Malware

A simple exploit causes AVs to treat compressed data as uncompressed bytes.

Android users in Brazil have been targeted with the new BeatBanker malware, which is distributed in the form of a fake Starlink app on bogus Google Play Store sites and features both banking trojan and cryptocurrency mining capabilities, reports BleepingComputer.

Over 250 WordPress sites around the world, including those of small businesses, regional media organizations, and a U.S.

KadNap operates as a peer-to-peer network, utilizing a custom version of the Kademlia Distributed Hash Table (DHT) protocol to communicate with its command-and-control (C2) infrastructure.

Malware collects info about the OS, user accounts, and host configurations.

Newly emergent Linux malware ClipXDaemon could facilitate the clandestine takeover of cryptocurrency clipboard data in X11 sessions, resulting in the real-time replacement of copied cryptowallet addresses with attacker-controlled addresses without the need for command-and-control infrastructure, reports The Cyber Express.

Novel A0Backdoor spread in Teams phishing operation Intrusions involving the new A0Backdoor malware have been targeted at financial and healthcare entities as part of a new phishing campaign exploiting Microsoft Teams, according to BleepingComputer.

DarkCloud, advertised as surveillance software, focuses on extracting credentials and sensitive data from infected machines.