Malwarebytes

New Go Loader Pushes Rhadamanthys Stealer

PuTTY is a very popular SSH and Telnet client for Windows used by IT admins for years. The threat actor bought an ad that claims to be the PuTTY homepage and appeared at the top of the Google search results page, right before the official website.

FakeBat Delivered via Several Active Malvertising Campaigns

The malvertising campaigns employed a new redirection chain, abusing legitimate websites to evade detection, with several campaigns impersonating brands such as OneNote, Epic Games, and the Braavos smart wallet application.

Malicious Meeting Invite Fix Targets Mac Users

Scammers impersonating cryptocurrency investors on Telegram are luring targets into fake partnership meetings, using AppleScripts to compromise Mac users and gain administrator permissions.

Massive Utility Scam Campaign Spreads via Online Ads

Scammers create multiple fraudulent domains and use scare tactics to pressure victims into making hasty decisions, such as disclosing personal details or making immediate payments.

Facebook Fatal Accident Scam Still Rages On

Cybercriminals are using legitimate services like googleapis.com to fingerprint users and redirect them to specific types of scams based on their analysis of the user's IP address, machine type, and VPN usage.

Nitrogen Shelling Malware From Hacked Sites

The threat actors behind the Nitrogen campaign prefer hosting their payloads on compromised WordPress sites and have a known connection to ransomware, making it a serious threat to businesses.

Malicious Ads for Restricted Messaging Applications Target Chinese Users

A campaign of malicious ads is targeting Chinese-speaking users with lures for popular messaging applications like Telegram and LINE, despite the fact that these apps are heavily restricted or banned in China.

Atomic Stealer Rings in the New Year With Updated Version

Atomic Stealer, a popular malware among criminals, has recently been updated with payload encryption to evade detection and has been distributed through malvertising campaigns and cracked software.

New MetaStealer Malvertising Campaigns Spotted

MetaStealer is a popular piece of malware that has been observed in recent malicious ad campaigns. The developers of MetaStealer have announced that they are releasing a new and improved version of the malware.

PikaBot Distributed via Malicious Search Ads

Threat actors are bypassing Google's security measures and using fingerprinting techniques to ensure successful execution of malicious downloads, pointing to a potential "malvertising as a service" model.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags