Malware

200-plus impressively convincing GitHub repos are serving up malware

Infosec bytes Plus: DOGE staff quit; LastPass PC, Mac gasp; and CISA warns Oracle and Adobe flaws under attack

Security26 Feb 2025 | 9

China's Silver Fox spoofs medical imaging apps to hijack patients' computers

Sly like a PRC cyberattack

Research25 Feb 2025 | 2

Malware variants that target operational tech systems are very rare – but 2 were found last year

Fuxnet and FrostyGoop were both used in the Russia-Ukraine war

Research25 Feb 2025 | 3

Snake Keylogger slithers into Windows, evades detection with AutoIt-compiled payload

Because stealing your credentials, banking info, and IP just wasn’t enough

Research18 Feb 2025 | 8

XCSSET macOS malware returns with first new version since 2022

Known for popping zero-days of yesteryear, Microsoft puts Apple devs on high alert

Research17 Feb 2025 | 6

Apple missed screenshot-snooping malware in code that made it into the App Store, Kaspersky claims

OCR plugin great for extracting crypto-wallet secrets from galleries

Cyber-crime07 Feb 2025 | 7

Someone is slipping a hidden backdoor into Juniper routers across the globe, activated by a magic packet

Who could be so interested in chips, manufacturing, and more, in the US, UK, Europe, Russia...

Networks25 Jan 2025 | 78

FBI wipes Chinese PlugX malware from thousands of Windows PCs in America

Hey, Xi: Zài jiàn!

Cyber-crime14 Jan 2025 | 31

Japanese police claim China ran five-year cyberattack campaign targeting local orgs

‘MirrorFace’ group found ways to run malware in the Windows sandbox, which may be worrying

Security09 Jan 2025 | 6

FireScam infostealer poses as Telegram Premium app to surveil Android devices

updated Once installed, it helps itself to your data like it's a free buffet

Research06 Jan 2025 | 5

'That's not a bug, it's a feature' takes on a darker tone when malware's involved

Opinion Mummy, where do zero days come from?

Security23 Dec 2024 | 24

UK ICO not happy with Google's plans to allow device fingerprinting

Infosec in brief Also, Ascension notifies 5.6M victims, Krispy Kreme bandits come forward, LockBit 4.0 released, and more

Security23 Dec 2024 | 75

Are your Prometheus servers and exporters secure? Probably not

Infosec in brief Plus: Netscaler brute force barrage; BeyondTrust API key stolen; and more

Security15 Dec 2024 | 1

Iran-linked crew used custom 'cyberweapon' in US critical infrastructure attacks

IOCONTROL targets IoT and OT devices from a ton of makers, apparently

Research13 Dec 2024 | 14

First-ever UEFI bootkit for Linux in the works, experts say

Bootkitty doesn’t bite… yet

Research27 Nov 2024 | 14

Swiss cheesed off as postal service used to spread malware

QR codes arrive via an age-old delivery system

Bootnotes16 Nov 2024 | 34

Don't open that 'copyright infringement' email attachment – it's an infostealer

Curiosity gives crims access to wallets and passwords

Research07 Nov 2024 | 21

Cybercrooks are targeting Bengal cat lovers in Australia for some reason

In case today’s news cycle wasn’t shocking enough, here’s a gem from Sophos

Research06 Nov 2024 | 15

Belgian cops cuff 2 suspected cybercrooks in Redline, Meta infostealer sting

US also charges an alleged Redline dev, no mention of an arrest

Cyber-crime29 Oct 2024 | 1

Dutch cops pwn the Redline and Meta infostealers, leak 'VIP' aliases

Legal proceedings underway with more details to follow

Cybersecurity Month28 Oct 2024 | 5

Perfctl malware strikes again as crypto-crooks target Docker Remote API servers

Attacks on unprotected servers reach 'critical level'

Cybersecurity Month24 Oct 2024 | 1

Pixel perfect Ghostpulse malware loader hides inside PNG image files

Miscreants combine it with an equally tricky piece of social engineering

Cybersecurity Month22 Oct 2024 | 31

Internet Archive wobbles back online, with limited functionality

DDoS detectives deduce Mirai used to do the deed, using home entertainment boxes in Korea, China, and Brazil

Cybersecurity Month16 Oct 2024 | 14

Moscow-adjacent GoldenJackal gang strikes air-gapped systems with custom malware

USB sticks help, but it's unclear how tools that suck malware from them are delivered

Cybersecurity Month09 Oct 2024 | 23

'Critical' CUPS vulnerability chain easy to use for massive DDoS attacks

Infosec In Brief Also, rooting for Russian cybercriminals, a new DDoS record, sneaky Linux server malware and more

Cybersecurity Month07 Oct 2024 | 5

NCA unmasks man it suspects is both 'Evil Corp kingpin' and LockBit affiliate

Aleksandr Ryzhenkov alleged to have extorted around $100M from victims, built 60 LockBit attacks

Cybersecurity Month01 Oct 2024 |

Necro malware continues to haunt side-loaders of dodgy Android mods

Updated 11M devices exposed to trojan, Kaspersky says

Cyber-crime23 Sep 2024 | 2

Move over, Cobalt Strike. Splinter’s the new post-exploit menace in town

No malware crew linked to this latest red-teaming tool yet

Research23 Sep 2024 |

What a coincidence. Spyware makers, Russia's Cozy Bear seem to share same exploits

