Financial Malware

Financial Malware Page 1

WHO Impersonation Phishing Campaign Nerbian RAT Malware Fraud Prevention Social Engineering

WHO impersonated in phishing campaign to spread the Nerbian RAT

Nerbian RAT, a new remote access trojan, has recently been found by experts possessing advanced capabilities such as bypassing security detection and being analysed by security researchers. Written in the Go programming language, the new trojan is a cross-platform 64-bit threat spread through a small-scale phishing campaign using macro-laced documents. The malware was discovered in...
Continue Reading
UNC3524 Cybersecurity Experts Advanced Obfuscation Tactics

UNC3524 intrigues experts with their advanced obfuscation tactics

A hacking group dubbed UNC3524 is found using thorough strategies in attacking corporate networks to intrude and steal data. According to experts, the threat group remained hidden from its victims for over 18 months while collecting information associated with mergers, acquisitions, and financial transactions. UNC3524 was first detected in December 2019. They utilised a wide...
Continue Reading
Cybersecurity Analysts Cybercriminal Sub Groups TA410 Hacker Gang JollyFrog FlowingFrog LookingFrog

Analysts found three cybercriminal sub-groups working for the TA410 gang

Recent research conducted by cybersecurity analysts revealed that the TA410 threat gang controls an operation containing three sub-groups. Although the groups are under the same umbrella, they have different tactics, techniques, and procedures for striking their victims. The three sub-groups working on the TA410 are JollyFrog, FlowingFrog, and LookingFrog. These three groups work separately but...
Continue Reading
Black Basta Conti Ransomware Hacker Group Malware

Black Basta may be connected to the Conti ransomware group

A new ransomware group called Black Basta has infected about a dozen organisations, and some researchers claim that it may have a link to the notorious Conti gang. The appearance of Black Basta was first discovered last month. Researchers also noted that they had already compiled samples regarding the new threat in February. The threat...
Continue Reading
GOLD ULRICK Threat Group Conti Ransomware Cyberattack Scheme Malware

The GOLD ULRICK group continues to adapt Conti ransomware’s scheme

A newly discovered threat group called GOLD ULRICK continues to adapt and operate the Conti name-and-shame ransomware scheme and adjusted well to the massive data leak of Conti ransomware’s source code. Conti is still actively circulating in the wild based on recent findings despite experiencing enormous data leaks from security researchers. The efforts of many...
Continue Reading
New Malware Exploits INITECH Process Lazarus Gang North Korean Hacker

New malware that exploits the INITECH Process is linked to Lazarus gang

Researchers link the North Korean-sponsored Lazarus group to a new malware that targeted over 40 institutions. The recent attacks in the first months of this year revealed further details regarding the malware attacking organisations by spoofing an executable of INISAFE CrossWeb EX version 3, a security program of INITECH. The threat actors input the malware...
Continue Reading
Internet Explorer Security Flaw Vulnerability Abuse RedLine Infostealer Malware Dark web

Internet Explorer security flaw gets abused to spread RedLine attacks

New data revealed that threat actors are reutilising the RedLine malware in their cyberattacks against networks from over 150 countries in April this year. In January, researchers first identified a campaign that exploits the CVE-2021-26411 security flaw of the web browser Internet Explorer to spread the malware. RedLine stealer is a password-stealing malware available on...
Continue Reading
Lemon Duck Botnet Docker Servers Cryptomining Cyberattack Malware

Lemon Duck botnet breached Docker servers to launch crypto mining

A massive Monero crypto mining attack using the Lemon Duck botnet has targeted Docker Application Programing Interface (API) on Linux servers. Researchers said its operators launch the botnet attacks to target misconfigured Docker systems. The threat actors operating the recent Lemon Duck campaign hide their crypto wallets behind proxy pools based on sample analysis. Moreover,...
Continue Reading
Emotet Malware Sophisticated Cyberattack Campaigns Trojan Phishing

Emotet malware returns to continue its sophisticated attack campaigns

After a year since its shutdown, the Emotet malware operation has resurfaced in the threat landscape to continue its attacks. Security analysts listed the malware as the top malicious tool deployed by its operators, which impacted about 10% of firms worldwide in March of this year. Moreover, the analysts have observed a rapid acceleration of...
Continue Reading
Crypto Blockchain Lazarus APT Cyberattack Campaigns Malware Ransomware

Crypto and blockchain firms warned about Lazarus APT’s campaigns

Recent reports revealed that the North Korean government backs the Lazarus advanced persistent threat (APT) group in targeting companies and investors using cryptocurrency and blockchain with crypto applications injected with malware. Several law enforcement agencies, including the FBI, CISA, and the US Treasury Department, have issued a joint warning that alerts cryptocurrency and blockchain firms...
Continue Reading
1 2 3 45