Security News
Threat analysts have discovered a recent malware distribution campaign using PDF attachments to smuggle malicious Word documents that infect users with malware. In a new report by HP Wolf Security, researchers illustrate how PDFs are being used as a transport for documents with malicious macros that download and install information-stealing malware on victim's machines.
Six-year-old keylogger malware called Agent Tesla has been updated again, this time with expanded targeting and improved data exfiltration features. "Threat actors who transition to this version of Agent Tesla gain the capability to target a wider range of stored credentials, including those for web browser, email, VPN and other services," said Aaron Riley, cyber threat intelligence analyst with Cofense in a Tuesday analysis.
A rare new ransomware strain targeting macOS users has been discovered, called EvilQuest. While Devadoss found the ransomware purporting to be a Google Software Update package, Wardle inspected a ransomware sample that was being distributed via a pirated version of "Mixed In Key 8," which is software that helps DJs mix their songs.
While the HawkEye keylogger has been in continuous development since 2013, it did see an ownership change in December 2018 and has been particularly resurgent since then. "The current developer of the HawkEye Reborn keylogger/stealer is continuously adding support for different applications and software platforms to facilitate the theft of sensitive information and account credentials," researchers told Threatpost last year.
While the HawkEye keylogger has been in continuous development since 2013, it did see an ownership change in December 2018 and has been particularly resurgent since then. "The current developer of the HawkEye Reborn keylogger/stealer is continuously adding support for different applications and software platforms to facilitate the theft of sensitive information and account credentials," researchers told Threatpost last year.
Researchers have discovered a recent spate of phishing emails spreading a new variant of Metamorfo, a financial malware known for targeting Brazilian companies. Once executed, the malware kills the auto-suggest data entry fields in browsers, forcing victims to write out their passwords - which it then tracks via a keylogger.
Phoenix Keylogger Attempts to Disable More Than 80 security Products, Exfiltrates Data Direct from Memory The Phoenix Keylogger, operating at the cusp of keylogger and infostealer, was launched in...
A New Jersey man has pleaded guilty in federal court to hacking two companies and installing keyloggers in an effort to steal data. The man, Ankur Agarwal, 45, pleaded guilty to two counts of...
HawkEye keylogger campaigns observed in April and May 2019 focused on targeting business users, IBM X-Force security researchers say. read more
After the HawkEye malware kit underwent an ownership change and new development, researchers are spotting the keylogger used in several malicious email campaigns.