Tag

Malware As A Service

All articles tagged with #malware as a service

cybersecurity2 years ago•2 min saved

Skype accounts compromised, DarkGate malware spreads rapidly

DarkGate malware has been spreading through compromised Skype accounts, with attackers using VBA loader script attachments to infect targets. The malware operators have also attempted to push their payload through Microsoft Teams. DarkGate has become increasingly popular among cybercriminals for initial access into corporate networks, offering a range of features and posing various threats, including ransomware and cryptomining. This surge in DarkGate activity highlights the growing influence of this malware-as-a-service operation and the determination of threat actors to adapt their tactics despite disruptions.

via BleepingComputer|

#cybersecurity #darkgate-malware #malware-as-a-service

cybersecurity2 years ago•3 min saved

Rising Threat: ASMCrypt Malware Loader Exploits Cybercrime Underground

BunnyLoader, a new malware-as-a-service (MaaS) threat, has been discovered in the cybercrime underground. It offers various functionalities such as downloading and executing payloads, stealing browser credentials, and running remote commands. BunnyLoader incorporates anti-sandbox and antivirus evasion techniques and has a fileless loading feature. The malware sets up persistence via a Windows Registry change and performs sandbox and virtual machine checks before activating its malicious behavior. It includes tasks for downloading and executing next-stage malware, running keyloggers and stealers, and redirecting cryptocurrency payments. BunnyLoader is continuously evolving and adding new features to carry out successful campaigns. This discovery follows the emergence of other information stealer malware strains, such as Agniane Stealer and The-Murk-Stealer.

via The Hacker News|

#bunnyloader #cybercrime #cybersecurity

mobile-security-banking2 years ago•2 min saved

Nexus Android Trojan Targets 450 Financial Apps and Bank Accounts.

Nexus is a new Android banking trojan that has already been used by several threat actors to target 450 financial applications and conduct fraud. The malware is advertised as a subscription service for a monthly fee of $3,000 and contains features to take over accounts related to banking and cryptocurrency services. It is capable of stealing credentials, intercepting SMS messages, and reading two-factor authentication codes. The malware overlaps with another banking trojan called SOVA and incorporates a ransomware module. The Nexus authors have laid out explicit rules that prohibit the use of its malware in certain countries.

via The Hacker News|

#android #banking-trojan #cybersecurity