Cryptocurrency hack Archives - GBHackers Security | #1 Globally Trusted Cyber Security News Platform

New Android Malware SpyAgent Taking Screenshots Of User’s Devices

Aman Mishra — Mon, 11 Nov 2024 11:02:45 +0000

SpyAgent, a newly discovered Android malware, leverages OCR technology to extract cryptocurrency recovery phrases from screenshots stored on infected devices. By stealthily capturing screenshots, the malware bypasses traditional security measures that rely on text-based detection, which allows it to efficiently identify and exfiltrate sensitive information, posing a significant threat to cryptocurrency users. Cybercriminals are employing […]

The post New Android Malware SpyAgent Taking Screenshots Of User’s Devices appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

North Korean Hackers Employing New Tactic To Acruire Remote Jobs

Gurubaran — Wed, 06 Nov 2024 12:21:19 +0000

North Korean threat actors behind the Contagious Interview and WageMole campaigns have refined their tactics, enhancing the obfuscation of their scripts to evade detection. InvisibleFerret now boasts a dynamic RMM configuration and OS-specific persistence mechanisms, while Contagious Interview has expanded its arsenal with macOS applications, targeting a wider victim pool. These attacks have compromised over […]

The post North Korean Hackers Employing New Tactic To Acruire Remote Jobs appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Critical Atlassian Vulnerability Exploited To Connect Servers In Mining Networks

Raga Varshini — Tue, 03 Sep 2024 07:52:22 +0000

Hackers usually shift their attention towards Atlassian due to flaws in its software, especially in products like Confluence, which put organizations’ private data at risk. There are many exploits accessible over the Internet, and the ease of the attack vector is one reason that Atlassian servers are one of the desirable attack points. Cybersecurity researchers […]

The post Critical Atlassian Vulnerability Exploited To Connect Servers In Mining Networks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Log4j Vulnerability Exploited Again To Deploy Crypto-Mining Malware

Kaaviya — Thu, 22 Aug 2024 09:48:13 +0000

Recent attacks exploit the Log4j vulnerability (Log4Shell) by sending obfuscated LDAP requests to trigger malicious script execution, which establishes persistence, gathers system information, and exfiltrates data. To maintain control, multiple backdoors and encrypted communication channels are established, while the attack’s persistence and ability to evade detection highlight the ongoing threat posed by the Log4j vulnerability. […]

The post Log4j Vulnerability Exploited Again To Deploy Crypto-Mining Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Hackers Abused StackExchange Platform To Deliuver Malicious Python Package

Aman Mishra — Mon, 05 Aug 2024 11:11:54 +0000

Attackers uploaded malicious Python packages targeting Raydium and Solana users to PyPI, leveraging a StackExchange post to distribute the malware. The multi-stage malware stole sensitive data, drained cryptocurrency wallets, and established persistent backdoor access, bypassing Windows security protections, underscoring the vulnerability of software supply chains and the ineffectiveness of traditional endpoint security solutions against modern […]

The post Hackers Abused StackExchange Platform To Deliuver Malicious Python Package appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Beware Of Malicious Crypto Management App That Drains Your Wallet

Aman Mishra — Thu, 01 Aug 2024 09:36:29 +0000

A forwarded Telegram video advertises heavily discounted, high-profile cryptocurrency projects, enticing viewers with links to a seemingly legitimate second-tier exchange and a concealed malicious link. Through the use of this social engineering strategy, which is intended to lull victims into a false sense of security, users are most likely directed to a fraudulent platform to […]

The post Beware Of Malicious Crypto Management App That Drains Your Wallet appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

ViperSoftX Weaponizing AutoIt & CLR For Stealthy PowerShell Execution

Tushar Subhra — Mon, 15 Jul 2024 08:01:55 +0000

ViperSoftX is an advanced malware that has become more complicated since its recognition in 2020, to the extent that eBooks are used on Torrent sites to spread across systems. Unlike other kinds of malware developers who mainly focus on developing new code instead of improving evasion techniques, ViperSoftX’s creators make use of various components from […]

The post ViperSoftX Weaponizing AutoIt & CLR For Stealthy PowerShell Execution appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Hackers Employing New Techniques To Attack Docker API

Gurubaran — Mon, 17 Jun 2024 07:53:10 +0000

Attackers behind Spinning YARN launched a new cryptojacking campaign targeting publicly exposed Docker Engine hosts by using new binaries chkstart (remote access with payload execution), exeremo (lateral movement through SSH), and vurld (Go downloader for malware retrieval) and a persistence mechanism that modifies systemd services with ExecStartPost for malicious commands. It targets Docker API endpoints […]

The post Hackers Employing New Techniques To Attack Docker API appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

8220 Gang Exploiting Oracle WebLogic Server Flaw To Deploy Cryptominer

Tushar Subhra — Mon, 03 Jun 2024 11:50:14 +0000

The Oracle WebLogic Server vulnerabilities enable hackers to access unauthorized systems that are used for business data and applications. This can enable threat actors to bring in external programs and complete system control, consequently assuming admin privileges. The end result is a breach of information, denial of service attacks, or network propagation of malicious software, […]

The post 8220 Gang Exploiting Oracle WebLogic Server Flaw To Deploy Cryptominer appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Kinsing Malware Attacking Apache Tomcat Server With Vulnerabilities

Tushar Subhra — Fri, 24 May 2024 12:28:58 +0000

The scalability and flexibility of cloud platforms recently boosted the emerging trend of cryptomining attacks in the cloud. Unlike on-premises infrastructure, whereby it is difficult to scale up resources, cloud environments enable attackers to deploy resources for cryptomining rapidly, making exploitation easier. One of the most common threats of cloud cryptomining is “Kinsing malware.” Cybersecurity […]

The post Kinsing Malware Attacking Apache Tomcat Server With Vulnerabilities appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.