According to Avast, the database where the CCleaner hackers were collecting data from infected hosts ran out of space and was deleted on September 12, meaning information on previous victims is now lost to investigators and the number of computers infected with the second-stage backdoor payloads may be larger than initially believed.
Security researchers have tracked a malware distribution campaign spreading the FinFisher spyware — also known as FinSpy — to the infrastructure of Internet Service Providers (ISPs) in at least two countries.
The CCleaner hack that took place over the summer and came to light this week might have been carried out by an infamous cyber-espionage group believed to be operating out of China.
Heating, ventilation, and air conditioning (HVAC) systems can be used as a means to bridge air-gapped networks with the outside world, allowing remote attackers to send commands to malware placed inside a target's isolated network.
Proof-of-concept malware created by a team of Israeli researchers uses the infrared capabilities of modern security cameras as a channel for data exfiltration, but also to receive new commands from its operators.
Avast published earlier today a post-mortem of the CCleaner malware incident, in the hopes to clarify some of the details surrounding the event that many of its users found troubling.
This article contains information and answers to frequently asked questions regarding the CCleaner malware incident and how to remove the malware-laced CCleaner version.
Version 5.33 of the CCleaner app offered for download between August 15 and September 12 was modified to include the Floxif malware.
A password stealing Trojan called AdService is being quietly distributed by adware bundles that typically install other programs such as Russian adware, extensions, clickers, adware, and fake system optimization programs. This Trojan is loaded through DLL hijacking in Chrome.
Malware authors hid malicious code inside a software development kit (SDK) that developers embedded in their Android apps, unwittingly exposing their users to a mobile malware strain that Check Point identifies as ExpensiveWall.
Telemetry data collected by Kaspersky Lab shows that in the first nine months of 2017, malware that mines for various types of cryptocurrencies has infected more than 1.65 million endpoints.
A group of experienced hackers — tracked under the name of CodeFork — have launched a new malware distribution campaign that uses advanced tools and new techniques to go undetected by security solutions.
A remote access trojan (RAT) offered as a free download on underground hacking forums comes with a secret backdoor that grants the original author access to all the victim data.
WikiLeaks published today documentation on the CIA Angelfire project, a malware framework developed to infect Windows computers.
After years of silence, WAP-billing trojans are making a comeback, with four new strains becoming active in the second quarter of 2017, targeting Russia and India primarily.
Google has yet to remove two apps infected with dangerous malware that are currently still available for download via the official Google Play Store.
An advertising software development kit (SDK) embedded in many legitimate apps has been secretly siphoning user data and sending it to the servers of a Chinese company.
A new malware family detected under the name of CoinMiner is causing users and security firms alike loads of problems, being hard to stop or detect due to the combination of various unique features.
Malware activity has ramped up in the second quarter of 2017, according to reports from cyber-security firms Cyren, Check Point, Kaspersky Lab, Proofpoint, and Symantec.