Malware news & analysis | SC Media Malware

Malware

Hidden Cobra adds to its malware arsenal: CISA

The DHS Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation have released a report on six new or upgraded malware variants being used by North Korea. The malware types included are Bistromath, Slickshoes, Crowdedflounder, Hotcroissant, Artfulpie, Buffetline and Hoplight. Hoplight is a previously recorded malware believed to be used by the…

Mac cyberattacks double in 2019: Malwarebytes

The Apple ecosystem has long been considered the safer environment compared to Windows when it comes to being targeted by cyberattacks, but that is no longer necessarily the case. Almost twice as many attacks were recorded against Mac endpoints in 2019 compared to those running Windows, Malwarebytes revealed in its 2020 State of Malware Report.…

Phishing emails lure victims with news of coronavirus’ impact on shipping

Looking to capitalize on the current coronavirus scare, malware distributors have launched a new phishing campaign that targets global companies with emails that suggest that virus could disrupt shipping operations. According to a Feb. 10 research blog post authored by Sherrod DeGrippo, senior director of threat research and detection at Proofpoint, the malicious actors have…

Tricky new malware strain, Dyre, skirts detection and steals banking credentials

Metamorfo banking malware spreads around the world

A new variant of the Metamorfo banking malware is on the loose targeting a wider range of financial institutions than the original version tricking the victims into typing in sensitive information which it then steals. Fortinet’s FortGuard Labs captured an example of the newest edition noting that unlike its predecessor, which only aimed at Brazilian…

Cybercriminals abuse Bitbucket to infect users with potpourri of malware

A newly discovered attack campaign has been abusing the online storage platform Bitbucket to maintain and update a wide assortment of malware, in a plot to infect computer users who download free, cracked versions of commercial software from the internet. Researchers at Cybereason’s Nocturnus team, who uncovered the threat, estimate that more than 500,000 machines…

TA505 phishing campaign uses HTML redirectors to spread info stealer

The cybercriminal group TA505 has reportedly changed up its tactics again, now engaging in phishing campaigns that leverage attachments with HTML redirectors in order to deliver Excel documents containing malware. Following a short period of inactivity, the group, resumed activities last month with a scheme designed to get victims to install the information-stealing Trojan GraceWire,…

Laptop containing patient data goes missing from Mississippi hospital

Hackers play on Coronavirus fears to spread Emotet

Cybercriminals are exploiting fears over the outbreak of Coronavirus in China, sending out emails with malicious Word attachments purportedly providing updates on preventing infection but in actuality delivering the Emotet trojan. “Patients were reported about the new type of coronavirus-related pneumonia, mainly in Takeshi, China. Patients have been reported in Gifu Prefecture in Japan,Therefore, please…

Tampa Bay Times hit by Ryuk, new variant of stealer aimed at gov’t, finance

On the heels of a Ryuk ransomware attack on the Tampa Bay Times, researchers reported a new variant of the Ryuk stealer being aimed at government, financial and law enforcement targets. The Times attack didn’t result in a breach, noted David Ruiz, 0f Malwarebytes Labs, who cited the Times Publishing Company Chief Digital Officer Conan…

Three Magecart operatives arrested in Indonesia

Several members of a group allegedly behind hundreds of Magecart-style attacks were arrested last month in Indonesia as the result of an international law enforcement operation. Interpol’s ASEAN Cyber Capability Desk and the Indonesian National Police just announced late last week the December 20, 2019 arrest of three members of a group allegedly behind a…

Next post in Cybercrime