Menu

Blog

Archive for the ‘cybercrime/malcode’ category: Page 107

Nov 17, 2021

Notorious Emotet Botnet Makes a Comeback with the Help of TrickBot Malware

Posted by in categories: cybercrime/malcode, law enforcement

The notorious Emotet malware is staging a comeback of sorts nearly 10 months after a coordinated law enforcement operation dismantled its command-and-control infrastructure in late January 2021.

According to a new report from security researcher Luca Ebach, the infamous TrickBot malware is being used as an entry point to distribute what appears to be a new version of Emotet on systems previously infected by the former. The latest variant takes the form of a DLL file, with the first occurrence of the deployment being detected on November 14.

Nov 14, 2021

Scientists Create Artificial Mitochondria That Can Make Energy for Damaged Cells

Posted by in categories: biotech/medical, chemistry, cybercrime/malcode

And it can be hacked.

The authors of a new study in Nature Catalysis reprogrammed these blobs—called exosomes—into an army of living nanobioreactors. It’s a seemingly simple process of mix and match: each blob is filled with a different chemical that’s involved in a biological reaction. By bringing two together, the blobs merge into a single squishy container, allowing the two chemicals to react.

The results were explosive. The tiny bioreactors pumped out energy molecules, called ATP, inside living cells. The burst of energy saved injured cells, providing them with a boost of power to fight back against dangerous molecules that otherwise lead to cell death.

Nov 13, 2021

China’s next generation of hackers won’t be criminals. That’s a problem

Posted by in categories: biotech/medical, cybercrime/malcode, education, government

The TechCrunch Global Affairs Project examines the increasingly intertwined relationship between the tech sector and global politics.

Criminals have a long history of conducting cyber espionage on China’s behalf. Protected from prosecution by their affiliation with China’s Ministry of State Security (MSS), criminals turned government hackers conduct many of China’s espionage operations. Alarming as it may sound, this is not a new phenomenon. An indictment issued by the U.S. Department of Justice last year, for example, indicated that the simultaneous criminal-espionage activity of two Chinese hackers went back as far as 2009. In another case, FireEye, a cybersecurity company, alleges that APT41, a separate cohort of MSS hackers, began as a criminal outfit in 2012 and transitioned to concurrently conducting state espionage from 2014 onward. But there’s reason to believe that since then, China has been laying the groundwork for change.

Read more from the TechCrunch Global Affairs Project

Continue reading “China’s next generation of hackers won’t be criminals. That’s a problem” »

Nov 13, 2021

TrickBot Operators Partner with Shathak Attackers for Conti Ransomware

Posted by in category: cybercrime/malcode

A team of TrickBot operators joins forces with Shatak attackers to launch Conti Ransomware.

Nov 13, 2021

Researchers uncover a new cyber mercenary hacker-for-hire group that has been conducting cyber espionage and data theft since 2015

Posted by in category: cybercrime/malcode

Researchers are warning of a new evolving botnet that has been spotted in the wild and has worm-like spreading capabilities to infect Linux systems.

Nov 13, 2021

Hackers Exploit macOS Zero-Day to Hack Hong Kong Users with new Implant

Posted by in category: cybercrime/malcode

Researchers uncover a new cyber mercenary hacker-for-hire group that has been conducting cyber espionage and data theft since 2015.


Researchers have uncovered details of a watering hole attack carried out via websites in Hong Kong, and exploited a zero-day vulnerability in macOS.

Nov 12, 2021

Israeli innovation is leading cybersecurity to unreached possibilities

Posted by in categories: biotech/medical, cybercrime/malcode

Meet Artemis Security, the company breaking ground in the realm of security for Israelis, from homes to hospitals.

Nov 11, 2021

PhoneSpy: The App-Based Cyberattack Snooping South Korean Citizens

Posted by in categories: cybercrime/malcode, mobile phones

Many of the malware campaigns we have detected over the last year have been global at scale, targeting anyone with little regard to their location. Recently, we discovered and began monitoring the activity behind PhoneSpy, a spyware aimed at South Korean residents with Android devices. With more than a thousand South Korean victims, the malicious group behind this invasive campaign has had access to all the data, communications, and services on their devices.

Unlike other spyware campaigns we have covered that take advantage of vulnerabilities on the device, PhoneSpy hides in plain sight, disguising itself as a regular application with purposes ranging from learning Yoga to watching TV and videos, or browsing photos. But in reality, the application is stealing data, messages, images, and remote control of Android phones. The data stolen from victim devices ranged from personal photos to corporate communications. The victims were broadcasting their private information to the malicious actors with zero indication that something was amiss.

While the victims have been limited to South Korea, PhoneSpy is an example of how malicious applications can disguise their true intent. When installed on victims’ devices, they leave personal and corporate data at risk. With mobile devices playing critical roles in distributed and remote work, it is no surprise that spyware campaigns like PhoneSpy are on the rise.

Nov 8, 2021

US government offers $10 million bounty for information on Colonial Pipeline hackers

Posted by in categories: cybercrime/malcode, energy, government

Fighting ransomware with bounties.


In May, a ransomware attack shut down a pipeline carrying 45 percent of the fuel used on the US East Coast. The Colonial Pipeline incident led to panic buying and heightened fears about the threat posed by simple hacks to national infrastructure. Now, the US State Department is offering a bounty of up to $10 million to anyone who can supply the “identity or location” of the leaders of the group responsible — an outfit known as DarkSide.

In addition to the $10 million bounty, the state department is offering a reward of up to $5 million for information leading to the arrest or conviction “of any individual conspiring to participate in or attempting to participate in a DarkSide variant ransomware incident.” What exactly that means isn’t clear. Is a “DarkSide variant ransomware incident” one that involves the group’s hacking tools? What if the software has been altered slightly? It seems deliberately ambiguous, allowing the State Department to cast as wide a net as possible.

Continue reading “US government offers $10 million bounty for information on Colonial Pipeline hackers” »

Nov 6, 2021

Microsoft Fends Off 2.4Tbps DDoS Attack, Second Largest on Record

Posted by in categories: cybercrime/malcode, internet

A DDoS attack essentially tries to down a website or internet service by bombarding the system with a flood of data traffic. To do so, the hacker can sometimes harness botnets, or armies of malware-infected computers, to generate the traffic.

In this case, the attack originated from “70,000 sources” based in countries across Asia and the US, Microsoft says. Whether the hacker used a botnet was left unsaid. But the UDP protocol was exploited in what’s known as a “reflection attack” to amplify the data traffic to 2.4Tbps.