Fake IT bods on Microsoft Teams coax workers into installing malware
Unit 42 says attackers are posing as helpdesk staff and persuading employees to hand over remote control before dropping EtherRAT trojan
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Unit 42 says attackers are posing as helpdesk staff and persuading employees to hand over remote control before dropping EtherRAT trojan
Infosec buffs say Windows users could have been infected with a nasty trojan, while Mac users got off lightly
Hijacked maintainer account let attackers slip cross-platform trojan into 100M-downloads-a-week Axios Updated One of npm's most widely used HTTP client libraries briefly became a malware delivery vehicle after attackers hijacked a maintainer's account and slipped a remote-access trojan (RAT) into two seemingly legitimate axios releases, in what's being described as "one of the most impactful npm supply chain attacks on record."…
Some coyotes hunt squirrels, this one hunts users' financial apps A new variant of the Coyote banking trojan abuses Microsoft's UI Automation (UIA), making it the first reported malware to use UIA for credential theft.…
11M devices exposed to trojan, Kaspersky says The Necro trojan is once again making a move against Android users, with up to eleven million individuals thought to be exposed to infected apps.…
More malware scum using acessibility features to steal personal info Singapore-based infosec outfit Group-IB on Thursday released details of a new Android trojan that exploits the operating system's accessibility features to steal info that enables theft of personal information.…
Banking trojan still going strong as feds put bulletproof hosting point man behind bars The last of the three men said to be responsible for infecting Windows computers with the banking trojan Gozi has been sentenced to three years.…
Operators stay ahead of defenders with new access methods and C2 infrastructure The Qbot malware operation – which started more than a decade ago as banking trojan only to evolve into a backdoor and a delivery system for ransomware and other threats – continues to deftly adapt its techniques to stay ahead of security pros, according to a new report.…
Malware-seekers were diverted to the Feds, severing a Croatian connection International law enforcement agencies have claimed another victory over cyber criminals, after seizing the website, and taking down the infrastructure operated by crims linked to the NetWire remote access trojan (RAT).…
Any act that sends so much as a ruble to seven named netizens now forbidden The US and UK have sanctioned seven Russians for their alleged roles in disseminating Conti and Ryuk ransomware and the Trickbot banking trojan.…
No horse heads in beds...that we know of Crooks are using an Android banking Trojan dubbed Godfather to steal from banking and cryptocurrency exchange app users in 16 countries, according to Group-IB security researchers…
Insert your Trojan joke here Security researchers at Microsoft have discovered a bug in macOS that lets malicious apps bypass Apple's Gatekeeper security software "for initial access by malware and other threats." …
Smells like Russian miscreants A type of cryptomining malware targeting Linux-based systems has added capabilities by incorporating an open source remote access trojan called Chaos RAT with several advanced functions that bad guys can use to control remote operating systems.…
Info-stealing trojan is hidden in malicious PyPI packages on GitHub WASP malware is using steganography and polymorphism to evade detection with malicious Python packages designed to steal credentials, personal information, and cryptocurrency.…
And one designed to slip ransomware and data-stealing code onto infected machines URSNIF, the malware also known as Gozi that attempts to steal online banking credentials from victims' Windows PCs, is evolving to support extortionware.…
Beware what could be hiding in those LNK shortcuts A tool sold on the dark web that allows cybercriminals to build malicious shortcuts for delivering malware is being used in a campaign pushing a longtime .NET keylogger and remote access trojan (RAT) named Agent Tesla.…
Ah, nothing like a classic Trojan horse Watch out: someone is spreading cryptocurrency-mining malware disguised as legitimate-looking applications, such as Google Translate, on free software download sites and through Google searches.…
Euro man allegedly known as 'Virus' faces years behind bars if convicted A man suspected of providing the IT infrastructure behind the Gozi banking trojan has been extradited to the US to face a string of computer fraud charges.…
Crimeware groups are re-inventing themselves The criminals behind the Emotet botnet – which rose to fame as a banking trojan before evolving into spamming and malware delivery – are now using it to target credit card information stored in the Chrome web browser.…
Plus: Android trojan in 100,000+ app installs, Solaris malware Cybersecurity researchers with Cisco have outlined probable links between the BlackMatter/DarkSide ransomware ring responsible for last year's high-profile raid on the Colonial Pipeline, and an emerging ransomware-as-a-service product dubbed BlackCat.…