A new information stealer has been found leveraging Lua bytecode for added stealth and sophistication, findings from McAfee Labs reveal. The cybersecurity firm has assessed it to be a variant of a known malware called RedLine Stealer owing to the fact that the command-and-control (C2) server IP address has been previously identified as associated with the malware. RedLine … [Read more...] about New RedLine Stealer Variant Disguised as Game Cheats Using Lua Bytecode for Stealth
variant
Mustang Panda Targets Asia with Advanced PlugX Variant DOPLUGS
Feb 21, 2024NewsroomMalware / Cyber Espionage The China-linked threat actor known as Mustang Panda has targeted various Asian countries using a variant of the PlugX (aka Korplug) backdoor dubbed DOPLUGS. "The piece of customized PlugX malware is dissimilar to the general type of the PlugX malware that contains a completed backdoor command module, and that the former is only … [Read more...] about Mustang Panda Targets Asia with Advanced PlugX Variant DOPLUGS
New Variant of DLL Search Order Hijacking Bypasses Windows 10 and 11 Protections
Jan 01, 2024NewsroomWindows Security / Vulnerability Security researchers have detailed a new variant of a dynamic link library (DLL) search order hijacking technique that could be used by threat actors to bypass security mechanisms and achieve execution of malicious code on systems running Microsoft Windows 10 and Windows 11. The approach "leverages executables commonly … [Read more...] about New Variant of DLL Search Order Hijacking Bypasses Windows 10 and 11 Protections
8Base Group Deploying New Phobos Ransomware Variant via SmokeLoader
The threat actors behind the 8Base ransomware are leveraging a variant of the Phobos ransomware to conduct their financially motivated attacks. The findings come from Cisco Talos, which has recorded an increase in activity carried out by cybercriminals. "Most of the group's Phobos variants are distributed by SmokeLoader, a backdoor trojan," security researcher Guilherme Venere … [Read more...] about 8Base Group Deploying New Phobos Ransomware Variant via SmokeLoader
New GootLoader Malware Variant Evades Detection and Spreads Rapidly
Nov 07, 2023NewsroomEndpoint Security / Malware A new variant of the GootLoader malware called GootBot has been found to facilitate lateral movement on compromised systems and evade detection. "The GootLoader group's introduction of their own custom bot into the late stages of their attack chain is an attempt to avoid detections when using off-the-shelf tools for C2 such as … [Read more...] about New GootLoader Malware Variant Evades Detection and Spreads Rapidly
New Python Variant of Chaes Malware Targets Banking and Logistics Industries
Sep 05, 2023THNCyber Threat / Malware Banking and logistics industries are under the onslaught of a reworked variant of a malware called Chaes. "It has undergone major overhauls: from being rewritten entirely in Python, which resulted in lower detection rates by traditional defense systems, to a comprehensive redesign and an enhanced communication protocol," Morphisec said in … [Read more...] about New Python Variant of Chaes Malware Targets Banking and Logistics Industries
New ‘RustBucket’ Malware Variant Targeting macOS Users
Jul 01, 2023Ravie LakshmananEndpoint Security / Malware Researchers have pulled back the curtain on an updated version of an Apple macOS malware called RustBucket that comes with improved capabilities to establish persistence and avoid detection by security software. "This variant of RustBucket, a malware family that targets macOS systems, adds persistence capabilities not … [Read more...] about New ‘RustBucket’ Malware Variant Targeting macOS Users
Hackers Using Golang Variant of Cobalt Strike to Target Apple macOS Systems
May 16, 2023Ravie LakshmananEndpoint Security / Cyber Threat A Golang implementation of Cobalt Strike called Geacon is likely to garner the attention of threat actors looking to target Apple macOS systems. The findings come from SentinelOne, which observed an uptick in the number of Geacon payloads appearing on VirusTotal in recent months. "While some of these are likely … [Read more...] about Hackers Using Golang Variant of Cobalt Strike to Target Apple macOS Systems
CrowdStrike Uncovers I2Pminer MacOS Mineware Variant
CrowdStrike analyzed an I2Pminer variant that targets macOS The mineware utilizes I2P to hide XMRig network traffic The CrowdStrike Falcon® platform provides continuous protection against mineware threats by offering real-time visibility across workloads CrowdStrike recently analyzed a macOS-targeted mineware campaign that utilized malicious application bundles to deliver open … [Read more...] about CrowdStrike Uncovers I2Pminer MacOS Mineware Variant
New Mirai Botnet Variant ‘V3G4’ Exploiting 13 Flaws to Target Linux and IoT Devices
Feb 17, 2023Ravie LakshmananIoT Security / Cyber Attack A new variant of the notorious Mirai botnet has been found leveraging several security vulnerabilities to propagate itself to Linux and IoT devices. Observed during the second half of 2022, the new version has been dubbed V3G4 by Palo Alto Networks Unit 42, which identified three different campaigns likely conducted by … [Read more...] about New Mirai Botnet Variant ‘V3G4’ Exploiting 13 Flaws to Target Linux and IoT Devices