Lazarus hackers deploy ransomware, steal data using MATA malware

Posted by & filed under Ειδοποιήσεις.

A recently discovered malware framework known as MATA and linked to the North Korean-backed hacking group known as Lazarus was used in attacks targeting corporate entities from multiple countries since April 2018 for ransomware deployment and data theft. Among the targeted countries, security researchers with Kaspersky Lab’s Global Research and Analysis Team (GReAT) who spotted MATA mentioned Poland,… Read more »

Emotet botnet is now heavily spreading QakBot malware

Posted by & filed under Ειδοποιήσεις.

Researchers tracking Emotet botnet noticed that the malware started to push QakBot banking trojan at an unusually high rate, replacing the longtime TrickBot payload. Last week, Emotet came back to life after a break of more than five months. Starting yesterday, the malspam operation briefly began installing TrickBot on compromised Windows systems again. Things changed today when researchers… Read more »

Chinese malware used in attacks against Australian orgs

Posted by & filed under Ειδοποιήσεις.

The Australian government released an advisory late last week about increased cyber activity from a state actor against networks belonging to its agencies and companies in the country. Behind the attack is a “sophisticated” adversary that relies on slightly modified proof-of-concept exploit code for yesteryear vulnerabilities, the government says. An unofficial blame finger points to… Read more »

Gamaredon hackers use Outlook macros to spread malware to contacts

Posted by & filed under Ειδοποιήσεις.

New tools attributed to the Russia-linked Gamaredon hacker group include a module for Microsoft Outlook that creates custom emails with malicious documents and sends them to a victim’s contacts. The threat actor disables protections for running macro scripts in Outlook and to plant the source file for the spearphishing attacks that spread malware to other… Read more »

Russian Cyber-Spies use Gmail to control updated ComRAT Malware

Posted by & filed under Ειδοποιήσεις.

ESET security researchers have discovered a new version of the ComRAT backdoor controlled using the Gmail web interface and used by the state-backed Russian hacker group Turla for harvesting and stealing in attacks against governmental institutions. Using Gmail for command-and-control purposes fits right in with other exploits of the Russian-speaking Turla group (also tracked as Waterbug, Snake, or VENOMOUS BEAR)… Read more »