The malware, uploaded in mid-December from a machine within Venezuela, employs two batch scripts to weaken system defenses and disrupt operations before deploying the final payload, according to an analysis by Kaspersky.
HackRead reports that over a dozen malicious TikTok downloader extensions have allowed the clandestine compromise of more than 130,000 users' Google Chrome- and Microsoft Edge-stored data as part of the StealTok campaign, which has been underway for more than a year.
Crypto stealing wallet apps proliferate in Apple App Store More than two dozen Apple App Store apps spoofing well-known cryptocurrency wallets Coinbase, Metamask, OneKey, and Trust Wallet, have been leveraged to pilfer seed phrases and cryptocurrency assets from Chinese users as part of the FakeWallet attack campaign that has been linked to the ongoing SparkKitty operation, reports BleepingComputer.
GBHackers News reports that intrusions deploying the Gh0st RAT payload alongside the CloverPlus adware have been launched as part of a new malware campaign aimed at simultaneously generating immediate revenues and prolonging control of infected systems.
Organizations in multiple South American countries, Bosnia, Croatia, Greece, Slovenia, and Spain have had their Windows systems stealthily infected with the Formbook information-stealing malware in a pair of phishing campaigns, reports Infosecurity Magazine.
Attacks exploiting the cross-platform note-taking app Obsidian have been targeting individuals in the finance and cryptocurrency industries with malicious Windows and macOS payloads as part of the new REF6598 social engineering campaign, according to The Hacker News.
These malware families, named RecruitRat, SaferRat, Astrinox, and Massiv, employ various tactics like phishing and smishing to trick users into downloading malicious APK files.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
