In an email, Aikido researcher Charlie Eriksen said the canister was taken down Sunday night and is no longer available. “It wasn’t as reliable/untouchable as they expected,” Eriksen wrote. “But for a while, it would have wiped systems if infected.” Like previous TeamPCP malware, CanisterWorm, as Aikido has named the malware, targets organizations’ CI/CD pipelines… Read More »
Researchers say they have uncovered a takedown-resistant botnet of 14,000 routers and other network devices—primarily made by Asus—that have been conscripted into a proxy network that anonymously carries traffic used for cybercrime. The malware—dubbed KadNap—takes hold by exploiting vulnerabilities that have gone unpatched by their owners, Chris Formosa, a researcher at security firm Lumen’s Black… Read More »
Last May, law enforcement authorities around the world scored a key win when they hobbled the infrastructure of Lumma, an infostealer that infected nearly 395,000 Windows computers over just a two-month span leading up to the international operation. Researchers said Wednesday that Lumma is once again “back at scale” in hard-to-detect attacks that pilfer credentials… Read More »
Open source packages published on the npm and PyPI repositories were laced with code that stole wallet credentials from dYdX developers and backend systems and, in some cases, backdoored devices, researchers said. “Every application using the compromised npm versions is at risk ….” the researchers, from security firm Socket, said Friday. “Direct impact includes complete… Read More »
Researchers have discovered a never-before-seen framework that infects Linux machines with a wide assortment of modules that are notable for the range of advanced capabilities they provide to attackers. The framework, referred to as VoidLink by its source code, features more than 30 modules that can be used to customize capabilities to meet attackers’ needs… Read More »
The goals are sound, but ultimately they depend on users reading the dialog windows that warn of the risks and require careful approval before proceeding. That, in turn, diminishes the value of the protection for many users. “The usual caveat applies to such mechanisms that rely on users clicking through a permission prompt,” Earlence Fernandes,… Read More »
Another campaign, documented by Sekoia, targeted Windows users. The attackers behind it first compromise a hotel’s account for Booking.com or another online travel service. Using the information stored in the compromised accounts, the attackers contact people with pending reservations, an ability that builds immediate trust with many targets, who are eager to comply with instructions,… Read More »
One of the world’s most ruthless and advanced hacking groups, the Russian state-controlled Sandworm, launched a series of destructive cyberattacks in the country’s ongoing war against neighboring Ukraine, researchers reported Thursday. In April, the group targeted a Ukrainian university with two wipers, a form of malware that aims to permanently destroy sensitive data and often… Read More »
The assessments provide a strong counterargument to the exaggerated narratives being trumpeted by AI companies, many seeking new rounds of venture funding, that AI-generated malware is widespread and part of a new paradigm that poses a current threat to traditional defenses. A typical example is Anthropic, which recently reported its discovery of a threat actor… Read More »
Creating or modifying smart contracts typically cost less than $2 per transaction, a huge savings in terms of funds and labor over more traditional methods for delivering malware. Layered on top of the EtherHiding Google observed was a social-engineering campaign that used recruiting for fake jobs to lure targets, many of whom were developers of… Read More »