Malware – Page 18 – Search.AI.Wiki

Lemon Group gang pre-infected 9 million Android devices for fraudulent activities

The Lemon Group cybercrime ring has reportedly pre-installed malware known as Guerilla on almost 9 million Android devices.

A cybercrime group tracked has Lemon Group has reportedly pre-installed malware known as Guerilla on almost 9 million Android devices. Infected devices were …

Potentially millions of Android TVs and phones come with malware preinstalled

Enlarge / Cybercriminals or anonymous hackers use malware on mobile phones to hack personal and business passwords online. (credit: Getty Images)

Overall, Android devices have earned a decidedly mixed reputation for security. While the OS itself and Google's Pixels have

…

US Gov offers a $10M reward for a Russian ransomware actor

The US government is offering a $10M reward for Russian national Mikhail Pavlovich Matveev (30) charged for his role in ransomware attacks

The US Justice Department charged Russian national Mikhail Pavlovich Matveev (30), aka Wazawaka, m1x, Boriselcin, and Uhodiransomwar, for …

Lacroix Group shut down three facilities after a ‘targeted cyberattack’

French electronics manufacturer Lacroix Group shut down three plants after a cyber attack, experts believe it was the victim of a ransomware attack.

The French electronics manufacturer Lacroix Group shut down three facilities in France, Germany, and Tunisia in response …

China-linked APT Mustang Panda targets TP-Link routers with a custom firmware implant

China-linked APT group Mustang Panda employed a custom firmware implant targeting TP-Link routers in targeted attacks since January 2023.

Since January 2023, Check Point Research monitored a series of targeted attacks aimed at European foreign affairs entities that have been …

Lancefly APT uses powerful Merdoor backdoor in attacks on Asian orgs

The Lancefly APT group is using a custom powerful backdoor called Merdoor in attacks against organizations in South and Southeast Asia.

Symantec researchers reported that the Lancefly APT group is using a custom-written backdoor in attacks targeting organizations in South …

New RA Group ransomware gang is the latest group using leaked Babuk source code

A previously unknown ransomware group known as RA Group is targeting companies in U.S. and South Korea with leaked Babuk source code.

Cisco Talos researchers recently discovered a new ransomware operation called RA Group that has been active since at …

Introducing the DRM-Report Q1 2023: Unveiling the Current State of Ransomware

DRM Dashboard Ransomware Monitor released the first quarterly report for the year 2023 about the activities of ransomware groups globally.

DRM Dashboard Ransomware Monitor, an independent platform of cybersecurity monitoring, is pleased to release the quarterly the DRM-Report for the …

The latest variant of the RapperBot botnet adds cryptojacking capabilities

FortiGuard Labs Researchers spotted new samples of the RapperBot botnet that support cryptojacking capabilities.

FortiGuard Labs researchers have discovered new samples of the RapperBot bot that added cryptojacking capabilities.

Researchers from FortiGuard Labs first discovered the previously undetected RapperBot IoT …

Security Affairs newsletter Round 419 by Pierluigi Paganini – International edition

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

We are in the final!

Please vote for Security Affairs (https://securityaffairs.com/) as the best …

Russia-affiliated CheckMate ransomware quietly targets popular file-sharing protocol

The CheckMate ransomware operators have been targeting the Server Message Block (SMB) communication protocol used for file sharing to compromise their victims’ networks.

Unlike most ransom campaigns, CheckMate, discovered in 2022, has been quiet throughout its operations. To the best …

Bl00dy Ransomware Gang actively targets the education sector exploiting PaperCut RCE

U.S. CISA and FBI warned of attacks conducted by the Bl00dy Ransomware Gang against the education sector in the country.

The FBI and CISA issued a joint advisory warning that the Bl00dy Ransomware group is actively targeting the education sector …

Leaked source code of Babuk ransomware used by 10 different ransomware families targeting VMware ESXi

The leak of the source code of the Babuk ransomware allowed 9 ransomware gangs to create their own ransomware targeting VMware ESXi systems.

SentinelLabs researchers have identified 10 ransomware families using VMware ESXi lockers based on the source code of …

Leaked source code of Babuk ransomware used by 10 different ransomware families targeting VMware ESXi

The leak of the source code of the Babuk ransomware allowed 9 ransomware gangs to create their own ransomware targeting VMware ESXi systems.

SentinelLabs researchers have identified 10 ransomware families using VMware ESXi lockers based on the source code of …

The Black Basta ransomware gang hit multinational company ABB

Swiss electrification and automation technology giant ABB suffered a Black Basta ransomware attack that impacted its business operations.

Swiss multinational company ABB, a leading electrification and automation technology provider, it the last victim of the notorious Black Basta ransomware group.…

DownEx cyberespionage operation targets Central Asia

A new sophisticated malware strain, dubbed DownEx, was involved in attacks aimed at Government organizations in Central Asia.

In late 2022, Bitdefender Labs researchers first observed a highly targeted cyberattack targeting foreign government institutions in Kazakhstan that involved a new sophisticated strain …

US disrupts Russia-linked Snake implant’s network

The US government announced to have disrupted the peer-to-peer (P2P) network of computers compromised by the Snake malware.

The Snake implant is one of the most sophisticated implants used by Russia-linked threat actors for cyberespionage purposes. The malware has been …

Fortinet warns of a spike of the activity linked to AndoryuBot DDoS botnet

A DDoS botnet dubbed AndoryuBot has been observed exploiting an RCE, tracked as CVE-2023-25717, in Ruckus access points.

FortiGuard Labs researchers have recently observed a spike in attacks attempting to exploit the Ruckus Wireless Admin remote code execution vulnerability tracked …

New CACTUS ransomware appeared in the threat landscape

Researchers warn of a new ransomware family called CACTUS that exploits known vulnerabilities in VPN appliances to gain initial access to victims’ networks.

Researchers from cybersecurity firm Kroll have analyzed on a new ransomware family called CACTUS that has been …

Money Message gang leaked private code signing keys from MSI data breach

The ransomware gang behind the attack on Taiwanese PC maker MSI leaked the company’s private code signing keys on their darkweb leak site.

In early April, the ransomware gang Money Message announced to have hacked the Taiwanese multinational IT corporation …