26 Jan 2021

Google reveals North Korean-backed campaign targeting security researchers

A new ongoing campaign targeting security researchers has been uncovered by Google’s Threat Analysis Group. The attackers are going to great lengths to gain the victims’ trust, posing as researchers or students themselves. The campaign consists of sophisticated social engineering techniques to persuade the security researcher to open a Microsoft

Read More
21 Jan 2021

‘LuckyBoy’ Malvertising Campaign Hits iOS, Android, XBox Users

A new campaign is targeting mobile and other connected device users through utilizing cloaking and obfuscation techniques to evade detection. The malvertising campaign has been named LuckyBoy and consists of a multi-stage, tag-based approach and attack method. Andriod, Xbox, and iOS users are being targeted in the attacks. According to

Read More
16 Dec 2020

Hack May Have Exposed Deep US Secrets; Damage Yet Unknown

Authorities say that some of America’s deepest secrets may have been stolen in a months-long espionage campaign that just came to light. The operation has been blamed on Russian government hackers and occurred when threat actors were able to slip malicious code into a software update issued by popular provider

Read More
26 Oct 2020

Treasury Sanctions Iranian Entities for Attempted Election Interference

On October 22, the Department of the Treasury’s Office of Foreign Assets Control (OFAC) determined to impose sanctions on five distinct Iranian entities known to have attempted to conduct election interference on the US and its voters. These attempts include spreading disinformation and executing malign influence campaigns aimed to mislead

Read More
19 Jun 2020

Facebook Pulls Trump Campaign Ad Featuring Nazi Symbol

Facebook has made the decision to remove advertising for Donald Trump’s re-election campaign because it featured a symbol that is heavily associated with Nazi Germany. The advertisements, which stated that left-wing activists he calls Antifa should be branded a terrorist organization, had an inverted red triangle. The inverted red triangle

Read More
21 May 2020

New PipeMon malware uses Windows print processors for persistence

The Winnti hacking group has targeted video game companies again in a new campaign that utilizes recent malware called PipeMon, a modular backdoor that was identified earlier this year. PipeMon was discovered on servers belonging to video game developers of games that feature multiplayer options (massively multiplayer online) games. The

Read More
18 May 2020

RATicate Group Hits Industrial Firms With Revolving Payloads

According to researchers, a new threat group called RATicate is targeting industrial companies with revolving payloads and is behind several malspam attacks against companies such as LokiBot, Agent Tesla, Netwire, FormBook, and BetaBot. Researchers have attributed at least six separate campaigns to the group, with the first starting in November

Read More
01 May 2020

Microsoft Sway Abused in Office 365 Phishing Attack

According to an analysis released by Group-IB on Thursday, a threat actor group called PerSwaysion has attacked Microsoft services, compromising at least 150 executives in a targeted phishing campaign. The attacks were effective in gathering the Office 365 credentials of the executives since mid-2019. The campaign’s success was attributed to

Read More
08 Apr 2020

NASA under ‘significantly increasing’ hacking, phishing attacks

NASA reported that they have been observing increasing malicious activity originating from both cybercriminals and nation-state hackers targeting their personnel and systems while their employees telecommute during the COVID-19 pandemic. The agency stated that they had successfully blocked a wave of malicious cyberattacks with pre-existing mitigation tools and measures. However,

Read More
10 Mar 2020

Intricate Phishing Scam Uses Support Chatbot to ‘Assist’ Victims

A recent phishing scam is targeting consumers by utilizing a malicious customer service chatbot function that steals victims’ information by prompting them to fill out various forms including credit card numbers and bank account information. The campaign was discovered by MalwareHunterTeam and is targeting Russian citizens. The threat actors are

Read More