The developers of the DirtyMoe botnet (which was assessed as insignificant) added to it a worm-like spreading module, after which the malware infected more than 100,000 Windows systems. The DirtyMoe botnet which allegedly runs from China, has grown exponentially over the past year. If in 2020 it consisted of 10 thousand infected systems, then in… Continue reading Previously assessed as insignificant, DirtyMoe botnet infected over 100,000 Windows systems
Tag: Malware
TeamTNT mining botnet infected over 50,000 systems in three months
Trend Micro warns that since March 2021, the TeamTNT mining botnet from the same-named group has successfully compromised more than 50,000 systems. The TeamTNT group has been active since at least April 2020 and started with attacks on incorrectly configured Docker installations, infecting them with miners and bots for DDoS attacks. Then it became known… Continue reading TeamTNT mining botnet infected over 50,000 systems in three months
Hackers infected the Android emulator NoxPlayer with malware
UPDATE: BigNox contacted us and said that they “contacted cybersecurity firm ESET to determine the root cause of the issue,” and at this point “fixed all issues” ESET has released an update to the article stating that hackers have infected the android NoxPlayer emulator with malware, and we are also adding following information: “BigNox stated… Continue reading Hackers infected the Android emulator NoxPlayer with malware
What is the worst computer virus? Figuring out
Worst computer virus – what is it? Seems that anyone who has ever been infected asks this question. And each user will think that his case was more severe than someone’s else. Is that true? And which virus is really the worst? It is important to mention that computer viruses are not only “viruses”. Nowadays,… Continue reading What is the worst computer virus? Figuring out
Microsoft: Supernova and CosmicGale malware detected on systems running SolarWinds
Continue studies oт large-scale attack on the supply chain, for which attackers compromised SolarWinds and its Orion platform. It seems that experts have now discovered another hack group that used SolarWinds software to host Supernova and CosmicGale malware on corporate and government networks. Let me remind you that the malware used in the original attack… Continue reading Microsoft: Supernova and CosmicGale malware detected on systems running SolarWinds
Malicious packages found in RubyGems repository again
Sonatype experts have discovered the pretty_color and ruby-bitcoin malicious packages in the official RubyGems repository. The malware has already been removed from the platform. The malware hidden in the mentioned packages targeted Windows machines and replaced the addresses of any cryptocurrency wallets in the clipboard with the attackers’ wallet address. In essence, the malware helped… Continue reading Malicious packages found in RubyGems repository again
New T-RAT malware can be controlled via Telegram
G DATA’s specialists have published a report on the new T-RAT malware, which is being distributed for only $45. The main feature of the malware is that T-RAT allows controlling infected systems through the Telegram channel, and not through the web administration panel, as it is usually done. Malware creators claim that this provides faster… Continue reading New T-RAT malware can be controlled via Telegram
Alien malware steals passwords from 226 Android apps
ThreatFabric analysts have discovered a new Android malware Alien. The malware primarily targets banking applications. Overall, Alien steals passwords and other credentials from 226 apps. Alien is sold on hacker forums under the MaaS scheme (Malware-as-a-Service). At the same time, the malware was not developed from scratch, it is based on the source codes of… Continue reading Alien malware steals passwords from 226 Android apps
KryptoCibule malware steals cryptocurrency from Windows users
ESET specialists discovered the KryptoCibule malware, which has been active since 2018 and steals cryptocurrency from Windows users in the Czech Republic and Slovakia (these countries accounted for 85% of infections). KryptoCibule has three main functions and is capable of: installing cryptocurrency miners on victims’ systems (CPU and GPU miners are used to mine Monero… Continue reading KryptoCibule malware steals cryptocurrency from Windows users
Shlayer malware bypassed Apple security checks
Security expert Peter Dantini discovered that the Shlayer malware bypassed Apple’s checks: it successfully passed the software notarization process and could run on any Mac running macOS Catalina and newer. In February of this year, Apple introduced a new security mechanism: any Mac software distributed outside the App Store must go through a notarization process… Continue reading Shlayer malware bypassed Apple security checks