Spyware Predator Uses Five 0-day Vulnerabilities to Attack Android Users

Predator Spyware

Analysts at the Google Threat Analysis Group (TAG) have discovered that government hackers use five zero-day vulnerabilities at once to install the Predator spyware, created by commercial spyware developer Cytrox. Let me remind you that we also wrote that Vulnerability in WordPress Tatsu Builder Plugin Is under Attack. The researchers say they recorded three campaigns that lasted from August to …

Read more

Vulnerability in WordPress Tatsu Builder Plugin Is under Attack

WordPress Tatsu Builder

Experts warn that hackers are massively exploiting an RCE vulnerability (CVE-2021-25094) in the Tatsu Builder plugin for WordPress, which is installed on about 100,000 sites. According to experts, about 50,000 sites still use the vulnerable version of the plugin, although the patch has been available since early April. Recall that we also wrote that Malware for iPhone Can Work Even …

Read more

Malware for iPhone Can Work Even When the Device Is turned off reads

Malware for iPhone

Researchers from the Darmstadt University of Technology have developed an iPhone malware that can run even when the device is turned off. It all started when scientists investigated the implementation of low-power mode (LPM) on the iPhone and found that it carries serious security risks and even allows attackers to run malware on devices that are turned off. Experts say …

Read more

RedLine Stealer Malware Masks as Bots to Buy Binance NFT Mystery Boxes

RedLine Stealer Malware

Cybersecurity specialists discovered a new campaign to distribute the Russian malware RedLine Stealer on YouTube. The malware is advertised as a bot for buying mystery boxes with Binance NFT, but in fact, the victims do not download the bot into their systems, but the data-stealing malware. Mystery boxes with NFTs are similar to game loot boxes: each such virtual box …

Read more

Raspberry Robin Malware Has Worm Features and Abuses Windows Installer

Raspberry Robin Malware

Analysts from Red Canary have discovered a new malware for Windows called Raspberry Robin, which has the properties of a worm and spreads via USB drives. The researchers write that they found malware in the networks of several of their clients, among which were unnamed companies from the technology and manufacturing sectors. Let me remind you that we also wrote …

Read more

New Bumblebee Malware Downloader Became a Replacement for BazarLoader for Hackers

Bumblebee malware downloader

A newly discovered malware loader called Bumblebee is likely the latest development by the Conti syndicate to replace the BazarLoader backdoor. BazarLoader has been used in attacks to deliver ransomware payloads. Let me remind you that we also recently talked that Onyx Malware Destroys Large Files Instead of Encrypting Them, and also that Quantum Ransomware Operators Carried Out the Attack …

Read more

Onyx Malware Destroys Large Files Instead of Encrypting Them

Onyx destroys large files

Security researchers warned about an unpleasant feature of the Onyx ransomware (although what kind of malware can have nice features?): the ransomware destroys large files (more than 2 MB in size) instead of encrypting them. Unfortunately, it will not be possible to decrypt the data, even if the victim paid the ransom. Let me remind you that we also wrote …

Read more

Quantum Ransomware Operators Carried Out the Attack in Less Than 4 Hours

Quantum ransomware attack

The Quantum ransomware, first discovered in August 2021, was used in a fast network attack. The attackers used the IcedID malware as one of their initial access vectors, which deploys Cobalt Strike for remote access and leads to data theft and encryption with Quantum. By the way, our website has instructions on how to remove malware and decrypt files after …

Read more