Malware | SC Media

Malware

U.S. urges Linux users to secure kernels from new Russian malware threat

Linux users should not assume they are safe from the ambitions and reach of reputed Russian hacking group Fancy Bear, which has been using a newly disclosed malware toolset to establish a command-and-control connection with infected Linux systems. Called Drovorub, the toolset essentially creates a backdoor that enables file downloads and uploads, the execution of…

Botnet abuses Docker servers and crypto blockchain to deliver Doki backdoor

As user organizations move more of their business infrastructure off premises, cybercriminals become increasingly motivated to target Linux-based cloud environments, including Docker servers with misconfigured API ports. And while cryptojacking schemes comprise some of the more conventional varieties of these Linux-based malware attacks, researchers have just disclosed the discovery of a Docker container attack that…

Dacls RAT’s goals are to steal customer data and spread ransomware

The Dacls remote access trojan that is capable of attacking Windows, Linux and macOS environments has been used to distribute VHD ransomware and to target customer databases for attempted exfiltration, according to researchers. Kaspersky on Wednesday revealed this latest intel on Dacls in a company blog post and corresponding press release that also detailed an…

Docker attackers devise clever technique to avoid detection

In what researchers say is a first, attackers are performing a new container attack technique in the wild, whereby they build their own malicious images on a targeted host instead of pulling preexisting ones from a public registry. This maneuver allows the adversaries to avoid static detection by scanners that are programmed to look for…

More Chinese tax software found to dish out backdoor malware

A second tax software program associated with the Chinese banking industry has now been found to contain an embedded backdoor that secretly grants attackers SYSTEM-level privileges. In late June, researchers from Trustwave SpiderLabs reported that accounting software called Intelligence Tax, developed by Chinese information security company Aisino Corporation and distributed to global clients of an…

hacker in a hoodie

Unsealed indictment alleges Kazakh man is behind Fxmsp hacking group

Federal prosecutors have indicted Andrey Turchin, a 37-year-old citizen of Kazakhstan, on five criminal counts related to his alleged involvement in a financially motivated cybercriminal hacking collective known as Fxmsp that the Department of Justice says cost victims tens of millions of dollars. Turchin — who also individually goes by the alias Fxmsp — and…

Hidden purpose of Mac ‘ransomware’ EvilQuest is data exfiltration, say researchers

Researchers have developed a decryption tool for the recently discovered EvilQuest ransomware program designed to target Mac machines. But several analysts now concur that EvilQuest’s malicious encryption may be more of a decoy, while the program’s true purpose appears to be data exfiltration. In a new blog post this week, Thomas Reed, director of Mac…

Next post in Security News