Black Basta Ransomware Teams Up with Malware Stalwart Qbot
The novel cybercriminal group tapped the ever-evolving info-stealing trojan to move laterally on a network in a recent attack, researchers have found.
Coverage of Trojan malware examines reported incidents, technical analysis, infrastructure, disruption efforts, and defensive guidance for reducing cyber risk.
Search across headline titles and summaries.
Background for this topic.
A Trojan is malware that masquerades as legitimate, useful, or necessary software so a user or process runs it. “Trojan” describes a delivery or deception technique rather than one malware family; capabilities vary by sample and may include credential theft, surveillance, file manipulation, or remote access. Unlike self-propagating malware, a Trojan generally depends on being installed or executed through some other means.
Security analysis should identify the specific family and executable behavior rather than treating every Trojan as equivalent. Material concerns include untrusted software and tampered installers, execution under excessive privileges, and unauthorized persistence or access to sensitive data. Defenses include using trusted software sources and code-signature or application-control checks, limiting user privileges, monitoring endpoint process and network activity, and isolating suspected hosts. After detection, preserve relevant evidence, remove persistence, assess credential exposure, and investigate other affected systems before returning the device to normal use.
Weekly headline count for the current query.
The novel cybercriminal group tapped the ever-evolving info-stealing trojan to move laterally on a network in a recent attack, researchers have found.
The info-stealing trojan used SMS messages and lifted contact credentials to spread with unprecedented speed across Android devices globally since December 2020.
The stealthy, feature-rich malware has multistage evasion tactics to fly under the radar of security analysis, researchers at Proofpoint have found.
The trojanized Craftsart Cartoon Photo Tools app is available in the official Android app store, but it's actually spyware capable of stealing any and all information from victims' social-media accounts.
Malicious Google Play apps have circumvented censorship by hiding trojans in software updates.
Microsoft detected cyberattacks launched against Ukraine hours before Russia’s tanks and missiles began to pummel the country last week.
The infamous trojan is likely making some major operational changes, researchers believe.
The overall number of attacks on mobile users is down, but they're getting slicker, both in terms of malware functionality and vectors, researchers say.
Researchers discovered a new, modular banking trojan with ties to Cerberus and Alien that has the capability to become a much larger threat than it is now.
Threat actors are infiltrating the increasingly popular collaboration app to attach malicious files to chat threads that drop system-hijacking malware.
The resurgent trojan has targeted 60 top companies to harvest credentials for a wide range of applications, with an eye to virulent follow-on attacks.
35K+ players were exposed to an auto-updater that planted a trojan that choked performance for fellow modders and Colossal Order employees.
Researchers from Proofpoint have spotted a new Middle East-targeted phishing campaign that delivers a novel malware dubbed NimbleMamba.
Two powerful trojans with spyware and RAT capabilities are being delivered in side-by-side campaigns using a common infrastructure.