector

The Gootkit malware attacks against the Australian healthcare sector have significantly increased recently. Researchers claimed that the malware operators had used legitimate tools like the VLC Media Player to spread their payload. The Gootkit malware is notorious for employing SEO poisoning attacks for initial access. This malware usually infects and exploits legitimate infrastructure and plants...
Continue Reading
Lorenz Ransomware Backdoors Cyberattacks

Lorenz ransomware sets backdoors to prepare for future attacks

The Lorenz ransomware operators completed their attacks months after they gained access to their target’s network via an exploit for a critical flaw in a telephony system. Researchers warn users about patching critical vulnerabilities since it could still allow cybercriminals to access their networks. Based on reports, some threat groups have started exploiting the vulnerabilities...
Continue Reading
SpyNote Malware Infections Source Code Leak Android Accessibility Service GPS

SpyNote malware infections surged after source code leak

Researchers revealed that SpyNote malware infections have dramatically increased in the last quarter of 2022. The surge of this strain was attributed to the latest source code leak of the malware called SpyNote[.]C. According to investigations, the SpyNote malware has three variants called SpyNote[.]A, SpyNote[.]B, and SpyNote[.]C. Moreover, its operators spread these malware variants by...
Continue Reading
CatB Ransomware Financial Malware DLL Hijacking Security Bypass Cybersecurity Cyber Threat

New CatB ransomware utilises DLL hijacking to bypass security

Researchers have newly discovered a malicious cyberspace entity called CatB ransomware. Based on reports, the ransomware could perform MSDTC service DLL hijacking to deploy and run its payload. Researchers initially uncovered the ransomware sample a couple of months ago, sharing several features with the Pandora ransomware operation.   The newfound CatB ransomware executes multiple strategies...
Continue Reading
Bristol Community College Massachusetts US Ransomware Attack Network Disruption

Bristol Community College suffered a ransomware attack

The campus of Bristol Community College in Attleboro, Massachusetts announced last week that its computer network had been impacted by a cybercriminal attack that involved ransomware encryption. Based on reports, the college identified a network interruption incident that affected its onsite internet and network functions, such as email, shared document sites, and information systems, for...
Continue Reading
Iowa US PBS Station Data Breach Royal Ransomware Malware Cyberattack Broadcast Station

Iowa PBS station allegedly breached by Royal ransomware

Researchers recently linked the Royal ransomware group to numerous cyberattacks and have reportedly attacked the Iowa PBS station in its latest campaign. A spokesperson from the affected Public Broadcasting Service stated that the cyberattack occurred a couple of months ago after their team observed suspicious activity on their systems. The broadcasting station said they immediately...
Continue Reading
1 2 3 54