Tag Malware

South Korea Faces Android Trojan Threats, Malware in Gaming Apps, and DDoS Assaults

Oct 25, 2013

Last Tuesday, the National Police Agency of South Korea issued a warning about the proliferation of malware-infected video games available in the South Korean market, designed to facilitate cyberattacks against the country. This malware collects users’ location data and IP addresses, reportedly transmitting the information to servers based in North Korea.

Today, AhnLab, South Korea’s leading antivirus company, confirmed that they have detected distributed denial-of-service (DDoS) attacks targeting the websites of local businesses. The report indicates that approximately 16 websites belonging to 13 companies, including Daum, MSN, and the JoongAng Ilbo newspaper, have been affected. AhnLab noted that around 10,000 computers were compromised, primarily due to the failure to install or update antivirus programs since the last cyberattack in July. The attack was first identified around 4:00 p.m. on Thursday, impacting roughly 10,000 systems.

South Korea Faces Cyber Threats: Android Trojan, Malware in Gaming Apps, and DDoS Attacks On October 25, 2013, South Korea’s National Police Agency issued a stark warning regarding an alarming emergence of malware-laden video games infiltrating local markets. These applications are believed to serve as conduits for orchestrated cyber attacks…

Read More

South Korea Faces Android Trojan Threats, Malware in Gaming Apps, and DDoS Assaults

Oct 25, 2013

Last Tuesday, the National Police Agency of South Korea issued a warning about the proliferation of malware-infected video games available in the South Korean market, designed to facilitate cyberattacks against the country. This malware collects users’ location data and IP addresses, reportedly transmitting the information to servers based in North Korea.

Today, AhnLab, South Korea’s leading antivirus company, confirmed that they have detected distributed denial-of-service (DDoS) attacks targeting the websites of local businesses. The report indicates that approximately 16 websites belonging to 13 companies, including Daum, MSN, and the JoongAng Ilbo newspaper, have been affected. AhnLab noted that around 10,000 computers were compromised, primarily due to the failure to install or update antivirus programs since the last cyberattack in July. The attack was first identified around 4:00 p.m. on Thursday, impacting roughly 10,000 systems.

Finland’s Foreign Ministry Networks Compromised in Sophisticated Malware Attack

November 1, 2013

Finnish broadcaster MTV3 reports that the Ministry of Foreign Affairs of Finland has been the target of a prolonged cyber espionage operation lasting four years. The country’s foreign minister confirmed a significant hacking incident within the ministry’s data network. The attack involved advanced malware, reportedly more sophisticated than the notorious Red October, aimed at intercepting communications between Finland and the European Union. Discovery of the breach occurred earlier this year, following a foreign notification to CERT-FI, rather than through Finnish investigative efforts. Authorities have kept the details confidential while continuing forensic analysis, revealing that low-level classified information may have been compromised. In January 2013, previous reporting covered the Red October cyber-espionage operation, which affected various entities.

Finland’s Ministry of Foreign Affairs Targeted in Prolonged Malware Attack In a significant cybersecurity incident, the Finnish Ministry of Foreign Affairs has fallen victim to a sophisticated malware intrusion, part of an extensive four-year cyber espionage campaign. Reports from Finnish commercial broadcaster MTV3 indicate that the breach, which involved the…

Read More

Finland’s Foreign Ministry Networks Compromised in Sophisticated Malware Attack

November 1, 2013

Finnish broadcaster MTV3 reports that the Ministry of Foreign Affairs of Finland has been the target of a prolonged cyber espionage operation lasting four years. The country’s foreign minister confirmed a significant hacking incident within the ministry’s data network. The attack involved advanced malware, reportedly more sophisticated than the notorious Red October, aimed at intercepting communications between Finland and the European Union. Discovery of the breach occurred earlier this year, following a foreign notification to CERT-FI, rather than through Finnish investigative efforts. Authorities have kept the details confidential while continuing forensic analysis, revealing that low-level classified information may have been compromised. In January 2013, previous reporting covered the Red October cyber-espionage operation, which affected various entities.

NSA Compromised Over 50,000 Computer Networks with Malware

November 23, 2013

The NSA possesses the capability to track “anyone, anywhere, anytime.” In September, we reported on how the agency, along with GCHQ, used LinkedIn and Slashdot to implant malware targeting engineers at Belgacom, the largest telecom company. Recently, a Dutch newspaper unveiled a new secret document from the NSA, disclosed by former intelligence employee Edward Snowden. This document reveals that the NSA has infiltrated over 50,000 computer networks globally with malware intended for stealing sensitive information. A slide from a 2012 NSA management presentation illustrates a world map pinpointing these targeted locations. The agency employs a method called “Computer Network Exploitation” (CNE), which allows for covert malware installation in computer systems. This malware can be remotely controlled, activated, and deactivated at will. According to the NSA’s own website, CNE encompasses actions that facilitate intelligence collection by exploiting data gathered through computer networks.

