Malware Archives - GBHackers Security | #1 Globally Trusted Cyber Security News Platform

New Android Malware SpyAgent Taking Screenshots Of User’s Devices

Aman Mishra — Mon, 11 Nov 2024 11:02:45 +0000

SpyAgent, a newly discovered Android malware, leverages OCR technology to extract cryptocurrency recovery phrases from screenshots stored on infected devices. By stealthily capturing screenshots, the malware bypasses traditional security measures that rely on text-based detection, which allows it to efficiently identify and exfiltrate sensitive information, posing a significant threat to cryptocurrency users. Cybercriminals are employing […]

The post New Android Malware SpyAgent Taking Screenshots Of User’s Devices appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

HookBot Malware Use Overlay Attacks Impersonate As Popular Brands To Steal Data

Aman Mishra — Wed, 06 Nov 2024 12:14:27 +0000

The HookBot malware family employs overlay attacks to trick users into revealing sensitive information by impersonating various brands and apps to gain trust. It also utilizes C2 servers to receive updates and evolve continuously. A builder tool empowers threat actors to create custom HookBot apps as the malware is often distributed through Telegram, where it’s […]

The post HookBot Malware Use Overlay Attacks Impersonate As Popular Brands To Steal Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

ToxicPanda Banking Malware Attacking Banking Users To Steal Logins

Aman Mishra — Wed, 06 Nov 2024 12:11:04 +0000

Recent research has uncovered a new strain of malware developed for Android devices, initially misidentified as TgToxic. Despite sharing some bot command similarities, this malware, now dubbed ToxicPanda, exhibits significant code divergence from its original source. It lacks key TgToxic capabilities and possesses placeholder commands without functional implementation. The malware leverages Remote Access capabilities to […]

The post ToxicPanda Banking Malware Attacking Banking Users To Steal Logins appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

APT36 Hackers Attacking Windows Deevices With ElizaRAT

Aman Mishra — Tue, 05 Nov 2024 10:33:08 +0000

APT36, a sophisticated threat actor, has been actively targeting Indian entities with advanced malware like ElizaRAT, which is designed for espionage. It leverages cloud-based services for covert communication and data exfiltration. Recent campaigns have seen significant enhancements in ElizaRAT’s evasion techniques, making it a potent tool for persistent attacks. The integration of ApoloStealer into the […]

The post APT36 Hackers Attacking Windows Deevices With ElizaRAT appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

SYS01 InfoStealer Malware Attacking Meta Business Page To Steal Logins

Aman Mishra — Mon, 04 Nov 2024 12:09:55 +0000

The ongoing Meta malvertising campaign, active for over a month, employs an evolving strategy to distribute the SYS01 InfoStealer through ElectronJs applications disguised as legitimate software like video editors, productivity tools, and streaming services. The campaign leverages nearly a hundred malicious domains for distribution and C2 operations, targeting a global audience, especially males aged 45 […]

The post SYS01 InfoStealer Malware Attacking Meta Business Page To Steal Logins appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Russian Hackers Attacking Ukraine Military With Malware Via Telegram

Aman Mishra — Mon, 04 Nov 2024 11:53:34 +0000

Researchers discovered a Russian-linked threat actor, UNC5812, utilizing a Telegram persona named “Civil Defense. ” This persona has been distributing Windows and Android malware disguised as legitimate software designed to aid potential conscripts in Ukraine. Once installed, these malicious apps silently deploy additional malware, including SUNSPINNER, while engaging in influence operations to undermine Ukrainian mobilization […]

The post Russian Hackers Attacking Ukraine Military With Malware Via Telegram appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

LightSpy iOS Malware Enhanced with 28 New Destructive Plugins

Aman Mishra — Fri, 01 Nov 2024 09:26:01 +0000

The LightSpy threat actor exploited publicly available vulnerabilities and jailbreak kits to compromise iOS devices. The malware’s core binaries were even signed with the same certificate used in jailbreak kits, indicating deep integration. The C2 servers, active until October 26, 2022, hosted outdated malware, possibly for demonstration purposes but not as MaaS. The iOS and […]

The post LightSpy iOS Malware Enhanced with 28 New Destructive Plugins appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

New PySilon RAT Abusing Discord Platform to Maintain Persistence

Divya — Wed, 30 Oct 2024 09:02:35 +0000

Cybersecurity experts have identified a new Remote Access Trojan (RAT) named PySilon. This Trojan exploits the popular social platform Discord to maintain persistence on infected systems. Discord, known for its real-time communication features, has become a hub for various communities beyond its gaming origins. However, its API capabilities have also made it a target for […]

The post New PySilon RAT Abusing Discord Platform to Maintain Persistence appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Notorious WrnRAT Delivered Mimic As Gambling Games

Aman Mishra — Tue, 29 Oct 2024 13:15:55 +0000

WrnRAT is a new malware attack that cybercriminals have deployed by using popular gambling games like Badugi, Go-Stop, and Hold’em to disguise itself as a malicious program. The attackers created a fraudulent gambling website that, when accessed, prompts users to download a game launcher. Instead of initiating the game, the launcher installs the malicious WrnRAT […]

The post Notorious WrnRAT Delivered Mimic As Gambling Games appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

RedLine and META Infostealers Infrastructure Seized by Authorities

Divya — Tue, 29 Oct 2024 11:34:58 +0000

An international coalition led by the U.S. Department of Justice has dismantled the infrastructure behind the notorious RedLine and META infostealers. These malware variants have plagued millions of computers worldwide, stealing sensitive information and facilitating further cybercriminal activities. Operation Magnus was a joint effort involving the US Department of Justice, FBI, Naval Criminal Investigative Service, […]

The post RedLine and META Infostealers Infrastructure Seized by Authorities appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.