Emotet now installs Cobalt Strike beacons

The researchers warn that Emotet now directly installs Cobalt Strike beacons on infected systems, providing immediate access to the network for attackers. Those can use it for lateral movement, which will greatly facilitate extortion attacks. Let me remind you that usually Emotet installs TrickBot or Qbot malware on the victim’s machines, and that one already… Continue reading Emotet now installs Cobalt Strike beacons

Google Stops Glupteba Botnet and Sues Two Russians

Google representatives said that they stopped the work of the Glupteba botnet: they deleted the accounts, and also disabled the servers and domains associated with it. In addition, the company has filed a lawsuit against the Russians Dmitry Starovikov and Alexander Filippov, which are accused of creating and operating a botnet. According to an expert… Continue reading Google Stops Glupteba Botnet and Sues Two Russians

Experts discovered ESPecter UEFI bootkit used for espionage

ESET experts discovered the previously unknown ESPecter UEFI bootkit, which was used for targeted attacks and espionage. So far, experts do not associate ESPecter with any specific hack groups or countries. UEFI attacks are the holy grail for hackers. After all, UEFI is loaded before the operating system and controls all processes at an “early… Continue reading Experts discovered ESPecter UEFI bootkit used for espionage

Malware developers increase use of the unusual programming languages

BlackBerry Research & Intelligence analysts have found that criminals are increasingly turning to unusual and exotic programming languages while working on malware, thus making it difficult to analyse their malware, reverse engineer it, and make it difficult for security tools that rely on signatures. According to the company, the talk is about about languages such… Continue reading Malware developers increase use of the unusual programming languages

Scammers distribute fake Windows 11 installers

Fraudsters explore curiosity about the release of Windows 11 to distribute fake OS installers stuffed with malware, adware and other threats, Kaspersky Lab reports. Despite the fact that the process of downloading and installing Windows 11 from the official Microsoft website is very simple and straightforward, the researchers say that many are still trying to… Continue reading Scammers distribute fake Windows 11 installers

Previously assessed as insignificant, DirtyMoe botnet infected over 100,000 Windows systems

The developers of the DirtyMoe botnet (which was assessed as insignificant) added to it a worm-like spreading module, after which the malware infected more than 100,000 Windows systems. The DirtyMoe botnet which allegedly runs from China, has grown exponentially over the past year. If in 2020 it consisted of 10 thousand infected systems, then in… Continue reading Previously assessed as insignificant, DirtyMoe botnet infected over 100,000 Windows systems

TeamTNT mining botnet infected over 50,000 systems in three months

Trend Micro warns that since March 2021, the TeamTNT mining botnet from the same-named group has successfully compromised more than 50,000 systems. The TeamTNT group has been active since at least April 2020 and started with attacks on incorrectly configured Docker installations, infecting them with miners and bots for DDoS attacks. Then it became known… Continue reading TeamTNT mining botnet infected over 50,000 systems in three months

Hackers infected the Android emulator NoxPlayer with malware

UPDATE: BigNox contacted us and said that they “contacted cybersecurity firm ESET to determine the root cause of the issue,” and at this point “fixed all issues.” ESET has released an update to the article stating that hackers have infected the android NoxPlayer emulator with malware, and we are also adding following information: “BigNox stated… Continue reading Hackers infected the Android emulator NoxPlayer with malware

What is the worst computer virus? Figuring out

worst computer virus

Worst computer virus – what is it? Seems that anyone who has ever been infected asks this question. And each user will think that his case was more severe than someone’s else. Is that true? And which virus is really the worst? It is important to mention that computer viruses are not only “viruses”. Nowadays,… Continue reading What is the worst computer virus? Figuring out

New T-RAT malware can be controlled via Telegram

G DATA’s specialists have published a report on the new T-RAT malware, which is being distributed for only $45. The main feature of the malware is that T-RAT allows controlling infected systems through the Telegram channel, and not through the web administration panel, as it is usually done. Malware creators claim that this provides faster… Continue reading New T-RAT malware can be controlled via Telegram