Cyberespionage Archives - GBHackers Security | #1 Globally Trusted Cyber Security News Platform

Threat Actors Using New Malware Toolkit That Involves IIS Backdoor, DNS Tunneling

Balaji — Thu, 12 Sep 2024 12:35:33 +0000

The Iranian threat actor APT34, also known as GreenBug, has recently launched a new campaign targeting Iraqi government entities by employing a custom toolset, including a novel IIS backdoor and DNS tunneling protocol. The malware used in this campaign shares similarities with previously reported APT34 malware families, such as Karkoff, Saitama, and IIS Group 2. […]

The post Threat Actors Using New Malware Toolkit That Involves IIS Backdoor, DNS Tunneling appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Chinese Hacker Groups Using Off-The-Shelf Tools To Deploy Ransomware

Aman Mishra — Fri, 28 Jun 2024 07:25:34 +0000

Cyberespionage actors are increasingly using ransomware as a final attack stage for financial gain, disruption, or to cover their tracks, as the report details previously undisclosed attacks by a suspected Chinese APT group, ChamelGang, who used CatB ransomware against a major Indian healthcare institution and the Brazilian Presidency in 2022. ChamelGang also targeted other government […]

The post Chinese Hacker Groups Using Off-The-Shelf Tools To Deploy Ransomware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Operation Celestial Force Employing Android And Windows Malware To Attack Indian Users

Aman Mishra — Mon, 17 Jun 2024 12:15:25 +0000

A Pakistani threat actor group, Cosmic Leopard, has been conducting a multi-year cyber espionage campaign named Operation Celestial Force, targeting Indian entities. Since 2018, they have used GravityRAT malware, initially for Windows and later for Android, which has been deployed through malicious documents and social engineering. In 2019, they expanded their toolkit with HeavyLift, a […]

The post Operation Celestial Force Employing Android And Windows Malware To Attack Indian Users appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Sticky Werewolf Weaponizing LNK Files Group Attacking To Attack Organizations

Aman Mishra — Sat, 08 Jun 2024 15:14:19 +0000

Sticky Werewolf, a cyber threat group, has shifted its targeting strategy from sending phishing emails with download links to malicious files to using archive attachments containing LNK files, which act as shortcuts to malicious executables hosted on WebDAV servers. When a user clicks on the LNK, a batch script is triggered, which in turn launches […]

The post Sticky Werewolf Weaponizing LNK Files Group Attacking To Attack Organizations appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Microsoft’s Exchange Server Hack: Key Rotation Flaw Triggers Breach

Gurubaran — Wed, 03 Apr 2024 12:36:52 +0000

Storm-0558, a cyberespionage group affiliated with the People’s Republic of China, has reportedly compromised Microsoft Exchange mailboxes of 22 organizations and over 500 individuals between May and June 2023. This was done by using authentication tokens of accounts that were signed by a Key held by Microsoft in 2016. This key was used for secure […]

The post Microsoft’s Exchange Server Hack: Key Rotation Flaw Triggers Breach appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Beware Of Weaponized Air Force invitation PDF Targeting Indian Defense And Energy Sectors

Raga Varshini — Fri, 29 Mar 2024 11:46:37 +0000

EclecticIQ cybersecurity researchers have uncovered a cyberespionage operation dubbed “Operation FlightNight” targeting Indian government entities and energy companies. The attackers, likely state-sponsored, leveraged a modified version of the open-source information stealer HackBrowserData to steal sensitive data. EclecticIQ identified that the attackers used Slack channels, a popular communication platform, as exfiltration points. These channels were named […]

The post Beware Of Weaponized Air Force invitation PDF Targeting Indian Defense And Energy Sectors appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Chinese Panda APT Hacking Websites To Infect Windows And MacOS Users

Gurubaran — Fri, 08 Mar 2024 09:53:26 +0000

Evasive Panda dubbed BRONZE HIGHLAND and Daggerfly, a Chinese-speaking APT group operating since at least 2012, has been spotted conducting cyberespionage targeting individuals in mainland China, Hong Kong, Macao, and Nigeria. Southeast and East Asian governments, notably those in China, Macao, Myanmar, the Philippines, Taiwan, and Vietnam, were the targets of attacks. The targets included other […]

The post Chinese Panda APT Hacking Websites To Infect Windows And MacOS Users appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

OilRig: Never-seen C#/.NET Backdoor to Attack Wide Range of Industries

Tushar Subhra — Mon, 25 Sep 2023 07:22:11 +0000

OilRig (APT34) is an Iranian cyberespionage group active since 2014, targeting Middle Eastern governments and various industries like:- OilRig launched DNSpionage in 2018-2019 against Lebanon and the UAE, followed by the 2019-2020 HardPass campaign using LinkedIn for energy and government sector targets. Recently, the cybersecurity researchers at ESET have identified and analyzed two OilRig APT […]

The post OilRig: Never-seen C#/.NET Backdoor to Attack Wide Range of Industries appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

BlackTech Hackers Group Using API Hooking Technique in Malware to Evade Detection & Attack Government Networks

Balaji — Fri, 13 Dec 2019 06:09:59 +0000

Cyberespionage group known as BlackTech who behind the Waterbear malware campaign that has been targeted at various industries several years return to attack Government and technology companies. Researchers recently uncovered a brand new piece of Waterbear payload with sophisticated hiding capability in the network from a specific security product by API hooking techniques. API hooking […]

The post BlackTech Hackers Group Using API Hooking Technique in Malware to Evade Detection & Attack Government Networks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.