What’s in your notepad? Infected text editors target Chinese users – Source: securelist.com

Source: securelist.com – Author: Sergey Puzan “Malvertising” is a popular way of attracting victims to malicious sites: an advertisement block is placed at the top of the search results, increasing the likelihood of users clicking the link. Sites at the top of search...

HrServ – Previously unknown web shell used in APT attack – Source: securelist.com

Source: securelist.com – Author: Mert Degirmenci Introduction In the course of our routine investigation, we discovered a DLL file, identified as hrserv.dll, which is a previously unknown web shell exhibiting sophisticated features such as custom encoding methods for...

Ducktail fashion week – Source: securelist.com

Source: securelist.com – Author: AMR Ducktail is a malware family that has been active since the second half of 2021 and aims to steal Facebook business accounts. Kaspersky Daily Iran, WithSecure, and GridinSoft have all covered Ducktail attacks: the infostealer...

WhatsApp spy mod spreads through Telegram, attacks Arabic-speaking users – Source: securelist.com

Source: securelist.com – Author: Dmitry Kalinin It is not rare that users of popular instant messaging services find the official client apps to be lacking in functionality. To address that problem, third-party developers come up with mods that offer sought-after...

A cascade of compromise: unveiling Lazarus’ new campaign – Source: securelist.com

Source: securelist.com – Author: Seongsu Park APT reports APT reports 27 Oct 2023 minute read Earlier this year, a software vendor was compromised by the Lazarus malware delivered through unpatched legitimate software. What’s remarkable is that these software...

StripedFly: Perennially flying under the radar – Source: securelist.com

Source: securelist.com – Author: Sergey Belov, Vilen Kamalov, Sergey Lozhkin Introduction It’s just another cryptocurrency miner… Nobody would even suspect the mining malware was merely a mask, masquerading behind an intricate modular framework that supports both...