Jan 06, 2023Ravie LakshmananCryptocurrency / GitHub A South Africa-based threat actor known as Automated Libra has been observed employing CAPTCHA bypass techniques to create GitHub accounts in a programmatic fashion as part of a freejacking campaign dubbed PURPLEURCHIN. The group "primarily targets cloud platforms offering limited-time trials of cloud resources in order to … [Read more...] about Hackers Using CAPTCHA Bypass Tactics in Freejacking Campaign on GitHub
campaign
New Malvertising Campaign via Google Ads Targets Users Searching for Popular Software
Dec 29, 2022Ravie LakshmananOnline Security / Malvertising Users searching for popular software are being targeted by a new malvertising campaign that abuses Google Ads to serve trojanized variants that deploy malware, such as Raccoon Stealer and Vidar. The activity makes use of seemingly credible websites with typosquatted domain names that are surfaced on top of Google … [Read more...] about New Malvertising Campaign via Google Ads Targets Users Searching for Popular Software
Researchers Detail New Malware Campaign Targeting Indian Government Employees
The Transparent Tribe threat actor has been linked to a new campaign aimed at Indian government organizations with trojanized versions of a two-factor authentication solution called Kavach. "This group abuses Google advertisements for the purpose of malvertising to distribute backdoored versions of Kavach multi-authentication (MFA) applications," Zscaler ThreatLabz researcher … [Read more...] about Researchers Detail New Malware Campaign Targeting Indian Government Employees
Researchers Uncover Years-Long Mobile Spyware Campaign Targeting Uyghurs
A new wave of a mobile surveillance campaign has been observed targeting the Uyghur community as part of a long-standing spyware operation active since at least 2015, cybersecurity researchers disclosed Thursday. The intrusions, originally attributed to a threat actor named Scarlet Mimic back in January 2016, is said to have encompassed 20 different variants of the Android … [Read more...] about Researchers Uncover Years-Long Mobile Spyware Campaign Targeting Uyghurs
New Grandoreiro Banking Malware Campaign Targeting Spanish Manufacturers
Organizations in the Spanish-speaking nations of Mexico and Spain are in the crosshairs of a new campaign designed to deliver the Grandoreiro banking trojan. "In this campaign, the threat actors impersonate government officials from the Attorney General's Office of Mexico City and from the Public Ministry in the form of spear-phishing emails in order to lure victims to … [Read more...] about New Grandoreiro Banking Malware Campaign Targeting Spanish Manufacturers
Researchers Expose Mars Stealer Malware Campaign Using Google Ads to Spread
A nascent information stealer called Mars has been observed in campaigns that take advantage of cracked versions of the malware to steal information stored in web browsers and cryptocurrency wallets. "Mars Stealer is being distributed via social engineering techniques, malspam campaigns, malicious software cracks, and keygens," Morphisec malware researcher Arnold Osipov said in … [Read more...] about Researchers Expose Mars Stealer Malware Campaign Using Google Ads to Spread
OverWatch Uncovers Ongoing NIGHT SPIDER Zloader Campaign
Over recent months, the CrowdStrike Falcon OverWatch™ team has tracked an ongoing, widespread intrusion campaign leveraging bundled .msi installers to trick victims into downloading malicious payloads alongside legitimate software. These payloads and scripts were used to perform reconnaissance and ultimately download and execute NIGHT SPIDER’s Zloader trojan, as detailed in … [Read more...] about OverWatch Uncovers Ongoing NIGHT SPIDER Zloader Campaign
Iranian Hackers Targeting Turkey and Arabian Peninsula in New Malware Campaign
The Iranian state-sponsored threat actor known as MuddyWater has been attributed to a new swarm of attacks targeting Turkey and the Arabian Peninsula with the goal of deploying remote access trojans (RATs) on compromised systems. "The MuddyWater supergroup is highly motivated and can use unauthorized access to conduct espionage, intellectual property theft, and deploy … [Read more...] about Iranian Hackers Targeting Turkey and Arabian Peninsula in New Malware Campaign
Microsoft Uncovers New Details of Russian Hacking Campaign Targeting Ukraine
Microsoft on Friday shared more of the tactics, techniques, and procedures (TTPs) adopted by the Russia-based Gamaredon hacking group to facilitate a barrage of cyber espionage attacks aimed at several entities in Ukraine over the past six months. The attacks are said to have singled out government, military, non-government organizations (NGO), judiciary, law enforcement, and … [Read more...] about Microsoft Uncovers New Details of Russian Hacking Campaign Targeting Ukraine
StellarParticle Campaign: Novel Tactics and Techniques
StellarParticle is a campaign tracked by CrowdStrike as related to the SUNSPOT implant from the SolarWinds intrusion in December 2020 and associated with COZY BEAR (aka APT29, “The Dukes”). The StellarParticle campaign has continued against multiple organizations, with COZY BEAR using novel tools and techniques to complete their objectives, as identified by CrowdStrike … [Read more...] about StellarParticle Campaign: Novel Tactics and Techniques