Malware News, Articles and Updates

LuminosityLink RAT author pleads guilty

Federal prosecutors accused 21-year-old Colton Ray Grubbs of conspiring with others to market and distribute the malware for $40 as an affordable hacking option to more than 8,600 customers, according to Europol.

Researchers: 'Roman Holiday' malware campaign appears to be Russia targeting Italian navy

The Russian threat group Fancy Bear appears to be behind a recent campaign that may have targeted Italy's navy with an updated version of the APT group's XAgent backdoor malware, according to researchers.

Cryptomining campaign targeting web servers vulnerable to Drupalgeddon 2.0 nets $11,000

An ongoing malware campaign that attempts to exploit web servers susceptible to the Drupalgeddon 2.0 bug in order to infect them with an XMRig-based cryptominer has generated around $11,000 in profits since commencing last April and peaking on May 20.

Ammyy Admin site found pushing banking malware, uses World Cup as cover

Cybercriminals managed to again compromise the Ammyy Admin website, this time on June 13 and 14 they managed to have it serve malware in addition to the site's legitimate free remote administration tool.

Malware at nine B&B Hospitality Group restaurants in New York targeted payment info

The breach occurred between March 1, 2017 and May 8, 2018, and hackers may have walked away with card numbers, names, expiration dates, internal verification codes and other payment data.

Cryptojacking operation leverages shortlinks and traffic distribution system to infect users

A cryptojacking operation that injects legitimate websites with secret Coinhive shortlinks was recently discovered to be part of an even larger malicious infrastructure that redirects innocent site visitors to servers that distribute both web-based and standard cryptominers.

Updated Rakhni malware strain can be ransomware or a cryptominer

The five-year-old Trojan-Ransom.Win32.Rakhni family has received a facelift that now allows it to decide whether or not to install its traditional ransomware or to drop a cryptominer instead.

Bot infects connected devices with miner linked to Chinese money scam site

Researchers have uncovered a malware bot that infects Linux-based servers and connected devices with a cryptominer that appears to transfer funds to the operators of a Chinese money-making scam website.

Hidden malware in Fortnite cheating app shells gamers with barrage of ads

Gamers who recently downloaded a Fortnite cheating app in order to gain an unfair advantage over fellow players found they had a hard time surviving a barrage of malicious ads that followed.

2.3 million cryptocurrency wallet addresses being scanned by new clipboard hijacker

That number is about four times what Bleeping Computer normally sees being tracked by this type of malware.

VMware released security updates for vSphere ESXi, Workstation Pro, Fusion Pro

Three of the vulnerabilities are rated important and successful exploitation of these issues may lead to information disclosure or may allow attackers with normal user privileges to crash their VMs.

PBot adware family growing longer

The Python code-based PBot (PythonBot) adware family, much like its reptilian cousins, has continued to grow from when it was first spotted last year adding several new features, including a cryptocurrency miner.

539 percent uptick in attacks targeting consumer-grade routers since, study

The first quarter of 2018 saw a dramatic increase in the number of cyberattacks targeting consumer-grade routers.

Report: Russia may be readying cyberattack against Ukraine

One year after the global NotPetya disk wiper incident that both the U.S. and UK have attributed to Russia, Moscow-backed hackers may be on the verge of launching another large-scale damaging cyberattack against Ukraine, according to a Tuesday Reuters report citing a Ukrainian law enforcement official.

Fake WannaCry sent via phishing emails

Cybercriminals are once again looking to extort victims by piggybacking off the success of WannaCry with their own scareware demanding bitcoin based on fear rather than an actual ransomware attack.

Hackers weaponised secure USB drives to target air-gapped networks

A cyber-espionage group is targeting a specific type of secure USB drive created by a South Korean defence company in a bid to gain access to its air-gapped networks.

$50 Kardon beta malware allows customers to build own botnets

A new commercial malware dropper was discovered on sale at the low price of $50 in its beta form but promising the ability to allow customers to open their own botshop allowing the purchaser to rebuild the bot to sell access to others, creating their own clientele.

60,000 Android devices hit with ad-clicking bot malware

A new malicious Android app has infected at least 60,000 devices gaining the ability to extract some important information from each device along with installing some ad click malware.

Monero-mining Drupal malware targets network systems

Cybercriminals are delivering Monero-mining malware designed to turn entire systems into mining bots via a Drupal vulnerability that was patched back in April of this year.

Fortnite for Android scam uncovered

Cybercriminals are taking advantage of gamer's insatiable desire, and lack of patience, for the latest hot game in order to install lead the unsuspecting gamer into a well-constructed click fraud scam.

Malicious version of Syscoin's Windows installer found on Github

Malicious actors replaced the legitimate Windows installer for Syscoin's cryptocurrency earlier this month with a version containing malware, which was available on the company's Github page for several days.

FBI, DHS report details new North Korean trojan

Some of the positive vibes taken away from President Trump's recent meeting with North Korea's Kim Jong Un may be tempered following a joint DHS-FBI report detailing a new trojan dubbed Typeframe being used by the Hermit Kingdom.

AI startup Clarifai hacked by Russian operatives during Pentagon Maven project, lawsuit claims

An incident report saying that the company's code and customer data could have fallen prey to malware from Russia in November 2017.

Privacy by design BSI standard being developed for IOT devices and apps

BSI confirms that it is running the secretariat for a new ISO Project Committee developing ISO 23485 Consumer protection - Privacy by design for consumer goods and services - aimed at protecting consumers' domestic privacy.