Financial Malware Page 1

The government sector in Costa Rica has suffered another ransomware attack, a separate campaign from the recent disruption caused by the Conti ransomware actors. Last week, the country’s Ministry of Public Works and Transport (MOPT) disclosed that 12 of its servers were encrypted by attackers. Moreover, the government contacted Costa Rica’s National Security Directorate and...Continue Reading

Threat actors now offer a new Golang-based information stealer called Titan Stealer on a Telegram channel. Reports revealed that this newly emerged infostealer could steal information from compromised Windows devices, such as saved data from browsers and cryptocurrency wallets. Other investigations revealed that this infostealer could harvest FTP client details, and critical files, take screenshots,...Continue Reading

The Batloader malware operators actively utilised numerous malicious operations globally last year. Researchers revealed that during the group’s campaign, it had adopted multiple attack strategies, including exploiting legitimate tools and malvertising techniques to spread malware. A research group tracked an entire cluster of operations used by the malware operators under ‘Water Minyades’ that started in...Continue Reading

The CrySIS ransomware family has evolved to newer versions, which allowed them to remain active in the cybercriminal landscape. Its operators have continued to repurpose and utilise new versions despite the leak of source code in one of its variants. Hence, the ransomware stayed afloat, and researchers encountered new variants of this ransomware family. CrySIS...Continue Reading

The Gootkit malware attacks against the Australian healthcare sector have significantly increased recently. Researchers claimed that the malware operators had used legitimate tools like the VLC Media Player to spread their payload. The Gootkit malware is notorious for employing SEO poisoning attacks for initial access. This malware usually infects and exploits legitimate infrastructure and plants...Continue Reading

The Lorenz ransomware operators completed their attacks months after they gained access to their target’s network via an exploit for a critical flaw in a telephony system. Researchers warn users about patching critical vulnerabilities since it could still allow cybercriminals to access their networks. Based on reports, some threat groups have started exploiting the vulnerabilities...Continue Reading

Researchers revealed that SpyNote malware infections have dramatically increased in the last quarter of 2022. The surge of this strain was attributed to the latest source code leak of the malware called SpyNote[.]C. According to investigations, the SpyNote malware has three variants called SpyNote[.]A, SpyNote[.]B, and SpyNote[.]C. Moreover, its operators spread these malware variants by...Continue Reading

Researchers have newly discovered a malicious cyberspace entity called CatB ransomware. Based on reports, the ransomware could perform MSDTC service DLL hijacking to deploy and run its payload. Researchers initially uncovered the ransomware sample a couple of months ago, sharing several features with the Pandora ransomware operation.   The newfound CatB ransomware executes multiple strategies...Continue Reading

The campus of Bristol Community College in Attleboro, Massachusetts announced last week that its computer network had been impacted by a cybercriminal attack that involved ransomware encryption. Based on reports, the college identified a network interruption incident that affected its onsite internet and network functions, such as email, shared document sites, and information systems, for...Continue Reading

Researchers recently linked the Royal ransomware group to numerous cyberattacks and have reportedly attacked the Iowa PBS station in its latest campaign. A spokesperson from the affected Public Broadcasting Service stated that the cyberattack occurred a couple of months ago after their team observed suspicious activity on their systems. The broadcasting station said they immediately...Continue Reading