Security News
The new 'Erbium' information-stealing malware is being distributed as fake cracks and cheats for popular video games to steal victims' credentials and cryptocurrency wallets. Erbium is a new Malware-as-a-Service that provides subscribers with a new information-stealing malware that is gaining popularity in the cybercrime community thanks to its extensive functionality, customer support, and competitive pricing.
Hackers believed to work for Russia have started using a new code execution technique that relies on mouse movement in Microsoft PowerPoint presentations to trigger a malicious PowerShell script. A report from threat intelligence company Cluster25 says that APT28, a threat group attributed to the Russian GRU, have used the new technique to deliver the Graphite malware as recently as September 9.
The BlackCat ransomware crew has been spotted fine-tuning their malware arsenal to fly under the radar and expand their reach. ALPHV is also one of the first ransomware strains to be programmed in Rust, a trend that has since been adopted by other families such as Hive and Luna in recent months to develop and distribute cross-platform malware.
An SMS-based phishing campaign is targeting customers of Indian banks with information-stealing malware that masquerades as a rewards application. The Microsoft 365 Defender Research Team said that the messages contain links that redirect users to a sketchy website that triggers the download of the fake banking rewards app for ICICI Bank.
Malwarebytes has addressed an issue that prevented users from accessing websites and services hosted on the google.com domain, including Google search and Youtube. According to a large number of reports from people affected by this, their browsers were prevented from accessing Google sites after Malwarebytes flagged and blocked them as malicious.
Google and its Youtube domains are being flagged as malicious by Malwarebytes as of Wednesday morning, blocking users from accessing a whole range of websites. "Malwarebytes is aware of a temporary issue with the web filtering component of our product that may be blocking certain domains, including google.com," a Malwarebytes spokesperson told The Register.
American video game publisher 2K has confirmed that its help desk platform was hacked and used to target customers with fake support tickets pushing malware via embedded links. "Earlier today, we became aware that an unauthorized third party illegally accessed the credentials of one of our vendors to the help desk platform that 2K uses to provide support to our customers," 2K's support account tweeted on Tuesday after BleepingComputer broke the story on the security breach.
Hackers have compromised the support system of American video game publisher 2K and now are sending support tickets to gamers containing the RedLine password-stealing malware. 2K is the publisher behind numerous popular game franchises, including NBA 2K, Borderlands, WWE 2K, PGA Tour 2K, Bioshock, Civilization, and Xcom.
Hackers have compromised the support system of American video game publisher 2K and now are sending support tickets to gamers containing the RedLine password-stealing malware. 2K is the publisher behind numerous popular game franchises, including NBA 2K, Borderlands, WWE 2K, PGA Tour 2K, Bioshock, Civilization, and Xcom.
A threat cluster linked to the Russian nation-state actor tracked as Sandworm has continued its targeting of Ukraine with commodity malware by masquerading as telecom providers, new findings show. Recorded Future said it discovered new infrastructure belonging to UAC-0113 that mimics operators like Datagroup and EuroTransTelecom to deliver payloads such as Colibri loader and Warzone RAT. The attacks are said to be an expansion of the same campaign that previously distributed DCRat using phishing emails with legal aid-themed lures against providers of telecommunications in Ukraine.