Zero-day detection hits for SnakeKeylogger reached hundreds, with the trojan attempting communications with numerous outside servers, according to an alert from Fortinet's FortiGuard Labs.
While most of the intrusions involved websites spoofing a leading e-commerce platform and power tools maker, as well as fake sales offers for widely used products, attackers also leveraged fake Facebook user comments to facilitate the scheme.
Threat actors leveraged smishing campaigns to deploy BingoMod in the guise of mobile security tools, such as APP Protection, AVG AntiVirus & Security, and WebSecurity.
New DEV#POPPER attacks involved the utilization of interview lures to developers aimed at distributing a ZIP archive file, which when executed triggers the BeaverTail malware.
Intrusions involved the delivery of phishing emails with malicious RAR or ISO attachments, with the former triggering direct DBatLoader execution and the latter obscuring a Windows batch script with a PEM-encoded certificate revocation list-masquerading DBatLoader executable.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
