VanHelsing: Cross-Platform Ransomware Service Targets Global Organizations
A sophisticated new ransomware-as-a-service called VanHelsing has emerged, targeting multiple operating systems with advanced encryption capabilities. The malware has already claimed victims across the US and France, with affiliates receiving up to 80% of ransom payments that can reach $500,000.
DollyWay Malware Campaign: The Eight-Year Evolution of a WordPress Threat
A sophisticated malware operation called DollyWay has compromised over 20,000 WordPress sites since 2016, redirecting millions of visitors to fraudulent pages. The campaign's third iteration employs advanced techniques like cryptographic signing and multiple injection methods to maintain persistence.
New Linux Backdoor 'Auto-color' Targets Academic and Government Systems
A sophisticated Linux backdoor dubbed 'Auto-color' is actively compromising universities and government institutions across North America and Asia. The stealthy malware grants attackers extensive remote access while being notably difficult to detect and remove, featuring a kill switch that hampers forensic investigations.
Massive Black Basta Ransomware Leak Exposes Criminal Empire's Inner Workings
A groundbreaking data breach has revealed over 200,000 private messages from the Black Basta ransomware group, providing unprecedented insight into their sophisticated attack methods and internal conflicts. The leak, spanning a year of communications, details the organization's methodical approach to targeting critical infrastructure and major institutions worldwide.
Malicious Steam Game 'PirateFi' Caught Stealing User Credentials and Sensitive Data
A free game on Steam was discovered containing dangerous malware designed to steal passwords and sensitive information before being removed by Valve. The Vidar info-stealer malware reportedly compromised hundreds of users' data, prompting urgent security measures.
North Korean Hackers Deploy Deceptive 'ClickFix' Social Engineering Tactic
Kimsuky, a sophisticated North Korean hacking group, has been observed using a new social engineering technique called 'ClickFix' to target South Korean users. The attackers trick victims into running malicious PowerShell scripts through fake browser notifications and spear-phishing campaigns.
Browser Syncjacking: The Dangerous New Chrome Attack That Hijacks Your Entire Computer
Researchers uncover 'browser syncjacking', a sophisticated cyberattack that uses malicious Chrome extensions to gain complete control of victims' devices. The attack exploits Google's browser sync feature to steal sensitive data while evading detection through legitimate-looking prompts and minimal permissions.
NGate Malware Exploits NFC Technology to Clone Payment Cards and Steal Money
A sophisticated malware campaign targeting Czech banks uses Android phones to relay NFC payment card data to attackers, enabling fraudulent ATM withdrawals. The scheme, which operated from late 2023 until a recent arrest, combines social engineering and modified open-source code to steal banking credentials and clone cards.
XE Group Evolves from Card Skimming to Zero-Day Exploitation in Supply Chain Attacks
Notorious cybercrime group XE Group has shifted tactics from credit card theft to exploiting critical vulnerabilities in supply chain software. The group now leverages sophisticated zero-day exploits and web shells to maintain long-term unauthorized access to manufacturing and distribution systems.
Avery Discovers Credit Card Theft Malware During Ransomware Attack Investigation
Avery Products uncovers a widespread credit card skimming operation affecting 67,000 customers while investigating a December ransomware incident. The malware, active for six months, captured sensitive payment details including CVV numbers, leading to reports of fraud.