After leveraging artificial intelligence to create a website establishing the app's legitimacy, threat actors proceeded to lure targets on Telegram into downloading the app to join a meeting regarding an investment opportunity, a report from Cado Security revealed.
Earth Minotaur leverages instant messaging apps to send messages with malicious links purporting to be Tibetan or Uyghur music and dance-related videos, which redirected to dozens of MOONSHINE exploit kit servers that would enable the download of a trojanized XWalk version, which later executes DarkNimbus, a report from Trend Micro showed.
Aside from luring children into providing sexually explicit photos of themselves, such methods have also been used to force youths into harming family members and animals, as well as committing suicide, an intelligence report from the Joint Regional Intelligence Center and the Central California Intelligence Center showed.
Deloitte, e-Tattoos, Web 3.0, Cp3o, Chemonics, IPv6, the Number 6, Chinese Emperors, Aaran Leyland, and More, on this edition of the Security Weekly News.
Malicious emails sent by Kimsuky using Mail.ru's "mail.ru", "bk.ru", "internet.ru", "list.ru", and "inbox.ru" domains impersonated financial organizations and web portals, which had been exploited in the group's attacks involving U.S., South Korean, and Japanese email address domains earlier this year, a report from South Korean cybersecurity firm Genians revealed.
Threat actors commenced attacks by distributing phishing emails with a malicious Microsoft Excel file, which leverages the CVE-2017-0199 and CVE-2017-11882 vulnerabilities to deliver the Ande Loader, according to an analysis from Fortinet FortiGuard Labs.