The abundance and variety of low cost Android phones is one of the reasons that Android has become so popular around the world. Unfortunately, low priced phones could also mean less operating revenue and thus possibly a lower quality control. Such is the case with a cheap Android phone and has a remote access trojan preinstalled.
A new malspam campaign is underway that pretends to be shipping documents and contains an attachment that installs the DarkComet remote access Trojan. When DarkComet is installed, the malware has the ability to log your keystrokes, application usage, take screenshots, and more, which is then sent back to the malware developer.
Security researchers have uncovered a new supply chain attack that targets organizations in South Korea. The threat actor chooses the victims selectively, based on an IP range for groups of interest.
Security researchers have discovered a precursor of the notorious Proton macOS malware. This supposed precursor appears to have been developed back in 2016, a year before Proton, and uploaded on VirusTotal, where it remained undetected for nearly two years until May 2018, when Kaspersky researchers stumbled upon it.
The author of a malware strain known as the LuminosityLink RAT (Remote Access Trojan) has pleaded guilty yesterday, according to plea agreement received by Bleeping Computer.
Security researchers have discovered ongoing malware campaigns targeting Samsung service centers in Italy, campaigns that appear to be the counterparts of attacks that have previously targeted similar electronics service centers in Russia this year.
Malspam campaigns, such as ones being distributed by Necurs, are utilizing a new attachment type that is doing a good job in bypassing antivirus and mail filters. These IQY attachments are called Excel Web Query files and when opened will attempt to pull data from external sources.