2K Games accounts used for online games may have received unexpected messages from the helpdesk system claiming to be a response to a request. The messages look authentic, but conclude with a link to RedLine malware.
Attackers are becoming savvier, using search engine optimization (SEO) techniques to bump malicious links and malware to the top of users’ search engine results. Email, SMS, messaging apps, and social media are also commonly used to lure users.
Intel 471 researchers found that hackers leveraged messaging apps and their infrastructure to distribute malware, steal and store data, and deliver malicious payloads.
Security researchers discovered a “package planting” flaw that allows malware developers to add respected open-source contributors to malicious NPM packages without notification or approval.
Lazarus APT targets the employees of blockchain companies with fake job offers, tricking them into downloading trojanized apps that steal security keys and make fraudulent transactions.
US intelligence agencies have issued a public warning indicating that APT groups have developed a "mutli-tool" malware kit that targets a commonly used range of industrial control systems.
The operation disrupted Russian GRU control over infected devices by removing Cyclops Blink botnet malware from the infected WatchGuard Firebox devices used as command-and-control (C2) servers.
Recently discovered Spring4Shell vulnerability has been leveraged to spread Mirai botnet malware in recent attacks. Security researchers say that a recent campaign is focusing on organizations in Singapore.
The destructive malware that is currently being spread in Ukraine acts like ransomware in that it locks up target systems by encrypting key files, but there is no payment option.
Botnet discovered by Chinese researchers introduced a backdoor and a web shell on compromised AT&T VoIP servers, mostly in the US, for DDoS attacks and data exfiltration.
