reader comments 21 A mysterious family of Android malware with a demonstrated history of effectively concealing its myriad spying activities has once again been found in Google Play after more than two years of hiding in plain sight. The apps, disguised as file-sharing, astronomy, and cryptocurrency apps, hosted Mandrake, a family of highly intrusive malware… Read More »
Getty Images reader comments 13 An international cast of law enforcement agencies has struck a blow at a cybercrime linchpin that’s as obscure as it is instrumental in the mass-infection of devices: so-called droppers, the sneaky software that’s used to install ransomware, spyware, and all manner of other malware. Europol said Wednesday it made four… Read More »
Getty Images reader comments 100 One day last October, subscribers to an ISP known as Windstream began flooding message boards with reports their routers had suddenly stopped working and remained unresponsive to reboots and all other attempts to revive them. “The routers now just sit there with a steady red light on the front,” one… Read More »
reader comments 2 Cybercriminals and spies working for nation-states are surreptitiously coexisting inside the same compromised name-brand routers as they use the devices to disguise attacks motivated both by financial gain and strategic espionage, researchers said. In some cases, the coexistence is peaceful, as financially motivated hackers provide spies with access to already compromised routers… Read More »
Enlarge / Supply-chain attacks, like the latest PyPI discovery, insert malicious code into seemingly functional software packages used by developers. They’re becoming increasingly common. Getty Images reader comments 32 PyPI, a vital repository for open source developers, temporarily halted new project creation and new user registration following an onslaught of package uploads that executed malicious… Read More »
Getty Images reader comments 11 Japan-based IT behemoth Fujitsu said it has discovered malware on its corporate network that may have allowed the people responsible to steal personal information from customers or other parties. “We confirmed the presence of malware on several of our company’s work computers, and as a result of an internal investigation,… Read More »
Getty Images reader comments 30 Code uploaded to AI developer platform Hugging Face covertly installed backdoors and other types of malware on end-user machines, researchers from security firm JFrog said Thursday in a report that’s a likely harbinger of what’s to come. In all, JFrog researchers said, they found roughly 100 submissions that performed hidden… Read More »
Enlarge / A Wi-Fi router. reader comments 35 The US Justice Department said Wednesday that the FBI surreptitiously sent commands to hundreds of infected small office and home office routers to remove malware China state-sponsored hackers were using to wage attacks on critical infrastructure. The routers—mainly Cisco and Netgear devices that had reached their end… Read More »
Getty Images reader comments 133 Ars Technica was recently used to serve second-stage malware in a campaign that used a never-before-seen attack chain to cleverly cover its tracks, researchers from security firm Mandiant reported Tuesday. A benign image of a pizza was uploaded to a third-party website and was then linked with a URL pasted… Read More »
reader comments 95 Researchers on Wednesday presented intriguing new findings surrounding an attack that over four years backdoored dozens if not thousands of iPhones, many of which belonged to employees of Moscow-based security firm Kaspersky. Chief among the discoveries: the unknown attackers were able to achieve an unprecedented level of access by exploiting a vulnerability… Read More »