News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Tag: Trojans

15 years of Qakbot – a review
March 17, 2024
| No comments
| PR News
15 years of Qakbot – a review

Qakbot (aka QBot or Pinkslipbot) is a Trojan with a 15-year evolutionary history. From its origins as a banking Trojan, it continued to evolve into malware, which is now used for lateral distribution in a network and the deployment of ransomware. After being broken up by law enforcement authorities in August 2023, the 5th version of Qakbot was released a few months later. Zscaler analyzed the transformation of a resilient, persistent and innovative malware. Recently, the security researchers discovered that the threat actors have updated their code base to support 64-bit versions of Windows. In addition,…

Read more

2023: over 400.000 new malicious files per day
15 December 2023
| No comments
| Short news
Kaspersky_news

It's just one manufacturer that's on the lookout for new malware around the clock: Kaspersky discovered an average of 2023 new malicious files per day in 411.000; this corresponds to an increase of almost three percent compared to the previous year. More than half (53 percent) of attacks involved malicious Microsoft Office and other types of documents. There has also been a significant increase in backdoor Trojans that can control infected systems - 40.000 discoveries were made every day this year. Kaspersky security solutions discovered an average of 2023 new malicious...

Read more

Even Apple hardware isn't secure per se
September 5, 2023
| No comments
| Bitdefender, Short news
Bitdefender_News

Bitdefender Labs has evaluated global data on the threat level for macOS systems: Apple hardware is also a target for hackers. The results of the 2022 global telemetry numbers show that Apple hardware is targeted by cybercriminals, although to a lesser extent than Windows devices. The more widely used Windows or Android devices are more attractive to hackers. The results show: macOS hardware is not inherently secure. Top risks included Trojans at 51,8%, Potentially Unwanted Applications (PUA) at 25,3% and adware at 22,6%. 18 percent of all attacks...

Read more

Threat Report: Decoy Dog Trojan targets businesses
August 25, 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Decoy Dog is anything but an ordinary Trojan. After his discovery in April 2023, he again changed his malware tactics. The hackers took action to continue maintaining access to already compromised devices. The attacker can be safely outmaneuvered via DNS recognition algorithms. The second Infoblox Threat Report on the Decoy Dog Trojan includes extensive updates. Decoy Dog is a Remote Access Trojan (RAT) discovered in April 2023. This malware uses the Domain Name System (DNS) to establish command-and-control (C2) communication and is suspected of…

Read more

New Trojan Pikabot
June 9, 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

The malicious backdoor Pikabot is modular, with a loader and a core component that implements most of the functionality. A number of anti-analysis techniques are employed, making it difficult to detect malicious activity. The analysis found a similarity to Qakbot in terms of distribution mode, campaigns, and malware behavior, with no indication of whether they are the same malware authors. It is capable of receiving commands from a command-and-control server, which injects any shellcode, DLL, or executable file. Malicious Functionality After…

Read more

3CX: 3CX Desktop App Security Incident Results
17 April 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

3XC, the provider of the popular Phone System VOIP/PBX software, had an issue with a trojanized version of the 3CX desktop app. With 600.000 customers in 190 countries waiting for answers, 3CX employed specialist Mandiant as the investigation team for the forensic analysis. Now the first findings are available that it is probably a North Korean APT group. Based on Mandiant's previous investigation into the 3CX intrusion and supply chain attack, they assign the activity to a cluster called UNC4736. Mandiant believes with a high degree of certainty that UNC4736 has a North Korean connection. Windows-based malware client…

Read more

Infected version of VoIP program 3CX delivers backdoor
5 April 2023
| No comments
| Short news
Kaspersky_news

Kaspersky experts analyzed the supply chain attack carried out via the popular VoIP program 3CXDesktopApp and installed an infostealer or backdoor. During the analysis, they found a suspicious dynamic link library (DLL) on one computer, which was loaded into the infected 3CXDesktopApp.exe process. Kaspersky experts launched an investigation into a case related to this DLL on March 21, about a week before the discovery of the supply chain attack. This DLL was used in deployments of the "Gopuram" backdoor and has been observed by Kaspersky since 2020....

Read more

3CX Desktop App infected
3 April 2023
| No comments
| Stories
3CX desktop infected

Security researchers discovered a fraudulent counterfeit of the popular software 3CX Desktop including malware or Trojan, a telephony system based on open standards. You can use it to make calls directly on the desktop with a headset. The Trojan version now discovered contains a malicious DLL file that replaces an original file that comes bundled with the benign version of the application. When the fake application is loaded, the signed 3CX DesktopApp executes the malicious DLL as part of its predefined execution procedure. In this way, the harmless, popular VoIP application turned into a full-fledged malware that connects to third-party servers...

Read more

VOIP/PBX software 3CX abused for sideloading attack
March 31, 2023
| No comments
| Short news, Sophos
SophosNews

A trojanized version of the popular phone system VOIP/PBX software 3CX is currently making headlines. The business phone system is used by companies in 190 countries worldwide. An installation program including a Trojan is foisted on Windows users via a DLL sideloading attack. The attack appears to have been a supply chain attack, which allowed attackers to add a desktop application installer that ultimately sideloaded a malicious, encrypted payload via a DLL. Phone system secretly attacked Mat Gangwer, VP Managed Threat Response at Sophos on the current situation: "The attackers managed to manipulate the application to create a...

Read more

Emotet on the move in a new dangerous variant
March 12, 2023
| No comments
| PR News
Emotet on the move in a new dangerous variant

After months of deceptive silence, a new dangerous variant of the Emotet Trojan has now been discovered. Hornetsecurity's Security Lab discovered it and warns against it. The new variant relies on large files that have been extremely packed to avoid fast scans. The dangerous Emotet malware is back. After almost three months of silence, the Security Lab, Hornetsecurity's in-house security laboratory, has discovered a new variant of the Trojan. The latest version of Emotet uses very large files to bypass security scans and infiltrate IT systems. Security software often only scans the…

Read more

© 2024 MedPressIT GbR
Cookie Settings