NSA Compromises Over 50,000 Computer Networks with Malware November 23, 2013 A recent revelation from a Dutch newspaper, stemming from documents leaked by former NSA contractor Edward Snowden, indicates that the National Security Agency (NSA) has successfully infiltrated more than 50,000 computer networks globally. This significant breach involves sophisticated malware…

Read More

NSA Compromised Over 50,000 Computer Networks with Malware

November 23, 2013

The NSA possesses the capability to track “anyone, anywhere, anytime.” In September, we reported on how the agency, along with GCHQ, used LinkedIn and Slashdot to implant malware targeting engineers at Belgacom, the largest telecom company. Recently, a Dutch newspaper unveiled a new secret document from the NSA, disclosed by former intelligence employee Edward Snowden. This document reveals that the NSA has infiltrated over 50,000 computer networks globally with malware intended for stealing sensitive information. A slide from a 2012 NSA management presentation illustrates a world map pinpointing these targeted locations. The agency employs a method called “Computer Network Exploitation” (CNE), which allows for covert malware installation in computer systems. This malware can be remotely controlled, activated, and deactivated at will. According to the NSA’s own website, CNE encompasses actions that facilitate intelligence collection by exploiting data gathered through computer networks.

Malware Leverages Inaudible Audio Signals to Transfer Stolen Data

Dec 03, 2013

If you believe that a computer completely isolated from networks, without USB drives or any electronic connections, is safe from hackers and malware, you might want to reconsider. Recent developments reveal that German scientists have created a proof-of-concept malware prototype capable of infecting computers and digital devices using inaudible audio signals. This method of bridging an air gap presents a formidable threat. Imagine a cyberattack utilizing high-frequency sound waves to not only infect machines but also to transmit stolen data back to the attacker without any network connection—it’s a chilling prospect. Recently, security researcher Dragos Ruiu suggested that malware known as badBIOS enabled infected devices to communicate solely through sound waves, effectively bypassing physical disconnections from networks.

New Malware Exploits Inaudible Audio Signals to Exfiltrate Data On December 3, 2013, researchers revealed a groundbreaking malware prototype capable of transferring stolen data via inaudible audio signals, challenging prevailing assumptions about the security of isolated digital systems. Traditionally, the belief is that computers disconnected from networks and devoid of…

Read More

Malware Leverages Inaudible Audio Signals to Transfer Stolen Data

Dec 03, 2013

If you believe that a computer completely isolated from networks, without USB drives or any electronic connections, is safe from hackers and malware, you might want to reconsider. Recent developments reveal that German scientists have created a proof-of-concept malware prototype capable of infecting computers and digital devices using inaudible audio signals. This method of bridging an air gap presents a formidable threat. Imagine a cyberattack utilizing high-frequency sound waves to not only infect machines but also to transmit stolen data back to the attacker without any network connection—it’s a chilling prospect. Recently, security researcher Dragos Ruiu suggested that malware known as badBIOS enabled infected devices to communicate solely through sound waves, effectively bypassing physical disconnections from networks.

StoneDrill Disk Wiping Malware Discovered Targeting European Industries

A newly identified disk-wiping malware known as StoneDrill has emerged, targeting a petroleum company in Europe. This malware bears similarities to the infamous Shamoon, which notoriously deleted data from 35,000 computers at Saudi Arabia’s national oil company back in 2012. Disk-wiping malware like StoneDrill can inflict severe damage on organizations…

Read MoreStoneDrill Disk Wiping Malware Discovered Targeting European Industries

Email Scam Broadly Targets GitHub Developers Using Dimnie Trojan

Open source developers utilizing GitHub have been alerted to a phishing email campaign aimed at infecting their systems with a sophisticated malware trojan known as Dimnie. This malicious software is designed to perform reconnaissance and espionage, enabling attackers to steal login credentials, download confidential files, capture screenshots, log keystrokes on…

Read MoreEmail Scam Broadly Targets GitHub Developers Using Dimnie Trojan

WikiLeaks Unveils ‘Marble’ Source Code Exploited by CIA to Implicate Russia and China

WikiLeaks Exposes CIA’s Marble Framework to Obscure Malware Origins In a groundbreaking revelation, WikiLeaks has unveiled hundreds of classified documents from its Vault 7 series, detailing the CIA’s capabilities for concealing its cyber operations. Among the newly released files is a component called “Marble,” which allegedly enables the agency to…

Read MoreWikiLeaks Unveils ‘Marble’ Source Code Exploited by CIA to Implicate Russia and China

Chinese Hackers Breach U.S. Trade Group Before Trump-Xi Trade Summit

Researchers have identified a Chinese cyber-espionage campaign targeting the United States ahead of the upcoming trade summit between President Donald Trump and President Xi Jinping. The findings, detailed in a report released by Fidelis Cybersecurity, reveal that the Chinese APT10 hacking group infiltrated the “Events” page of the U.S. National…

Read MoreChinese Hackers Breach U.S. Trade Group Before Trump-Xi Trade Summit

To Safeguard Your Devices, A Hacker Aims to Beat the Competition by Hacking You First

Recent reports highlight a controversial trend in cybersecurity involving a figure dubbed a ‘vigilante hacker.’ This individual is reportedly infiltrating IoT devices deemed vulnerable with the purported intent of securing them. However, unauthorized access to systems not owned by oneself is illegal, regardless of the motivation behind it. This phenomenon…

Read MoreTo Safeguard Your Devices, A Hacker Aims to Beat the Competition by Hacking You First