Attacks spreading the credential- and cryptocurrency wallet asset-stealing BeaverTail malware variant that delivers that information-stealing Python-based InvisibleFerret backdoor were initially conducted by Lazarus Group via fake job offers that dupe targets into executing a malicious Node.js project.
Combine the financial sector’s high online usage and need to make speedy decisions and it’s easy to understand why hackers use file-sharing services to prey on this vertical.
Median Bitcoin ATM fraud losses between January and June totaled $10,000, with losses over three times more likely to be reported by seniors, compared with younger adults.
After identifying cryptocurrency and decentralized firms that could be compromised, North Korean hackers target employees with investment or employment lures under the guise of known contacts.
Threat actors distributed phishing emails with malicious ZIP files containing a Word-spoofing LNK file purporting to be a list of individuals who committed remote control software regulation violations, which facilitates the deployment of a Microsoft binary and a DLL file concealing Cobalt Strike.
Attackers who spoofed U.S., European, and Asian tax agencies distributed more than 20,000 phishing emails purporting to have updated tax information and links, which when clicked redirect to a search-ms URI file triggering a Python script that displays a decoy PDF while DLL side-loading Voldemort.
Attacks commenced with the delivery of emails redirecting to sway[.]cloud[.]microsoft domain-hosted phishing pages that lured targets into scanning QR codes with their less secure mobile devices, which would facilitate further malicious activity.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
