Lumma Stealer, nefarious info-stealing malware, resurfaces in the cyber threat arena. Defenders recently uncovered an advanced adversary campaign distributing Lumma Stealer through GitHub infrastructure along with other malware variants, including SectopRAT, Vidar, and Cobeacon. Detect Lumma Stealer, SectopRAT, Vidar, Cobeacon Deployed via GitHub Lumma Stealer is a notorious data-stealing malware that extracts credentials, cryptocurrency wallets, […]
Financially motivated hackers are behind an ongoing malicious campaign targeting Poland and Germany. These phishing attacks aim to deploy multiple payloads, including Agent Tesla, Snake Keylogger, and a novel backdoor dubbed TorNet, which is delivered via PureCrypter malware. Detect TorNet Backdoor A significant rise in phishing campaigns, with a 202% increase in phishing messages over […]
New year, new menaces for cyber defenders. Cybersecurity researchers have uncovered a novel variant of the notorious Banshee Stealer, which is increasingly targeting Apple users worldwide. This stealthy infostealer malware employs advanced evasion techniques, successfully slipping past detection by leveraging string encryption from Apple’s XProtect antivirus engine. Going exclusively after macOS users, Banshee is capable […]
Hot on the heels of the re-emergence of a more advanced NonEuclid RAT variant in the cyber threat arena, a novel malware iteration known as the Eagerbee backdoor poses an increasing threat to organizations in the Middle East, primarily targeting Internet Service Providers (ISPs) and state agencies. The enhanced EAGERBEE backdoor variant can deploy payloads, […]
The modern-day cyber threat landscape is marked by the rise in malware variants that give attackers the green light to gain complete remote control over targeted systems, such as a nefarious Remcos RAT spread via a phishing attack vector. At the turn of January 2025, defenders unveiled an emerging stealthy malware dubbed NonEuclid RAT, which […]
Security experts have uncovered a novel Strela Stealer campaign, which leverages a new iteration of email credential-stealing malware. In this campaign, the updated malware version is enriched with enhanced functionality and is now capable of gathering system configuration data via the “system info” utility. Moreover, Strela Stealer expanded its targets beyond Spain, Italy, and Germany […]
Hard on the heels of the cyber-espionage campaign by UAC-0099 via the phishing attack vector, another hacking collective has evolved in the cyber threat arena to target Ukrainian organizations. CERT-UA notifies defenders about the discovery of fake websites that mimic the official page of the “Army+” application and are hosted using the Cloudflare Workers service. […]
Researchers have uncovered a new malicious campaign using voice phishing (vishing) to spread the DarkGate malware. In this attack, adversaries masqueraded themselves as the known client on a Microsoft Teams call, tricking the victims into downloading AnyDesk for remote access and further deploying malware. Detect DarkGate Malware Attacks In the early summer of 2024, the […]
The UAC-0099 hacking collective, which has been launching targeted cyber-espionage attacks against Ukraine since the second half of 2022, resurfaces in the cyber threat arena. The CERT-UA team has observed a spike in the group’s malicious activity throughout November-December 2024 against Ukrainian government entities using the phishing attack vector and spreading LONEPAGE malware. Detect UAC-0099 […]
Since russia launched its full-scale invasion of Ukraine, defense organizations have been heavily targeted by multiple hacking groups via the phishing attack vector. CERT-UA researchers recently shed light on the latest attacks by UAC-0185 (aka UNC4221) targeting Ukrainian organizations within the defense-industrial sector. The new CERT-UA alert covers cyber attacks using email spoofing and masquerading […]