According to a recent blog post by Scam Sniffer, a cryptocurrency monitoring service specializing in tracking illicit activity across blockchains, wallet drainers have been used to steal 494 million USD from crypto wallets in 2024. Wallet drainers are a family of malware typically deployed on phish
According to a report by cybersecurity firm Cleafy, a new Malware-as-a-Service has begun operating, with much evidence pointing to the malware's developers operating within Turkey. Cleafy has called the malware itself DroidBot, based on the domain used to host the malware's infrastructure. In
According to a recent article published by McAfee, security researchers have noticed a significant spike in the use of predatory loan apps by malicious actors. These Potentially Unwanted Programs (PUPs) are referred to as SpyLoan applications and typically use social engineering tactics to trick us
According to Trend Micro, Chinese state-sponsored threat actor Salt Typhoon, also tracked as Earth Estries, FamousSparrow, GhostEmperor, and UNC2286, has been seen deploying a new backdoor malware. Called "GhostSpider" by Trend Micro researchers, the malware has been used in attacks against Southeas
Cybersecurity researcher g0njxa recently discovered a cyberattack campaign leveraging fake AI video generators to infect machines with info-stealing malware. The attacker installed the Lumma and AMOS stealers on both Windows and macOS machines. Lumma targets Windows machines, while AMOS targets mac
In a recent article by security firm Gen Digital, researchers detailed a new campaign delivering Glove Stealer as its primary malware payload. The new stealer was discovered as the payload has been named Glove by Gen Digital and uses ClickFix social engineering tactics to gain high privileges and i
In a recently published blog article by Check Point's research team, an attack campaign was discovered spreading the Rhadamanthys info stealer. The infection chain starts with victims receiving fake copyright infringement emails to act as the lure. The campaign began in July 2024, with threat
According to a new report by security firm Kaspersky, researchers discovered a new crimeware bundle being distributed via forum posts, torrent trackers, and blogs, imitating popular software like Foxit PDF Editor and AutoCAD. The malware itself is capable of extracting the victim's credit card data,
According to a new report by Palo Alto’s Unit 42, North Korean state-sponsored threat actors, tracked by the security firm as Jumpy Pisces but also tracked as Andariel, have been linked to the Play ransomware gang. Researchers believe this is the first instance of the group using existing ransomwar
According to a blog article published by ReliaQuest, their security team discovered a new Black Basta ransomware campaign that begins with a spam email, which is then followed by threat actors posing as Microsoft Teams IT Support to trick victims into installing remote access software, which is then