TechCrunch reports that the Purple Fox malware, which was first discovered in 2018, is increasingly growing in size due to a new infection method that spreads the malware from one machine to another. The malware targets the server message block to guess weak user account passwords from internet-facing Windows computers, said Guardicore researchers Amit Serper and Ophir Harpaz, who revealed the new technique. Once it has accessed the computer, the malware then delivers a malicious payload and installs a rootkit that makes it harder to be removed or detected. "The fact that it’s an opportunistic attack that constantly scans the internet and looks for more vulnerable machines means that the attackers can sort of 'set it and forget it'," said Serper, Guardicore’s vice president of security research for North America. According to Guardicore data, Purple Fox infections have risen by 600% since May of last year, and the actual number could amount to more than 90,000 infections in the previous year.
Jill Aitoro leads editorial for SC Media, and content strategy for parent company CyberRisk Alliance. She 20 years of experience editing and reporting on technology, business and policy.
BleepingComputer reports that Android devices could have their data compromised and be eventually hijacked in attacks with the novel Brokewell banking trojan.
Attacks leveraging fraudulent job lures to distribute the new Kaolin RAT malware have been launched by North Korean hacking collective Lazarus Group against individuals across Asia last summer, reports The Hacker News.
Millions of devices could still be compromised by the abandoned PlugX USB worm with self-replicating functionality, with infections logged from almost 2.5 million IP addresses over a six-month period beginning September 2023, according to Ars Technica.