Security News

Attackers are targeting financial departments with SmokeLoader malware
2024-03-22 06:30

Financially motivated hackers have been leveraging SmokeLoader malware in a series of phishing campaigns predominantly targeting Ukrainian government and administration organizations. The Ukrainian SSSCIP State Cyber Protection Center, together with the Palo Alto Networks Unit 42 research team, have been tracking a massive phishing campaign linked to the distribution of the SmokeLoader malware.

8Base Group Deploying New Phobos Ransomware Variant via SmokeLoader
2023-11-18 11:27

The threat actors behind the 8Base ransomware are leveraging a variant of the Phobos ransomware to conduct their financially motivated attacks. The findings come from Cisco Talos, which has...

CERT-UA Warns of SmokeLoader and RoarBAT Malware Attacks Against Ukraine
2023-05-08 06:10

An ongoing phishing campaign with invoice-themed lures is being used to distribute the SmokeLoader malware in the form of a polyglot file, according to the Computer Emergency Response Team of Ukraine. In a related advisory, Ukraine's cybersecurity authority also revealed details of destructive attacks orchestrated by a group known as UAC-0165 against public sector organizations.

New Laplas Clipper Malware Targeting Cryptocurrency Users via SmokeLoader
2022-11-08 13:40

Cryptocurrency users are being targeted with a new clipper malware strain dubbed Laplas by means of another malware known as SmokeLoader. Observed in the wild since circa 2013, SmokeLoader functions as a generic loader capable of distributing additional payloads onto compromised systems, such as information-stealing malware and other implants.

SmokeLoader Infecting Targeted Systems with Amadey Info-Stealing Malware
2022-07-27 06:36

An information-stealing malware called Amadey is being distributed by means of another backdoor called SmokeLoader. The attacks hinge on tricking users into downloading SmokeLoader that masquerades as software cracks, paving the way for the deployment of Amadey, researchers from the AhnLab Security Emergency Response Center said in a report published last week.

Amadey malware pushed via software cracks in SmokeLoader campaign
2022-07-24 16:11

A new version of the Amadey Bot malware is distributed through the SmokeLoader malware, using software cracks and keygen sites as lures. Amadey Bot is a malware strain discovered four years ago, capable of performing system reconnaissance, stealing information, and loading additional payloads.

SmokeLoader malware downloader enters list of most wanted malware
2019-01-15 06:00

Check Point has published its latest Global Threat Index for December 2018. The index reveals that SmokeLoader, a second-stage downloader known to researchers since 2011, rose 11 places in...

New Smoke Loader Attack Targets Multiple Credentials
2018-07-05 14:43

A recently detected Smoke Loader infection campaign is attempting to steal credentials from a broad range of applications, including web browsers, email clients, and more. read more

Smoke Loader Backdoor Gets Anti-Analysis Improvements (Security Week)
2017-08-08 11:51

The infamous Smoke Loader backdoor now has more complex anti-analysis techniques that allow it to remain a potent malware delivery mechanism, PhishLabs security researchers warn. read more