Latest coverage for Malware
The Malware tag covers malware families, infrastructure analysis, incident impact, disruption efforts, and defensive guidance to reduce cybersecurity risk.
Refine the feed
Search across headline titles and summaries.
Tag briefing
Background for this topic.
Malware is software intentionally created or modified to perform unauthorized or harmful actions on a computer, device, or network. The term covers distinct families and functions, including viruses, worms, trojans, spyware, botnet clients, and ransomware; a single sample may combine several capabilities. Its behavior—not its label—determines the security concern: it may execute code, persist, alter or encrypt data, steal credentials, or provide unauthorized remote access.
For practitioners, malware reporting is most useful when it identifies the family or tool conservatively and provides evidence such as affected platforms, samples, infrastructure, or observed behavior. Defenses include promptly patching vulnerable software, restricting execution and privileges, monitoring endpoints and networks, maintaining tested backups, and isolating suspected systems for analysis. Detection should use behavior and verified indicators rather than names alone, since variants change. If malware processes personal or regulated data, investigations should also address privacy, evidence preservation, and applicable reporting obligations.
Mac Malware Threat: Hackers Seek Cryptocurrency Holders
Lazarus Group in Particular Using Cross-Platform Languages to Hit macOS TargetsCryptocurrency-seeking hackers are increasingly targeting macOS users. So warn security researchers as they track a rise in macOS backdoors and information-stealing malware, much of which traces back to a well-known cryptocurrency heist culprit: North Korea.
FakeCall Malware Menaces Android Devices
Government Sector Suffers 236% Surge in Malware Attacks
Malware-related attacks against global government organizations increased 236% year-on-year in Q1 2024, according to SonicWall
Updated FakeCall Malware Targets Mobile Devices with Vishing
The new FakeCall variant uses advanced vishing tactics, featuring Bluetooth for device monitoring
Vishing, Mishing Go Next-Level With FakeCall Android Malware
A new variant of the sophisticated attacker tool gives cybercriminals even more control over victim devices to conduct various malicious activities, including fraud and cyber espionage.
Android malware "FakeCall" now reroutes bank calls to attackers
A new version of the FakeCall malware for Android hijacks outgoing calls from a user to their bank, redirecting them to the attacker's phone number instead. [...]
Malvertising Campaign Hijacks Facebook Accounts to Spread SYS01stealer Malware
Cybersecurity researchers have uncovered an ongoing malvertising campaign that abuses Meta's advertising platform and hijacked Facebook accounts to distribute information known as SYS01stealer
Uncle Sam outs a Russian accused of developing Redline infostealing malware
Or: why using the same iCloud account for malware development and gaming is a bad idea The US government has named and charged a Russian national, Maxim Rudometov, with allegedly developing and administering the notorious Redline infostealer. …
Russian Indicted by US for Developing Redline Infostealer
Unsealed Complaint Charges Maxim Rudometov With Developing and Selling MalwareAn international crackdown against two prominent strains of information-stealing malware continues, as the U.S. government unsealed an indictment charging Russian national Maxim Rudometov with being a developer and administrator of the Redline infostealer tied to millions of stolen credentials.
Belgian cops cuff 2 suspected cybercrooks in Redline, Meta infostealer sting
US also charges an alleged Redline dev, no mention of an arrest International law enforcement officials have arrested two individuals and charged another in connection with the use and distribution of the Redline and Meta infostealer malware strains.…
Kremlin-Backed Hackers Have New Windows And Android Malware To Foist On Ukrainian Foes
FBI, Partners Disrupt RedLine, Meta Stealer Operations
A collaboration with the FBI and law-enforcement agencies in Europe, the UK, and Australia, Operation Magnus has seized servers and source code related to the two malware families, which have stolen data from millions of victims worldwide.
Russian charged by U.S. for creating RedLine infostealer malware
The United States announced charges today against Maxim Rudometov, a Russian national, for being the suspected developer and administrator of the RedLine malware operation, one of the most prolific infostealers over the past few years. [...]
Russia Kneecaps Ukraine Army Recruitment With Spoofed 'Civil Defense' App
Posing as an application used to locate Ukrainian military recruiters, a Kremlin-backed hacking initiative delivers malware, along with disinformation designed to undermine sign-ups for soldiers in the war against Russia.
Russia Tied to Ukrainian Military Recruit Malware Targeting
Anti-Mobilization Messaging Lead to Malware-Pushing 'Civil Defense' SitePotential Ukrainian military recruits are being targeted by a "hybrid espionage and information operation" - likely Russian - involving Telegram anti-mobilization messaging and a "Civil Defense" website designed to distribute Windows and Android malware, warns Google's Threat Intelligence Group.
Russia targets Ukrainian conscripts with Windows, Android malware
A hybrid espionage/influence campaign conducted by the Russian threat group 'UNC5812' has been uncovered, targeting Ukrainian military recruits with Windows and Android malware. [...]
Russian Malware Campaign Targets Ukrainian Recruits Via Telegram
Google researchers have observed Russian threat actor UNC5812 using a malware campaign via Telegram to access the devices of Ukrainian military recruits
Dutch Police and FBI Infiltrate Info-Stealer Infrastructure
Cops Recover Redline, Meta Infostealer Data; Promise Criminal Users: 'See You Soon'The Dutch National Police, working with the FBI, say they've disrupted the Redline and Meta info-stealing malware services after obtaining "full access" to them, including source code and extensive details pertaining to their users, with follow-on "legal actions" now "underway."
Russian Espionage Group Targets Ukrainian Military with Malware via Telegram
A suspected Russian hybrid espionage and influence operation has been observed delivering a mix of Windows and Android malware to target the Ukrainian military under the Telegram persona Civil Defense