A French security researcher has stumbled upon an adware delivery scheme that involves clone websites that use legitimately-looking domain names to trick victims into downloading famous apps, but which are actually laced with adware.
A new version of the Kronos banking trojan is making the rounds, according to Proofpoint security researchers, who say they've identified at last three campaigns spreading a revamped version of this old trojan that had its heyday back in 2014.
The source code of a top-of-the-line Android banking trojan has been leaked online and has since rapidly spread in the malware community, worrying researchers that a new wave of malware campaigns may be in the works.
Security researchers have discovered a precursor of the notorious Proton macOS malware. This supposed precursor appears to have been developed back in 2016, a year before Proton, and uploaded on VirusTotal, where it remained undetected for nearly two years until May 2018, when Kaspersky researchers stumbled upon it.
Hackers have breached the website of VSDC, a popular company that provides free audio and video conversion and editing software.
Malware has been discovered in at least three Arch Linux packages available on AUR (Arch User Repository), the official Arch Linux repository of user-submitted packages. The malicious code has been removed thanks to the quick intervention of the AUR team.
A lesser-known cyber-espionage group known as BlackTech has been caught earlier this month using a stolen D-Link certificate to sign malware deployed in a recent campaign.
Two separate sources have confirmed that the USB-powered fans handed out at the North Korea-United States political summit that took place on June 12 were most likely clean and not infected with malware.
In a report published earlier this week, the Israeli military has accused Hamas cyber-operatives of attempting to lure Israel Defence Forces (IDF) soldiers into installing malware-infected apps on their phones.
Malware authors are frantically trying to weaponize a new infection vector that was revealed at the start of June. The trick relies on using Windows Settings (.SettingContent-ms) shortcut files in order to achieve code execution on Windows 10 PCs.
Security researchers have spotted a new Mac malware family that's currently being advertised on cryptocurrency-focused Slack and Discord channels.
While we have covered cryptocurrency clipboard hijackers in the past, most of the previous samples monitored for 400-600 thousand cryptocurrency addresses. This week BleepingComputer noticed a sample of this type of malware that monitors for a over 2.3 million cryptocurrency addresses!
Security firm FireEye has detected that malware authors have deployed the PROPagate code injection technique for the first time inside a live malware distribution campaign.
Starting yesterday, there have been numerous reports of people being infected with something called "All-Radio 4.27 Portable". After researching this heavily today, it has been determined that seeing this program is a symptom of a much bigger problem on your computer.
An infosec researcher who uses the online pseudonym of Capt. Meelo has modified an NSA hacking tool known as DoublePulsar to work on the Windows IoT operating system (formerly known as Windows Embedded).
New versions of the SamSam ransomware will not execute unless the person running the malware's payload enters a special password via the command-line.
Security researchers have spotted a new commercial malware product that's been put up for sale on hacking forums for the lowly price of only $50, paid in Bitcoin. Named Kardon Loader, this is a new malware strain, currently still under development, in a "beta" stage according to its author.