Tag: Threats

JsTimer Extension Virus – Easy Removal Instructions

JsTimer may appear just annoying, until you have a look at things it comes together with

JsTimer is a malicious browser extension detected in various browsers, predominantly targeting users through dubious websites. This extension engages in peculiar behavior by blocking access to the Chrome Web Store, which, although seemingly trivial at first, raises significant concerns when paired with other similarly distributed extensions. Malicious browser extensions are not a novel threat; however,… Continue reading JsTimer Extension Virus – Easy Removal Instructions

Funny Tool Redirect Extension Virus – Easy Removal Instructions

Funny Tool Redirect may appear just annoying, until you have a look at things it comes together with

Funny Tool Redirect is a malicious browser extension that you may see installed in your browser. It spreads through dodgy websites and does a rather unusual mischief: blocking access to the Chrome Web Store. While being not a big deal at a first glance, its unwanted appearance, along with other extensions (like JsTimer) that spread… Continue reading Funny Tool Redirect Extension Virus – Easy Removal Instructions

EDRKillShifter Malware: New EDR Killer Tool in Ransomware Actors’ Toolkit

Researchers analysed a new anti-EDR toolkit used by ransomware actors

Recent research uncovers a new anti-EDR utility in the arsenal of malware actors, nicknamed EDRKillShifter. Its main known user to the moment is the RansomHub ransomware gang. Though, it is likely for other threat actors to adopt this tool, as similar utilities have immense popularity among cybercriminals nowadays. EDRKillShifter Used in Ransomware Attacks Research team… Continue reading EDRKillShifter Malware: New EDR Killer Tool in Ransomware Actors’ Toolkit

Fake Google Authenticator Abuses Google Ads, Spreads Malware

Hackers abuse Google Search Ads to deploy backdoors, pretending to be Google

Cybercriminals promote a fake Google Authenticator page through ads in Google Search. According to the report, they use a tricky scheme to hide the fraudulent domain and make the ad contain a genuine URL. The resulting page, which looks exactly like the original Google Authenticator one, downloads a malicious file. Fake Google Authenticator Downloading Page… Continue reading Fake Google Authenticator Abuses Google Ads, Spreads Malware

2024 Olympic Cyberattack Risks: What Should We Expect

The biggest event of 2024. What can go wrong?

The Olympic Games is a massive sporting event that attracts billions of people worldwide. But where there are thousands of people – fans and supporters; there are also cybercriminals. Such events have always caused a spike in the number of cyberattacks of different kinds. In this post, we will discuss exactly this – risks of… Continue reading 2024 Olympic Cyberattack Risks: What Should We Expect

What is Infostealer Malware? Top 5 Stealers in 2024

Infostealer malware such as RedLine, Vidar, and Lumma all gather credentials from various sources on a computers.

The Cybercrime world changes rapidly – both by expanding, collapsing, and evolving extensively and intensively. One of the most massive malware types in the modern threat landscape – Infostealer Malware – appears to enter a new stage of development. Though its major names remain the same, some new malware families with promising features popped out.… Continue reading What is Infostealer Malware? Top 5 Stealers in 2024

Docker API Vulnerability Exploited in Cryptojacking Campaign

"Commando Cat" Cryptojacking Campaign Targets Vulnerable Docker APIs

A new campaign named “Commando Cat” uses a Docker API vulnerability. It uses Docker to gain initial access to a system and then deploys a series of malicious payloads. This leads to cryptocurrency mining on compromised hosts. Docker API Vulnerability Exploited Investigators have discovered a new malware campaign aimed at Docker API endpoints. The malware… Continue reading Docker API Vulnerability Exploited in Cryptojacking Campaign

Mispadu Banking Trojan Exploits SmartScreen Flaw

One more malware family makes use of CVE-2023-36025

Recent research uncovers a new sample of Mispadu malware that uses a SmartScreen bypass flaw to integrate itself into the system. This banking trojan from 2019 uses the vulnerability discovered in late 2023 to target mainly LATAM users. Mispadu Trojan Uses SmartScreen Bypass The extensive research regarding Mispadu malware done by Unit 42, among other… Continue reading Mispadu Banking Trojan Exploits SmartScreen Flaw

CrackedCantil Dropper Delivers Numerous Malware

CrackedCantil is a versatile dropper malware, capable of unleashing multiple malicious payloads.

CrackedCantil is a unique dropper malware sample that operates with a wide variety of malware families. Infecting with one may effectively mean up to five other malware types running in the system. Let’s break down on what it is, how it spreads, and why it is so dangerous. What is CrackedCantil? CrackedCantil is a dropper… Continue reading CrackedCantil Dropper Delivers Numerous Malware

What is a Bootkit? Explanation & Protection Guide

Bootkit one of the most hidden types of malware, despite being one of the most potent and severe ones

Bootkit is a rather unusual and unspoken, though widely used kind of malware. These advanced malware types operate beneath the surface, embedding themselves in a computer’s boot sector, allowing them to activate before the operating system (OS) even starts. But why do they need such a deep integration? And where are they used? Let’s find… Continue reading What is a Bootkit? Explanation & Protection Guide