Financial Malware

Financial Malware Page 1

Telegram Bot Hackers Data Stealer WooCommerce Website Protection Credit Card Skimmer CMS

Telegram bot used by hackers to steal data from WooCommerce sites

Hackers deploying Telegram bot to steal troves of data from WooCommerce websites have been found. These malicious adversaries used credit card skimmers, leading to several cases of credit card theft reported on an eCommerce site. The first scenario is that a website owner received numerous complaints from customers who reported faulty transactions on their cards...
Continue Reading
Malibot Malware Android Devices Steal Crypto Assets

Malibot malware hits Android devices to steal crypto assets

Italy and Spain were targeted by a new cyberattack campaign that utilises a new Android banking malware dubbed MaliBot. The new malware variant has been observed imitating cryptocurrency mining apps and the Chrome internet browser to target its victims. The studies conducted on the MaliBot banking malware show how the new variant could steal the...
Continue Reading
Chinese Hackers SeaFlower Gang Compromised Web3 Wallets

Chinese-speaking SeaFlower gang spreads compromised Web3 wallets

A highly sophisticated Chinese threat gang called SeaFlower has been infecting iOS and Android users as part of its cybercriminal campaign that pretends to be an official cryptocurrency wallet website. The campaign is intended to spread backdoored applications that can potentially drain their target’s crypto funds. The chain of activity was said to be first...
Continue Reading
PingPull Malware Gallium Threat Group Cyberattacks Chinese Hackers

New PingPull malware used by Gallium threat group for their attacks

A Chinese-speaking advanced persistent threat group called Gallium has been discovered utilising a newfound remote access trojan, PingPull malware, for its cyber-espionage campaigns. The group is known for attacking different industries in Europe, Africa, and Southeast Asia (SEA). The PingPull malware is a very challenging backdoor for researchers to detect since it uses the Internet...
Continue Reading
Analysts Hello XD Ransomware Malware Babuk MicroBackdoor

Analysts uncover new features established for the Hello XD ransomware

A surge in the malicious activities of the Hello XD ransomware was recently identified, with new ransomware samples deployed to execute stronger encryption on the compromised networks. Experts explained that the ransomware variant has stemmed from the leaked source code of the Babuk ransomware. Based on its first observed activities last November, Hello XD had...
Continue Reading
SVCReady Newest Addition Malicious Malware Family MS Word Phishing Email

SVCReady is the newest addition to the malicious malware family

Researchers have monitored spam attacks spread by a new malware variant called SVCReady. The campaign has been operating since April, utilising an unorthodox malware delivery method via MS Word. According to the researchers, the operators behind it deployed numerous updates in May and noticed that the malware appears to be in the development stage and...
Continue Reading
Qbot Black Basta Hackers TTPs

Qbot and Black Basta joined forces to establish new TTPs

The Qbot hacking group and the Black Basta ransomware have joined forces to gain initial access to numerous targets such as corporate environments. Qbot is notorious for stealing banking credentials and Windows domain and launching additional payloads. Researchers have reported the ongoing partnership between the two groups after the traces of them were found present...
Continue Reading
Hackers Follina Flaw Qbot Malware Infostealer Banking Trojan Windows Vulnerability

Hackers are now abusing the Follina flaw to spread the Qbot malware

From the earlier reports about a newly discovered zero-day vulnerability affecting Windows OS, tracked Follina (CVE-2022-30190), security experts had been reporting to have seen threat operators abuse the flaw via phishing attacks to spread the Qbot malware. Included in the recent bug exploit was the TA413 threat group targeting the Tibetan diaspora. Furthermore, the TA570...
Continue Reading
Windows 11 OS Magniber Ransomware Cyberattacks Microsoft

Windows 11 is now prone to the upgraded Magniber ransomware attacks

The operators of the Magniber have upgraded their ransomware with new capabilities. The ransomware operation of the group has not changed much, but researchers explained that it can now target Windows 11 operating system. This progress is a considerable upgrade for the Magniber operators as they can now exploit all systems on Windows, significantly increasing...
Continue Reading
REvil Ransomware DDoS Extortion Cyberattack

REvil ransomware linked to a recent DDoS extortion attack

A coordinated DDoS or distributed denial-of-service attack had been recently detected, which experts attribute to the notorious ransomware gang dubbed REvil. Based on an intelligence team’s report, the recently detected DDoS attack had targeted Akamai Technologies’ customers, involving an HTTP GET request that demanded the victims a BTC payment for them to stop launching attacks....
Continue Reading
1 2 3 46