Malware News, Articles and Updates

More BankBot apps sneak into Google store; UAE banks added to malware's targets

The Google Play store once again has been invaded with apps carrying BankBot Android banking malware that uses fake overlay screens to fool banking app users into giving away their credentials.

Samsung announces bug bounty for devices and services

Samsung is joining the ranks of Apple and other competitors and looking to boost the security of their platforms with the launch of its own bug bounty program.

Minnesota park computers infected with malware

The malware was found after a noticeable uptick in unusual activity.

Return of the EMOTET Trojan, spreads via spambots

Trend Micro researchers spotted the return of the EMOTET trojan, this time spreading via Spam bots.

NIST develops guidelines for dealing with ransomware recovery

NIST along with vendors and businesses within the cybersecurity community teamed up to develop a recovery guide for firms hit with ransomware attacks.

Pacifier APT backdoor components have suspected ties to Russia-linked Turla Group

Bitdefender researchers spotted three new Pacifier APT backdoor components that appear to link the group's cyberespionage campaigns against government institutions to the Russia-linked Turla Group.

ElTest campaign switches payload from ransomware to RAT

A social engineering scam orchestrated by the ElTest hacking group just had its final payload switched from ransomware to a remote access trojan, indicating a possible change in motive, researchers at Palo Alto Networks have reported.

Secret backdoor in trojan builder kit designed to double-cross its users

A free remote access trojan builder kit that was recently observed in cybercrime forums secretly contains an injected backdoor module that allows the kit's authors to take over the malware later, unbeknownst to the attackers wielding it.

Major malspam campaign pushing Locky ransomware via spoofed internal email addresses

A large malspam campaign using spoofed email addresses has attempted to infect recipients with ransomware in roughly 20 million detected attacks since Tuesday, researchers from Barracuda Networks have reported.

Lip reading AI bot attacks may be on the horizon

As technology improves and merges malware with artificial intelligence, timeless methods such as covering ones mouth may become more important than ever.

Turla APT group linked to Gazer backdoor that spies on embassies

A previously undocumented backdoor program used to spy on foreign embassies and consulates appears to be the work of suspected Russian APT group Turla, researchers from ESET have reported.

Researchers unite to quash 'WireX' DDoS botnet composed of Android devices

Security researchers from at least seven major companies collaborated this month to subdue a DDoS botnet composed of compromised Android devices operating in more than 100 different countries.

Hackers rewrite Jimmy Nukebot malware to change its goals and tasks

Jimmy Nukebot malware trojan becomes more modular to increase flexibility and make static analysis much more complicated - shows ability to adapt to the goals and tasks set before a botnet to take advantage of a new source.

ICYMI: infected apps; LinkedIn; NHS breach; GPS spoofing; board training

In Case you missed it: Dodgy Google play apps again; Linkedin hit; NHS database breach; GPS spoofing US navy?; board training lacking

Researchers spot build your own malware apps for ransomware

Symantec researchers have spotted mobile malware factories in the wild which allow wannabe malware authors develop custom malware on their own devices without having to write a single line of code.

Chinese national arrested in relation to OPM breach

U.S. officials arrested a Chinese national who is accused of being involved in the 2015 OPM breach.

Researcher spots uptick in WAP-billing Trojan-Clickers

Kaspersky Lab researcher Roman Unuchek spotted an uptick in WAP-billing trojan-clickers from different cybercriminal groups targeting users in Russia and India.

Android Oreo includes new Google Play Protect security feature

Google's Android Oreo includes new security features designed to protect users' devices and data from malicious apps with a host of new security features.

Researchers find more malware-infested apps on Google Play

Bankbot found in apps uploaded by same author on Google Play, abuses Accessibliity Service feature

Online role-playing games on unofficial websites caught dispensing 'Joao' downloader

Attackers have been compromising popular online role-playing games from Aeria Games on unofficial websites, in order to infect players with a malware downloader called Joao, researchers from ESET have reported.

New fileless cryptocurrency miner abuses WMI, leverages EternalBlue Windows exploit

A newly discovered fileless cryptocurrency miner has been targeting the Asia-Pacific region, leveraging the EternalBlue Windows SMB exploit to drop a backdoor while abusing Microsoft WMI as its persistence mechanism.

Flaw in LinkedIn Messenger could harbour malware

When a valid file is uploaded and sent, LinkedIn's security protections scan the attachment for malicious activity, but attackers could bypass the security restrictions and attach a malicious file to the LinkedIn messaging service.