Phishing
-
Read moreA new phishing campaign has been uncovered targeting Russian-speaking users, leveraging the Gophish framework to deliver two remote access trojans (RATs)—DarkCrystal RAT (DCRat) and a newly identified malware, PowerRAT. The campaign exploits phishing emails, malicious documents, and HTML pages to initiate infection chains, resulting in system compromise and data exfiltration. -
Read moreThe Bumblebee malware loader, believed to be a creation of TrickBot developers, has resurfaced after going silent following a law enforcement disruption in May 2024. New attacks tied to Bumblebee have been observed, signaling a possible resurgence of the malware. It continues to target victims through phishing and malvertising, delivering dangerous payloads like ransomware and information-stealing malware. -
Read moreA recently discovered phishing campaign is exploiting a stored cross-site scripting (XSS) vulnerability in the open-source Roundcube webmail software to steal login credentials. Threat actors are leveraging a now-patched flaw (CVE-2024-37383) via malicious emails, targeting government organizations in Commonwealth of Independent States (CIS) countries. The vulnerability, patched in May 2024, allowed attackers to execute JavaScript within victims' browsers, tricking them into revealing sensitive login information. -
Read moreA new ClickFix campaign is targeting users with fake Google Meet conference errors, luring them to download infostealing malware on both Windows and macOS systems. The campaign impersonates technical issues and prompts victims to run malicious PowerShell code, infecting devices with malware like Stealc, Rhadamanthys, and AMOS Stealer. -
Read moreNew variants of the TrickMo banking trojan can now capture Android unlock patterns and PINs, allowing attackers to access locked devices. By using a deceptive user interface that mimics the actual unlock screen, TrickMo tricks victims into revealing sensitive information. This malware can also steal one-time passwords (OTPs) and execute unauthorized transactions across various applications, reflecting a 29% increase in mobile attacks, particularly targeting users in India. -
Read moreA new phishing campaign targeting the insurance and finance sectors uses GitHub, Telegram bots, and ASCII QR codes to deliver malware and evade security measures. The attack leverages GitHub links and trusted repositories to distribute Remcos RAT, with the payload delivered via phishing emails. Additional techniques such as blob URLs and QR code-based phishing add complexity to detection, while Telegram bots facilitate scams on platforms like Booking.com and Airbnb. -
Posted: September 30, 2024Comments: 3Views: 193Read moreCyber fraudsters have devised a new tactic by misusing the 1930 toll-free helpline number, intended for reporting cybercrimes, to deceive unsuspecting individuals. In a recent case reported in Hyderabad, a complainant was duped of ₹29.55 lakh after being coerced into joining a fraudulent video call by criminals posing as law enforcement officials. -
Read moreIn September, there was an unprecedented surge in ransomware activity, which came after a period of reduced activity in August, -
.png)
Posted: October 21, 2023Views: 32Read moreExelaStealer, a brand-new information thief, has joined an already crowded field of commercial malware meant to steal sensitive information from -
.png)
Posted: September 01, 2023Views: 735Read moreThe recent news of hackers using OTP APIs for SMS bombing and 44 Indian APIs being exposed is a matter
Recent Posts
