05 Oct 2022

‘Biggest Risk in DeFi’ Seen Coming From Backdoor Software Threat

The automated software programs that power much of the DeFi, or decentralized finance, activity on the Ethereum blockchain appear to be less tamper resistant than advertised. In recent years, most of these “smart contracts” have evolved to include a back door, or a way to change them, sometimes in drastic ways,

Read More
06 Apr 2022

No-Joke Borat RAT Propagates Ransomware, DDoS

Security researchers at Cyble Research Labs have discovered a new malware strain that extends the abilities of typical trojans, providing for a series of modules for launching various types of malicious activity. Cyble reports that the trojan, boasting advanced functionality, is bring used by attackers to spread ransomware and conduct

Read More
26 Jan 2022

Pro-democracy org hijacked to become macOS spyware distributor

Researchers have reportedly uncovered a new strain of macOS malware that is being distributed in attacks against visitors to a Hong Kong pro-democracy radio station website. The website was used to facilitate a watering hole-style attack and serve a Safari browser to exploit to visitors. Therefore, the malware was deployed

Read More
16 Dec 2021

Suspected Iranian hackers target airline with new backdoor

On Wednesday, cybersecurity researchers at IBM’s Security X-Force confirmed that an Asian airline was the target of a cyberattack conducted by a suspected state-sponsored Iranian threat group. The attack likely began in October 2019 and lasted until 2021. The attack leveraged a never-before-seen backdoor, according to researchers. Researchers suspect the

Read More
06 Aug 2021

Iran-Linked Hackers Expand Arsenal With New Android Backdoor

Charming Kitten, an Iran-backed advanced persistent threat group, has allegedly added a new Android backdoor to its repository. The group has also successfully compromised individuals associated with the Iran reformist movement as of late, according to security researchers at IBM. The group has been active since 2011 and frequently targets

Read More
04 Jan 2021

Backdoor account discovered in more than 100,000 Zyxel firewalls, VPN gateways

Security researchers have discovered a hardcoded admin-level backdoor account on more than 100,000 Zyxel firewalls, VPN gateways, and access point controllers. These backdoor accounts can grant attackers root access via the web administration panel or the SSH interface, making the situation a critical threat to consumers. The backdoor account was

Read More
15 Jul 2020

More Malware Found Hidden in Chinese Tax Software

Researchers at Trustwave have uncovered more malware as part of a malware campaign hiding backdoors in mandatory Chinese tax software, highlighting the fact that the campaign may be more extensive than previously thought. Last month, Trustwave warned that it had found the GoldenSpy backdoor installed on several clients’ systems after

Read More
08 Jul 2020

Fxmsp hacker indicted by feds for selling backdoor access to hundreds of companies

US prosecutors have indicted a prolific hacker allegedly behind a criminal enterprise that was selling backdoor access to hundreds of global organizations. The criminal operated under the name “fxmsp” and is a 37-year-old Kazakhstan citizen named Andrey Turchin. On Tuesday, the indictment was unsealed in the Western District of Washington.

Read More
26 May 2020

Russian cyberspies use Gmail to control updated ComRAT malware

A new version of the ComRAT backdoor has been found by security researchers at ESET. The backdoor is controlled through the Gmail web interface and was discovered when the state-sponsored Russian hacker group Turla began using it to harvest data and steal information in attacks targeting governmental institutions. Other common

Read More
21 May 2020

New PipeMon malware uses Windows print processors for persistence

The Winnti hacking group has targeted video game companies again in a new campaign that utilizes recent malware called PipeMon, a modular backdoor that was identified earlier this year. PipeMon was discovered on servers belonging to video game developers of games that feature multiplayer options (massively multiplayer online) games. The

Read More