Malware news & analysis | SC Media Malware

Malware

Malware redirecting visitors found on 2,000 WordPress sites

More than 2,000 WordPress sites have been infected with malicious JavaScript that redirects visitors to scam websites and sets the stage for additional malware to be downloaded at a later time. The Sucuri team said access is gained to WordPress sites through plugin vulnerabilities, including Simple Fields and CP Contact Form with PayPal. A large…

The first half of 2013 saw a 355 percent uptick in social spam. Facebook is a big target.

Renewed Emotet phishing activity targets UN, government and military users

Since resuming operations after a holiday hiatus, the malicious actors behind the Emotet banking trojan network have reportedly targeted at least 82 countries with spam and crafted a special phishing campaign targeting the United Nations. Meanwhile, an additional report has revealed an increase in Emotet phishing activity targeting government and military entities over the last…

Bahraini oil company reportedly attacked by new ‘Dustman’ disk wiper

Bapco, the national oil company of the Persian Gulf island nation of Bahrain, was reportedly targeted in a Dec. 29 disk wiper attack that officials believe originated from Iran-backed hackers. Iran is historically associated with past disk wiper campaigns against energy companies, most notably the destructive Shamoon or Disttrack malware attack against the Saudi Arabian…

Attackers distill essence of Mirai IoT botnet into LiquorBot malware

Researchers recently uncovered another descendant of the Mirai Internet of Things botnet, this one featuring Monero cryptocurrency mining capabilities. Dubbed LiquorBot, the botnet malware is written in Go programming language and seems to use the same command-and-control infrastructure as Mirai. Sometimes, attack campaigns have even paired both LiquorBot and Mirai together in malicious dropper scripts,…

New Magecart skimmers practice steganography, data transfer via WebSocket

A researcher has discovered a pair of new Magecart-style web skimmers, each one featuring an evasion technique that’s not typically employed by this breed of malware: steganography and the transfer a data via the WebSocket protocol. The researcher, who uses the handle @AffableKraut, posted his two findings on Twitter last month, prompting the team from…

Travelex sidelines online financial services following malware discovery

Foreign exchange financials company Travelex has suspended its UK-based digital services offline since New Year’s Eve, following the discovery of an undisclosed malware program. As of Jan. 3 at 11:30 a.m. ET, the London-based company remains unable to conduct monetary transactions via its website or app. Services are still being conducted manually, however. “We have…

Attackers sink their meathooks into Landry’s restaurants’ payment card data

The Houston-based steakhouse, restaurant and hospitality company Landry’s, Inc. has advised customers of a point-of-sale malware attack that stole payment card data from an order-entry system used to process kitchen and bar orders. According to a company breach notification, Landry’s food and beverage locations typically use point-of-sale terminals featuring end-to-end encryption technology that protects the…

Three GozNym members sentenced domestically, internationally

A three-year-old investigation and prosecution of cybercriminals aligned with the multinational GozNym network resulted last week in the sentencing of a Bulgaria resident in a Pittsburgh federal court. In a related action, a Tbilisi, Georgia court handed down prison sentences of seven and nine years to two Georgian members of the group, following a lengthy trial. In…

Rising sea and spam levels? Emotet campaign uses Greta Thunberg as lure

An Emotet banking trojan phishing campaign was spotted using the name of activist Greta Thunberg as a lure to target individuals concerned with climate change. The attackers behind the campaign recently sent out fake invitations to a nonexistent “climate crisis” demonstration supposedly led by the young Swedish activist, who was named Time’s 2019 Person of…

Next post in Security News