Tag: Threats

Android Malware Mimics VPN, Netflix and Over 60k of Other Apps

Malicious apps on Android use the guise of utilities and popular programs

Android is an open operating system. This is an advantage and a disadvantage. Cybersecurity technology experts recently discovered a widespread Android malware campaign. And given the scale of this campaign, it looks likely that it has been fully automated. A few words about Android malware As we know, the Android operating system is based on… Continue reading Android Malware Mimics VPN, Netflix and Over 60k of Other Apps

Conti Ransomware Heritage in 2023 – What is Left?

One wrong action can ruin a name forever, no matter how powerful it may be

Ransomware groups come and go, but the people behind them continue to use their hacking and extortion skills in new operations. For example, former members of the now-defunct Russian-language ransomware group Conti continue to conduct their dirty business under many other “sub-brands”. Conti Ransomware in a nutshell Conti ransomware, led by Russia-based threat actors, appeared… Continue reading Conti Ransomware Heritage in 2023 – What is Left?

New MDBotnet Malware Rapidly Expands a DDoS Network

Botnet of a new malware strain, called MDBotnet, is already used in HTTP GET/SYN flood attacks

MDBotnet is a new malware strain that appears to be a backbone of a botnet, used in DDoS-as-a-Service attacks. Being a backdoor biassed towards networking commands, it appears to be another sample of russian malware. Analysts already report about the IPs related to this botnet being used in DDoS attacks. Let’s see why it is… Continue reading New MDBotnet Malware Rapidly Expands a DDoS Network

PyPI Malware Storm Forces to Suspend New Uploads

Numerous malicious uploads threaten all users who use the platform

Python Package Index, a software repository for Python developers, recently faced a massive attack. An enormous flow of malicious uploads forced the administration of the project to suspend both new uploads and new users registration. This crisis peaked on May 20, 2023, when project masters released the note regarding the current state of things. What… Continue reading PyPI Malware Storm Forces to Suspend New Uploads

3 Unpopular Malware Spreading Ways in 2023

It is very important to take into account evolution processes in malware spreading ways

The modern Internet space is like an endless ocean, where every wave can hide a danger. If you think you know all the possible types of scams, viruses, and attacks, then get ready for some surprises. Fraudsters are constantly inventing new and unexpected methods for propagating their malware. I found 3 most unusual, yet pretty… Continue reading 3 Unpopular Malware Spreading Ways in 2023

Visual Studio Code Malicious Plugins Steal Personal Data

Detected items scored almost 50k downloads in total

Some plugins for Visual Studio Code, a popular code editing tool developed by Microsoft, appear to have malicious code. In particular, a one with over 45,000 downloads is capable stealing personal data. Community alarm forced the quick removal of these pests, but it can be the first sprout of something bigger. What is VS Code… Continue reading Visual Studio Code Malicious Plugins Steal Personal Data

RedLine Stealer Issues 100,000 Samples – What is Happening?

There could be quite a lot of applications for 100,000 samples of malware

Throughout the entire early May 2023, GridinSoft analysts team observed an anomalous activity of RedLine stealer. It is, actually, an activity different from what we used to know. Over 100,000 samples of this malware appeared through the first 12 days of the month – that is too much even for more massive threats. Needless to… Continue reading RedLine Stealer Issues 100,000 Samples – What is Happening?

Rorschach Ransomware Analysis

Rorschach ransomware is an amalgamation of best elements of other ransomware

Recent research from the CheckPoint Research team revealed a new ransomware sample that can potentially beat all samples currently present on the market. They coined it Rorschach, and already say that its unique properties can make it dominant ransomware pretty quickly. We told about this malware in a recent news post, and now it’s time… Continue reading Rorschach Ransomware Analysis

BlackGuard Receives Update, Targets More Cryptowallets

BlackGuard is now able to attack up to 57 crypto wallets and extensions

BlackGuard, a prolific infostealer malware, received an update at the edge of 2023. The new update introduced advanced data-stealing capabilities and secure connectivity features. The new version also includes a row of new anti-detection and anti-analysis capabilities. Let’s have a more detailed look into this malware and see the difference from all aspects. BlackGuard Stealer… Continue reading BlackGuard Receives Update, Targets More Cryptowallets

ImBetter: New Information Stealer Spotted Targeting Cryptocurrency Users

Phishing sites trick users into downloading ImBetter Stealer.

Today, phishing sites are commonplace. But unfortunately, this seemingly old, deceptive tactic, which everyone seemed to have figured out long ago, still brings enormous profits to scammers today. The problem is that while Internet users are becoming more cautious, cyber scammers are developing more sophisticated ways to trick them. One such method is ImBetter malware.… Continue reading ImBetter: New Information Stealer Spotted Targeting Cryptocurrency Users