Security experts from Kaspersky Lab have uncovered a new spam campaign leveraging the Loki Bot malware to target corporate mailboxes. The Loki Bot attacks started in July and aimed at stealing passwords from browsers, messaging applications, mail and FTP clients, and cryptocurrency wallets Loki Bot operators employ various social engineering technique to trick victims into opening weaponized attachments that […]
On August 13, ASERT observed the Cobalt crime gang actively pushing a new campaign aimed at institutions in eastern Europe and Russia. Security experts from Netscout’s ASERT uncovered a new campaign carried out by the Cobalt cybercrime group. The attacks were detected on August 13, 2018, experts revealed that the hackers targeted also the NS Bank in Russia and Carpatica/Patria in […]
Fappening – The hacker George Garofano (26) who leaked celebrities naked photos and attempted to trade them was sentenced to 8 months in prison The sentence for the fourth hacker involved in the leakage of celebrities naked photos, also known as the Fappening case, has arrived. George Garofano, 26, of North Branford, has been sentenced to […]
Today I’d like to share a full path analysis including a KickBack attack which took me to gain full access to an entire Ursniff/Gozi botnet. In other words:Â from a simple “Malware Sample” to “Pwn the Attacker Infrastructure”. NB: Federal Police have already been alerted on such a topic as well as National and International […]
A youngster (20) from Washington was indicted last week on federal computer hacking charges after rival hackers fingered him as the creator of a Mirai variant dubbed Satori. MalwareMustDie Team: âItâs time for every teenager or young man to know that playing with malware is the fastest way to finish in the jailâ Mirai, Mirai […]
A hacker is offering for sale the personal details of over 130 million hotel chain guests on a Chinese Dark Web forum. The news was reported by Bleeping computers, a hacker is selling the personal details of over 130 million hotel guests for 8 Bitcoin on a Chinese Dark Web forum. “The breach was reported […]
According to the threat intelligence firm Volexity, the CVE-2018-11776 vulnerability is already being abused in malicious attacks in the wild. Just yesterday I wrote about the availability online of the exploit code for the recently discovered Critical remote code execution vulnerability CVE-2018-11776 in Apache Struts 2. The PoC code was published on GitHub and experts were warning of […]
Security researchers at Proofpoint security have discovered a previously undocumented downloader tracked as AdvisorsBot that was involved in malicious email campaigns. AdvisorsBot was uncovered in malicious email campaigns, attributed to the TA555 threat actor, targeting hotels, restaurants, and telecommunications entities. The name âAdvisorsBotâ comes from the early command and control (C&C) domains that all contained the word […]
Hackers claim to have stolen the personal details of almost 20,000 Superdrug customers who shopped online at the cosmetics retailer. The British Superdrug is the last victim of a security breach, hackers claim to have stolen the personal details of almost 20,000 people who shopped online at the cosmetics retailer. Hackers accessed customersâ names, addresses and in some cases […]
Researchers from Trustwave have uncovered a malspam campaign targeting banks with the FlawedAmmyy RAT. The peculiarity of this malspam campaign is the unusual use of a Microsoft Office Publisher file to infect victimsâ systems. Experts noticed an anomalous spike in the number of emails with a Microsoft Office Publisher file (a .pub attachment) and the subject line, âPayment Advice,â that was sent to domains belonging […]