Tag Archives: backdoors

Russia takes unusual route to hack Starlink-connected devices in Ukraine

“Microsoft assesses that Secret Blizzard either used the Amadey malware as a service (MaaS) or accessed the Amadey command-and-control (C2) panels surreptitiously to download a PowerShell dropper on target devices,” Microsoft said. “The PowerShell dropper contained a Base64-encoded Amadey payload appended by code that invoked a request to Secret Blizzard C2 infrastructure.” The ultimate objective… Read More »

1.3 million Android-based TV boxes backdoored; researchers still don’t know how

Getty Images reader comments 20 Researchers still don’t know the cause of a recently discovered malware infection affecting almost 1.3 million streaming devices running an open source version of Android in almost 200 countries. Security firm Doctor Web reported Thursday that malware named Android.Vo1d has backdoored the Android-based boxes by putting malicious components in their… Read More »

Here’s how carefully concealed backdoor in fake AWS files escaped mainstream notice

reader comments 20 Researchers have determined that two fake AWS packages downloaded hundreds of times from the open source NPM JavaScript repository contained carefully concealed code that backdoored developers’ computers when executed. The packages—img-aws-s3-object-multipart-copy and legacyaws-s3-object-multipart-copy—were attempts to appear as aws-s3-object-multipart-copy, a legitimate JavaScript library for copying files using Amazon’s S3 cloud service. The fake… Read More »

Backdoor slipped into multiple WordPress plugins in ongoing supply-chain attack

reader comments 18 WordPress plugins running on as many as 36,000 websites have been backdoored in a supply-chain attack with unknown origins, security researchers said on Monday. So far, five plugins are known to be affected in the campaign, which was active as recently as Monday morning, researchers from security firm Wordfence reported. Over the… Read More »

Crooks plant backdoor in software used by courtrooms around the world

reader comments 12 A software maker serving more than 10,000 courtrooms throughout the world hosted an application update containing a hidden backdoor that maintained persistent communication with a malicious website, researchers reported Thursday, in the latest episode of a supply-chain attack. The software, known as the JAVS Viewer 8, is a component of the JAVS… Read More »

Hackers infect users of antivirus service that delivered updates over HTTP

Getty Images reader comments 16 Hackers abused an antivirus service for five years in order to infect end users with malware. The attack worked because the service delivered updates over HTTP, a protocol vulnerable to attacks that corrupt or tamper with data as it travels over the Internet. The unknown hackers, who may have ties… Read More »

What we know about the xz Utils backdoor that almost infected the world

Enlarge / Malware Detected Warning Screen with abstract binary code 3d digital concept Getty Images reader comments 57 On Friday, a lone Microsoft developer rocked the world when he revealed a backdoor had been intentionally planted in xz Utils, an open-source data compression utility available on almost all installations of Linux and other Unix-like operating… Read More »

Backdoor found in widely used Linux utility breaks encrypted SSH connections

Enlarge / Internet Backdoor in a string of binary code in a shape of an eye. Getty Images reader comments 93 Researchers have found a malicious backdoor in a compression tool that made its way into widely used Linux distributions, including those from Red Hat and Debian. The compression utility, known as xz Utils, introduced… Read More »

Backdoored firmware lets China state hackers control routers with “magic packets”

Getty Images reader comments 36 with Hackers backed by the Chinese government are planting malware into routers that provides long-lasting and undetectable backdoor access to the networks of multinational companies in the US and Japan, governments in both countries said Wednesday. The hacking group, tracked under names including BlackTech, Palmerworm, Temp.Overboard, Circuit Panda, and Radio… Read More »

Researchers unearth Windows backdoor that’s unusually stealthy

reader comments 12 with Share this story Researchers have discovered a clever piece of malware that stealthily exfiltrates data and executes malicious code from Windows systems by abusing a feature in Microsoft Internet Information Services (IIS). IIS is a general-purpose web server that runs on Windows devices. As a web server, it accepts requests from… Read More »