Malware

An attacker could distribute a malicious Skill that quietly retrieves external scripts.

Threat actor infiltrated devices via browser extensions, quietly making money for years until they finally were outed.

Malware has been spread in a recent update of the widely used open-source SmartTube YouTube client for Android TV after its developer's signing keys were compromised last week, reports BleepingComputer.

Windows systems are being targeted with the advanced KimJongRAT malware linked to North Korean state-sponsored advanced persistent threat operation Kimsuky via malicious HTA files, according to GBHackers News.

BleepingComputer reports that two dozen new VSCode packages on the Microsoft Visual Studio Marketplace and OpenVSX including prettier-vsc.vsce-prettier, clangdcode.clangd-vsce, flutcode.flutter-extension, bphpburn.icons-vscode, and yamlcode.yaml-vscode-extension have facilitated the distribution of the Glassworm malware in a third wave of attacks following the containment of initial infections.

Hybrid cryptocurrency mixing service Cryptomixer, which facilitated laundering of illicit proceeds from ransomware attacks and other criminal activities, has been dismantled by Swiss and German police as part of Operation Olympia between Nov. 24 and 28, reports BleepingComputer.

Threat operation Tomiris has harnessed more sophisticated techniques to stealthily compromise Russian and Central Asian government officials and diplomats since early this year, according to GBHackers News.

Total Android device hijacking sought by novel Albiriox malware Newly emergent Albiriox malware-as-a-service believed to have been managed by Russian-speaking threat actors has been targeting mobile banking and cryptocurrency apps, as well as facilitating total Android device takeovers, GBHackers News reports.