Google researchers note similarities, can't find smoking-gun link

Security29 Aug 2024 | 3

Proof-of-concept code released for zero-click critical IPv6 Windows hole

If you haven't deployed August's patches, get busy before others do

OSes28 Aug 2024 | 14

Microsoft mistake blows up admins' inboxes with fake malware alerts

Updated Legitimate emails misclassified in software snafu

Security26 Aug 2024 | 11

RansomHub-linked EDR-killing malware spotted in the wild

Infosec in brief Also: Your external-facing NetSuite sites need a review; five popular malware varieties for Q2, and more

Security19 Aug 2024 | 1

SharpRhino malware targets IT admins – Hunters International gang suspected

Fake Angry IP Scanner will make you furious - or maybe remind you of how the Hive gang went about its banal business

Security07 Aug 2024 |

Bad apps bypass Windows security alerts for six years using newly unveiled trick

Windows SmartScreen and Smart App Control both have weaknesses of which to be wary

Research06 Aug 2024 | 16

Sneaky SnakeKeylogger slithers into Windows inboxes to steal sensitive secrets

Malware logs users' keystrokes, pilfers credentials, exfiltrates data

Research05 Aug 2024 | 15

Breaking the economy of trust: How busts affect malware gangs

Feature It's hard to track down individuals, so why not disrupt the underground market itself?

Malware Month02 Aug 2024 | 6

Five months after takedown, LockBit is a shadow of its former self

Feature An unprecedented period for an unparalleled force in cybercrime

Malware Month31 Jul 2024 | 19

'LockBit of phishing' EvilProxy used in more than a million attacks every month

Insight Leaves a trail of ransomware infections, data theft, business email compromise in its wake

Malware Month30 Jul 2024 | 7

Malware crew Stargazers Goblin used 3,000 GitHub accounts to make bank

May even have targeted other malware gangs, and infosec researchers

Cyber-crime26 Jul 2024 | 9

Beware of fake CrowdStrike domains pumping out Lumma infostealing malware

PSA: Only accept updates via official channels ... ironically enough

Malware Month25 Jul 2024 | 3

Cybercrooks spell trouble with typosquatting domains amid CrowdStrike crisis

Latest trend follows various malware campaigns that began just hours after IT calamity

Cyber-crime23 Jul 2024 | 4

FrostyGoop malware shut off heat to 600 Ukraine apartment buildings

First nasty to exploit Modbus to screw with operational tech devices

Malware Month23 Jul 2024 | 11

Russia’s FIN7 is peddling its EDR-nerfing malware to ransomware gangs

Major vendors' products scuppered by novel techniques

Research18 Jul 2024 | 5

Iran's MuddyWater phishes Israeli orgs with custom BugSleep backdoor

India, Turkey, also being targeted by campaign that relies on corporate email compromise

Malware Month17 Jul 2024 | 11

Cyber-crime super-crew Scattered Spider falls in love with RansomHub and Qilin

Extortionists left hanging after rivals crawled into the woodwork

Malware Month16 Jul 2024 |

I spy another mSpy breach: Millions more stalkerware buyers exposed

Infosec in brief Also: Velops routers love plaintext; everything is a dark pattern; Internet Explorer rises from the grave, and more

Security15 Jul 2024 | 8

Three words to send a chill down your spine: Snowflake. Intrusion. Alert

Kettle And can AI save us from the scourge of malware? In theory, why not, but in practice ... Color us skeptical

CSO13 Jul 2024 | 7

IcedID henchman gets nine years in clanger for abusing malware to drain bank accounts

The slippery Ukrainian national must also pay a hefty $74 million on top of the jail time

Malware Month12 Jul 2024 | 7

China's APT41 crew adds a stealthy malware loader and fresh backdoor to its toolbox

Meet DodgeBox, son of StealthVector

Malware Month12 Jul 2024 |

Malware that is 'not ransomware' wormed its way through Fujitsu Japan's systems

IT giant says data exfiltration was extremely difficult to detect

Malware Month10 Jul 2024 | 8

ViperSoftX variant spotted abusing .NET runtime to disguise data theft

Freeware AutoIt also used to hide entire PowerShell environments in scripts

Malware Month10 Jul 2024 | 3

Houthi rebels are operating their own GuardZoo spyware

Interview Fairly 'low budget', unsophisticated malware, say researchers, but it can collect the same data as Pegasus

Malware Month09 Jul 2024 |

Avast secretly gave DoNex ransomware decryptors to victims before crims vanished

Updated Good riddance to another pesky tribe of miscreants

Malware Month08 Jul 2024 | 12

Not-so-OpenAI allegedly never bothered to report 2023 data breach

security in brief Also: F1 authority breached; Prudential victim count skyrockets; a new ransomware actor appears; and more

Security08 Jul 2024 | 5

Europol nukes nearly 600 IP addresses in Cobalt Strike crackdown

Private sector helped out with week-long operation – but didn't touch China

Malware Month04 Jul 2024 | 7

Baddies hijack Korean ERP vendor's update systems to spew malware

Notorious 'Andariel' crew takes a bite of HotCroissant backdoor for fresh attack

Malware Month02 Jul 2024 |