Category: malware

Auto Added by WPeMatico

Google Sues the Badbox Botnet Operators

Posted on By infossl
backdoors, botnets, courts, google, malware, Security technology, Uncategorized

It will be interesting to watch what will come of this private lawsuit: Google on Thursday announced filing a lawsuit against the operators of the Badbox 2.0 botnet, which has ensnared more than 10 million devices running Android open source software. These devices lack Google’s security protections, and the perpetrators pre-installed the Badbox 2.0 malware … Read More “Google Sues the Badbox Botnet Operators” »

New Mobile Phone Forensics Tool

Posted on By infossl
china, forensics, hacking, malware, privacy, Security technology, smartphones, Uncategorized

The Chinese have a new tool called Massistant. Massistant is the presumed successor to Chinese forensics tool, “MFSocket”, reported in 2019 and attributed to publicly traded cybersecurity company, Meiya Pico. The forensics tool works in tandem with a corresponding desktop software. Massistant gains access to device GPS location data, SMS messages, images, audio, contacts and … Read More “New Mobile Phone Forensics Tool” »

Ubuntu Disables Spectre/Meltdown Protections

Posted on By infossl
cyberattack, malware, operating systems, Security technology, Uncategorized

A whole class of speculative execution attacks against CPUs were published in 2018. They seemed pretty catastrophic at the time. But the fixes were as well. Speculative execution was a way to speed up CPUs, and removing those enhancements resulted in significant performance drops. Now, people are rethinking the trade-off. Ubuntu has disabled some protections, … Read More “Ubuntu Disables Spectre/Meltdown Protections” »

Thousands of WordPress Websites Infected with Malware

Posted on By infossl
backdoors, malware, Security technology, Uncategorized, web

The malware includes four separate backdoors: Creating four backdoors facilitates the attackers having multiple points of re-entry should one be detected and removed. A unique case we haven’t seen before. Which introduces another type of attack made possibly by abusing websites that don’t monitor 3rd party dependencies in the browser of their users. The four … Read More “Thousands of WordPress Websites Infected with Malware” »

Python Developers Targeted with Malware During Fake Job Interviews

Posted on By infossl
cybersecurity, malware, North Korea, Security technology, social engineering, threat models, Uncategorized

Interesting social engineering attack: luring potential job applicants with fake recruiting pitches, trying to convince them to download malware. From a news article These particular attacks from North Korean state-funded hacking team Lazarus Group are new, but the overall malware campaign against the Python development community has been running since at least August of 2023, … Read More “Python Developers Targeted with Malware During Fake Job Interviews” »

The Justice Department Took Down the 911 S5 Botnet

Posted on By infossl
botnets, courts, COVID-19, crime, cybercrime, malware, Security technology, Uncategorized

The US Justice Department has dismantled an enormous botnet: According to an indictment unsealed on May 24, from 2014 through July 2022, Wang and others are alleged to have created and disseminated malware to compromise and amass a network of millions of residential Windows computers worldwide. These devices were associated with more than 19 million … Read More “The Justice Department Took Down the 911 S5 Botnet” »

Using Legitimate GitHub URLs for Malware

Posted on By infossl
malware, open source, Security technology, social engineering, Uncategorized

Interesting social-engineering attack vector: McAfee released a report on a new LUA malware loader distributed through what appeared to be a legitimate Microsoft GitHub repository for the “C++ Library Manager for Windows, Linux, and MacOS,” known as vcpkg. The attacker is exploiting a property of GitHub: comments to a particular repo can contain files, and … Read More “Using Legitimate GitHub URLs for Malware” »