Tag Malware

STARK#MULE Cyber Campaign Targets Korean Speakers with U.S. Military-Themed Malware Documents

July 28, 2023
Cyber Attack / Malware

A persistent cyber attack campaign identified as STARK#MULE is aimed at Korean-speaking individuals, using U.S. Military-themed documents to lure victims into executing malware on compromised systems. Cybersecurity firm Securonix has been monitoring this activity, though the full extent of the attacks remains unclear and it is unknown if any of them have successfully compromised systems. Security researchers Den Iuzvyk, Tim Peck, and Oleg Kolesnikov noted in a report shared with The Hacker News that these attacks are reminiscent of previous ones linked to North Korean groups like APT37, which has historically targeted South Korea, particularly its government officials. APT37, also known by various aliases including Nickel Foxcroft, Reaper, Ricochet Chollima, and ScarCruft, is recognized as a North Korean state-sponsored actor focused on southern targets.

STARK#MULE Targets Koreans with U.S. Military-Themed Document Lures In a notable development in cyber threats, a new campaign has emerged targeting Korean-speaking individuals through the use of U.S. military-themed documents designed to deliver malware. Cybersecurity experts from Securonix have named the campaign STARK#MULE and are actively monitoring its activities. While…

Read More

STARK#MULE Cyber Campaign Targets Korean Speakers with U.S. Military-Themed Malware Documents

July 28, 2023
Cyber Attack / Malware

A persistent cyber attack campaign identified as STARK#MULE is aimed at Korean-speaking individuals, using U.S. Military-themed documents to lure victims into executing malware on compromised systems. Cybersecurity firm Securonix has been monitoring this activity, though the full extent of the attacks remains unclear and it is unknown if any of them have successfully compromised systems. Security researchers Den Iuzvyk, Tim Peck, and Oleg Kolesnikov noted in a report shared with The Hacker News that these attacks are reminiscent of previous ones linked to North Korean groups like APT37, which has historically targeted South Korea, particularly its government officials. APT37, also known by various aliases including Nickel Foxcroft, Reaper, Ricochet Chollima, and ScarCruft, is recognized as a North Korean state-sponsored actor focused on southern targets.

Researchers Uncover Cyber Campaign by Space Pirates Targeting Organizations in Russia and Serbia

August 1, 2023
Cyber Attack / Malware

The cyber threat group known as Space Pirates has been implicated in attacks on at least 16 organizations across Russia and Serbia in the past year, utilizing innovative tactics and expanding their cyber arsenal. According to a detailed report from Positive Technologies released last week, the group’s primary objectives remain espionage and the theft of sensitive information, but they have broadened both their targets and geographical reach. The affected entities include government agencies, educational institutions, private security firms, aerospace manufacturers, agricultural producers, and companies in the defense, energy, and healthcare sectors. Space Pirates was initially identified by Positive Technologies in May 2022, specifically for its attacks on the aerospace industry in Russia. The group is believed to have been active since at least late 2019 and is linked to another cyber adversary tracked by Symantec under the name Webworm. Positive Technologies’ investigation into these attacks reveals further insights into the group’s methods and targets.

Space Pirates’ Cyber Operations Targeting Organizations in Russia and Serbia Unveiled In a troubling revelation, researchers from Positive Technologies have identified a series of cyber attacks conducted by a threat actor known as Space Pirates, targeting at least 16 organizations in Russia and Serbia throughout the past year. This group…

Read More

Researchers Uncover Cyber Campaign by Space Pirates Targeting Organizations in Russia and Serbia

August 1, 2023
Cyber Attack / Malware

The cyber threat group known as Space Pirates has been implicated in attacks on at least 16 organizations across Russia and Serbia in the past year, utilizing innovative tactics and expanding their cyber arsenal. According to a detailed report from Positive Technologies released last week, the group’s primary objectives remain espionage and the theft of sensitive information, but they have broadened both their targets and geographical reach. The affected entities include government agencies, educational institutions, private security firms, aerospace manufacturers, agricultural producers, and companies in the defense, energy, and healthcare sectors. Space Pirates was initially identified by Positive Technologies in May 2022, specifically for its attacks on the aerospace industry in Russia. The group is believed to have been active since at least late 2019 and is linked to another cyber adversary tracked by Symantec under the name Webworm. Positive Technologies’ investigation into these attacks reveals further insights into the group’s methods and targets.

New Malware “ToxicPanda” Emerges, Aiming to Steal Banking Information from Android Devices

The recent emergence of the malware known as ToxicPanda has raised alarms particularly among Android users. This malicious software, which is primarily aimed at extracting sensitive financial information, notably bank account details, has garnered attention for its deceptive tactics. ToxicPanda masquerades as legitimate applications, making it challenging for users to…

Read MoreNew Malware “ToxicPanda” Emerges, Aiming to Steal Banking Information from Android Devices

DDoS 2.0: IoT Triggers Fresh DDoS Warnings

The Rise of IoT-Driven DDoS Attacks: A Growing Threat to Security The Internet of Things (IoT) is significantly reshaping operational efficiencies across various industries, including healthcare and logistics. However, its rapid proliferation is accompanied by escalating security risks, particularly in the form of IoT-driven Distributed Denial-of-Service (DDoS) attacks. This phenomenon…

Read MoreDDoS 2.0: IoT Triggers Fresh DDoS Warnings

ANY.RUN Uncovers Deceptive Phishing Scheme Leveraging Fake CAPTCHA

Phishing Attack Uncovered Using Fake CAPTCHA to Execute Malicious Scripts In a recent security analysis by ANY.RUN, an interactive malware analysis platform, a sophisticated phishing campaign has been identified that utilizes deceptive fake CAPTCHA prompts to lure victims into executing harmful scripts on their systems. This evolving threat exemplifies the…

Read MoreANY.RUN Uncovers Deceptive Phishing Scheme Leveraging Fake CAPTCHA

RedTail Crypto-Mining Malware Targets Vulnerability in Palo Alto Networks Firewall

RedTail Malware Targets Palo Alto Networks Firewalls in Latest Cyber Attack Recently, cybersecurity analysts have identified an alarming development involving the RedTail cryptocurrency mining malware, which has integrated a newly disclosed vulnerability affecting Palo Alto Networks firewalls into its repertoire of exploits. This vulnerability, cataloged as CVE-2024-3400, has received a…

Read MoreRedTail Crypto-Mining Malware Targets Vulnerability in Palo Alto Networks Firewall

U.S. Takes Down the World’s Largest 911 S5 Botnet, Involving 19 Million Infected Devices

The United States Department of Justice (DoJ) announced on Wednesday the dismantling of what it claims to be “likely the world’s largest botnet,” which was composed of approximately 19 million compromised devices. These infected machines were made available to various malicious actors for a variety of cybercrimes. This extensive botnet,…

Read MoreU.S. Takes Down the World’s Largest 911 S5 Botnet, Involving 19 Million Infected Devices

Russian National Indicted by U.S. for Creating Redline Infostealer

Cybercrime, Fraud Management & Cybercrime Federal Complaint Reveals Charges Against Maxim Rudometov for Malware Development and Distribution Mathew J. Schwartz (euroinfosec) • October 29, 2024 Images from Maxim Rudometov’s C#stealer training material (left) and his iCloud account. (Source: DOJ) The United States Department of Justice has unveiled a significant legal…

Read MoreRussian National Indicted by U.S. for Creating Redline Infostealer