Security News > 2022 > March

Microsoft on Monday disclosed that it detected a new round of offensive and destructive cyberattacks directed against Ukraine's digital infrastructure hours before Russia launched its first missile strikes last week. The intrusions involved the use of a never-before-seen malware package dubbed FoxBlade, according to the tech giant's Threat Intelligence Center, noting that it added new signatures to its Defender anti-malware service to detect the exploit within three hours of the discovery.

The TeaBot banking trojan was spotted once again in Google Play Store where it posed as a QR code app and spread to more than 10,000 devices. The trojanized apps include the promised functionality, so user reviews on the Play Store are positive.

The Daxin malware is taking aim at hardened government networks around the world, according to researchers, with the goal of cyberespionage. "Daxin malware is a highly sophisticated rootkit backdoor with complex, stealthy command-and-control functionality that enabled remote actors to communicate with secured devices not connected directly to the internet," warned CISA, in a Monday alert.

"As tanks rolled into Ukraine, so did malware," summarized humanitarian author Andreas Harsono, referring to the novel malware that Microsoft has named FoxBlade. "Several hours before the launch of missiles or movement of tanks on February 24, Microsoft's Threat Intelligence Center detected a new round of offensive and destructive cyberattacks directed against Ukraine's digital infrastructure," Microsoft President and Vice-Chair Brad Smith said.

Chipmaker giant Nvidia confirms that its network was breached in a cyberattack last week, giving intruders access to proprietary information data and employee login data. In an initial statement last week, Nvidia said it was investigating an incident that reportedly impacted some systems, causing an outage.

Researchers have identified an alarming new trend in DDoS attacks that target packet inspection and content filtering devices to attain enormous 6,533% amplification levels. DDoS attacks are used to take down a server or corporate network by overwhelming network devices such as servers and routers with a large number of bogus requests or very high volumes of garbage data.

For those developing with JavaScript and related technologies, GitHub's NPM Package Registry is an essential resource. It's the home of more than 1.8 million packages - libraries and modules that get added to applications as dependencies to perform useful functions.

A large-scale campaign involving over 200 phishing and scam sites has tricked users into giving their personal data to fake investments schemes impersonating genuine brands. The fraudulent operation relies upon the abuse of Google Ads and SEO to draw victims to hundreds of fake websites targeting the Indian audience.

One of the most interesting ones is a previously unknown malware with destructive payload that has popped up on hundreds of Ukrainian machines lately. On Feb. 23, a tweet from ESET Research claims they discovered a new malware that wipes data, used in Ukraine.

Newly discovered malware was deployed in destructive attacks against Ukrainian organizations and governmental networks before and after Russia invaded the country on February 24. While analyzing these attacks, ESET Research Labs analysts discovered a new data wiper they dubbed IsaacWiper.