Researchers Found an Adware Malware Downloaded More Than 13 million Times on Google Play and the App Store

researchers found adware malware

Researchers from the Satori Threat Intelligence group at HUMAN company have found an adware in 75 apps on Google Play and 10 more in the Apple App Store. In total, this adware has been installed more than 13 million times. Experts informed Google and Apple of their findings, and all malicious applications have already been removed from the official Android …

Read more

A Dissatisfied Developer Leaked the LockBit Ransomware Builder to the Public

lockbit ransomware builder

Information security specialists reported that the builder of the well-known encryptor LockBit was published in the public domain. Apparently, LockBit 3.0 was leaked by a dissatisfied developer or a competitor of the group. Let me remind you that the LockBit hack group released version 3.0 of the LockBit malware in June 2022 and at the same time introduced its own …

Read more

Researchers Discover Backdoor-Infected Version of PuTTY

Backdoor-infected versions of PuTTY

Mandiant analysts have warned of a backdoor-infected version of the PuTTY utility, presumably created by North Korean hackers from the UNC4034 group (aka Temp.Hermit or Labyrinth Chollima). Apparently, a malicious version of PuTTY is being used to break into organizations that are of interest to attackers. Let me remind you that we also wrote that Pirated Software Like Hacked 3DMark …

Read more

Access to Microsoft Teams Authentication Tokens Is Possible without Downloading Complex Malware

Microsoft Teams authentication tokens

Information security specialists have discovered a serious vulnerability in the Microsoft Teams desktop application: a bug allows access to authentication tokens, which, as it turns out, are stored in plain text format, without any protection. Let me remind you that we also reported that SVCReady Malware Loader Uses Microsoft Office Documents for Attack. Researchers from the information security company Vectra …

Read more

The EvilProxy Phishing Platform Offers a 2FA Bypass for Apple, Google, Microsoft, etc.

Phishing Platform EvilProxy

Resecurity experts discovered the EvilProxy phishing platform, which offers reverse proxies to unskilled attackers and promises to steal authentication tokens to bypass multi-factor authentication (MFA) at Apple, Google, Microsoft, Twitter, GitHub, GoDaddy, Facebook and so on. Let me remind you that we also wrote that SVCReady Malware Loader Uses Microsoft Office Documents for Attack, as well as that Beta Version …

Read more

Chrome Allows Sites to Interact with the Clipboard without Permission

Chrome and clipboard without permission

Google Chrome version 104 accidentally discovered a bug due to which users are no longer required to have explicit permission to write to the clipboard from the sites they visit. Experts note that similar functionality that allows to interact with the system clipboard is also available in Safari and Firefox, but these browsers have protection based on user gestures. Let …

Read more

Pirated Software Like Hacked 3DMark Is Used to Distribute RedLine Infostealer

RedLine infostealer and pirated software

Zscaler specialists discovered several malicious campaigns in which the RedLine infostealer is distributed under the guise of various pirated software, including 3DMark, Adobe Acrobat Pro, MAGIX Sound Force Pro, and so on. Let me remind you that we also talked about RedLine Stealer Malware Masks as Bots to Buy Binance NFT Mystery Boxes. The researchers say that SEO poisoning and …

Read more

BugDrop Malware Is Already Able to Bypass the Security Mechanisms of Android 13

BugDrop malware and Android 13

Threat Fabric experts say that BugDrop malware developers have already learned how to bypass the new Restricted setting security feature introduced by Google in Android 13. This week, Google released Android 13: the new version of the OS has been deployed to Google Pixel devices, and the source code has been published on AOSP. In this release, the developers tried …

Read more

SOVA Android Malware Will Receive a New Encryptor Module

Android SOVA Malware

The SOVA Android malware is evolving and is now capable of infecting at least 200 mobile apps, including banking and cryptocurrency trading apps. It should be clarified that the first version of the Trojan could infect only 90 applications. According to the latest data from the Italian company Cleafy, new versions of the malware are able to intercept two-factor authentication …

Read more

Hackers Use Dark Utilities to Create C&C Infrastructure

Hackers use Dark Utilities

Cisco Talos analysts have discovered a new service, Dark Utilities, which hackers actively us – it provides an easy and inexpensive way for hackers to create a command center for their malicious operations. Let me remind you that we also wrote that Chinese Hackers Use Manjusaka Instead of Cobalt Strike, and also that Raspberry Robin Malware Uses Hacked Qnap Devices …

Read more