FBI's Most-Wanted Zeus and IcedID Malware Mastermind Pleads Guilty
A Ukrainian national has pleaded guilty in the U.S. to his role in two different malware schemes, Zeus and IcedID, between May 2009 and February 2021
The Malware tag covers malware families, infrastructure analysis, incident impact, disruption efforts, and defensive guidance to reduce cybersecurity risk.
Search across headline titles and summaries.
Background for this topic.
Malware is software intentionally created or modified to perform unauthorized or harmful actions on a computer, device, or network. The term covers distinct families and functions, including viruses, worms, trojans, spyware, botnet clients, and ransomware; a single sample may combine several capabilities. Its behavior—not its label—determines the security concern: it may execute code, persist, alter or encrypt data, steal credentials, or provide unauthorized remote access.
For practitioners, malware reporting is most useful when it identifies the family or tool conservatively and provides evidence such as affected platforms, samples, infrastructure, or observed behavior. Defenses include promptly patching vulnerable software, restricting execution and privileges, monitoring endpoints and networks, maintaining tested backups, and isolating suspected systems for analysis. Detection should use behavior and verified indicators rather than names alone, since variants change. If malware processes personal or regulated data, investigations should also address privacy, evidence preservation, and applicable reporting obligations.
A Ukrainian national has pleaded guilty in the U.S. to his role in two different malware schemes, Zeus and IcedID, between May 2009 and February 2021
Cool, but it's 2024 – needs more hype, hand wringing, and flashy staged demos to be proper ML Google has open sourced Magika, an in-house machine-learning-powered file identifier, as part of its AI Cyber Defense Initiative, which aims to give IT network defenders and others better automated tools.…
Mark Sokolovsky Has Fought Extradition From the Netherlands Since March 2022 ArrestA Dutch court extradited a Ukrainian national to the United States, where he faces criminal charges related to his role in the malware-as-a-service Raccoon Stealer. The extradition of Mark Sokolovsky, 28, comes nearly two years after Netherlands police arrested him in March 2022.
Nearly a decade on the FBI’s Cyber Most Wanted List after getting banks to empty vics' accounts A Ukrainian cybercrime kingpin who ran some of the most pervasive malware operations faces 40 years in prison after spending nearly a decade on the FBI's Cyber Most Wanted List.…
Several companies operating in the cryptocurrency sector are the target of a newly discovered Apple macOS backdoor codenamed RustDoor
Cybercriminals are increasingly using PDFs to deliver malware, with a 7% rise in threats detected in Q4 2023 compared to Q1, according to a HP Wolf Security report
Ukrainian national Vyacheslav Igorevich Penchukov, one of the heads of the notorious JabberZeus cybercrime gang, has pleaded guilty to charges related to his leadership roles in the Zeus and IcedID malware groups. [...]
Southeast Asia is learning the hard way that biometric scans are nearly as easy to bypass as other kinds of authentication data, thanks to a creative banking Trojan.
The feds disrupted a Russian intelligence SOHO router botnet notable for being built with Moobot malware rather than custom code.
GRU Hackers Commandeered 'Moobot' for CyberespionageThe U.S. federal government says it disrupted a criminal botnet that Russian military intelligence had converted into a platform for global cyberespionage. The malware targets Linux-based IoT devices - in this case, routers made by New York manufacturer Ubiquiti.
GoldPickaxe Malware Can Record User’s Face - Use Video to Commit Deepfake ScamsA Chinese-speaking cybercrime group with the codename GoldFactory has built a new Android and iOS banking Trojan, GoldPickaxe, that can harvest and steal personal details, including biometric face profiles, that attackers use to create AI-driven deepfakes to fool bank defenses, researchers warn.
A new Fortinet analysis revealed a plethora of final-stage payloads delivered by a series of malware droppers
A spate of recent cyber-espionage attacks showcases Turla's brand-new modular custom malware, and an expansion of the state-sponsored group's scope of targets.
Security researchers have identified and analyzed new malware they call TinyTurla-NG and TurlaPower-NG used by the Russian hacker group Turla to maintain access to a target's network and to steal sensitive data. [...]
Deepfake-enabled attacks against Android and iOS users are netting criminals serious cash Cybercriminals are targeting iOS users with malware that steals Face ID scans to break into and pilfer money from bank accounts – thought to be a world first.…
The developer of Qakbot malware, or someone with access to the source code, seems to be experimenting with new builds as fresh samples have been observed in email campaigns since mid-December. [...]
A Chinese-speaking threat actor codenamed GoldFactory has been attributed to the development of highly sophisticated banking trojans, including a previously undocumented iOS malware called GoldPickaxe that's capable of harvesting identity documents, facial recognition data, and intercepting SMS
Now that's what you call dual-use tech Cyber baddies have turned to ad networks to measure malware deployment and to avoid detection, according to HP Wolf Security.…
A new iOS and Android trojan named 'GoldPickaxe' employs a social engineering scheme to trick victims into scanning their faces and ID documents, which are believed to be used to generate deepfakes for unauthorized banking access. [...]