⚡ Weekly Recap: Browser Bugs, EDR Killers, TV Botnet, OpenBSD Flaw, Android Trojan, and More
It’s Monday again
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
It’s Monday again
Rhadamanthys, VenomRAT and Elysium Targeted in OperationA multinational law enforcement operation resulted in the arrest of a remote access Trojan operator and the seizure of over 1,000 info stealer and botnet servers. Authorities took down 1,025 servers associated with the Rhadamanthys infostealer, the Venom RAT and a botnet dubbed Elysium.
A global law enforcement operation has taken down the Rhadamanthys infostealer, VenomRAT trojan and the Elysium botnet
Cybersecurity researchers have discovered a nascent Android remote access trojan (RAT) called PlayPraetor that has infected more than 11,000 devices, primarily across Portugal, Spain, France, Morocco, Peru, and Hong Kong
Off-Brand Android Devices Come Infrected With A TrojanA botnet infected more than 1 million off-brand Android devices manufactured in China, reached consumers with a backdoor already installed. Scammers used the devices for programmatic ad fraud, click fraud and converting the devices into a residential proxy.
Chinese-speaking adversaries are using a fresh Android banking Trojan to take over devices and initiate fraudulent money transfers from financial institutions across Latin America, Italy, Portugal, and Spain.
Qakbot Wouldn't Be the First Trojan to Come Back After a TakedownTakedowns aren't always forever in cyberspace. Months after a U.S. law enforcement operation dismantled the notorious Qakbot botnet, security researchers said signs are pointing to a resurgence. Someone with access to the Qakbot - also known as Qbot - source code is experimenting with new builds.
The remote access trojan (RAT) known as Remcos RAT has been found being propagated via webhards by disguising it as adult-themed games in South Korea
Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. Now new findings reveal that AVrecon is the malware engine behind a 12-year-old service called SocksEscort, which rents hacked residential and small business devices to cybercriminals looking to hide their true location online.
A surge in TrueBot activity was observed in May 2023, cybersecurity researchers disclosed
A previously unknown campaign involving the Hotabot botnet malware has targeted Spanish-speaking users in Latin America since at least November 2020, infecting them with a banking trojan and spam tool. [...]
The Emotet malware is now being leveraged by ransomware-as-a-service (RaaS) groups, including Quantum and BlackCat, after Conti's official retirement from the threat landscape this year
Crimeware groups are re-inventing themselves The criminals behind the Emotet botnet – which rose to fame as a banking trojan before evolving into spamming and malware delivery – are now using it to target credit card information stored in the Chrome web browser.…
A Linux botnet malware known as XorDdos has witnessed a 254% surge in activity over the last six months, according to latest research from Microsoft
The banking Trojan-turned-ransomware-distribution tool has been a potent threat since late 2019.
One of the most dangerous and infamous threats is back again. In January 2021, global officials took down the botnet. Law enforcement sent a destructive update to the Emotet's executables. And it looked like the end of the trojan's story. But the malware never ceased to surprise. November 2021, it was reported that TrickBot no longer works alone and delivers Emotet. And ANY.RUN with colleagues