WhatsApp compromise leads to Astaroth deployment
Another campaign targeting WhatsApp users in Brazil spreads like a worm and employs multiple payloads for credential theft, session hijacking, and persistence
Similar Posts
Cybercriminals Use Fake Apps to Steal Data and Blackmail Users Across Asia’s Mobile Networks
Bys sCybersecurity researchers have discovered a new, large-scale mobile malware campaign that’s targeting Android and iOS platforms with fake dating, social networking, cloud storage, and car service apps to steal sensitive personal data. The cross-platform threat has been codenamed SarangTrap by Zimperium zLabs. Users in South Korea appear to be the primary focus. “This extensive campaign…
Six Android Malware Families Target Pix Payments, Banking Apps, and Crypto Wallets
Bys sCybersecurity researchers have discovered half-a-dozen new Android malware families that come with capabilities to steal data from compromised devices and conduct financial fraud. The Android malware range from traditional banking trojans like PixRevolution, TaxiSpy RAT, BeatBanker, Mirax, and Oblivion RAT to full-fledged remote administration tools such as SURXRAT. PixRevolution, according to
Patients left in the dark months almost a year after criminals leaked sensitive medical data from Synnovis
Bys sAlexander Martin reports: More than 11 months after a ransomware group published information from a U.K. pathology services company, the affected patients still have not been informed about what data of theirs was exposed in the incident, with material about sexually transmitted infections and cancer cases being included in the leaks. The data was compromised…
FunkSec Ransomware Decryptor Released Free to Public After Group Goes Dormant
Bys sCybersecurity experts have released a decryptor for a ransomware strain called FunkSec, allowing victims to recover access to their files for free. “Because the ransomware is now considered dead, we released the decryptor for public download,” Gen Digital researcher Ladislav Zezula said. FunkSec, which emerged towards the end of 2024, has claimed 172 victims, according…
Hackers Claim To Have Compromised Data Broker Used By U.S. Government To Dodge Warrants
Bys sOver on TechDirt, Karl Bode writes: Gravy Analytics, the parent company of Venntel, is like many dodgy data brokers. The company gleans vast troves of sensitive U.S. behavior and location cellphone data, then generally sells access to that data to a long line of folks. Including the U.S. government, which has increasingly turned to buying…
SEC and SolarWinds Seek Settlement in Securities Fraud Case
Bys sHunton Andrews Kurth writes: In a surprising development in the US Securities and Exchange Commission’s (“SEC’s”) ongoing securities fraud case against SolarWinds Corp. (“SolarWinds”) and its former chief information security officer (“CISO”), Timothy Brown, all three parties have petitioned the judge for a stay pending final settlement. Until the SEC’s four commissioners can vote to…