In a new strategic maneuver, HelloKitty is back with not just a new name but also new TTPs. The rebranded ransomware has already listed a few victims on its blog. Researchers observed a sudden spike in Androxgh0st malware activity; the botnet has amassed hundreds of servers. In other news, just a week after the FBI's warning, researchers discovered over 30 phishing websites impersonating E-ZPass. Read on for more.
01
The HelloKitty ransomware has rebranded itself as HelloGookie. The rebranding comes with new strategies, including engaging with potential victims through decryption key releases and a new blog.
02
Veriti Research identified a surge in attacks by the Androxgh0st malware family, with over 600 servers compromised in the U.S., India, and Taiwan.
03
According to CERT-UA, the Russian hacker group Sandworm targeted around 20 critical infrastructure facilities in Ukraine, aiming to disrupt energy, water, and heating suppliers in 10 regions.
04
Threat actors are exploiting a flaw in GitHub's file upload feature to distribute a new LUA malware loader through URLs associated with Microsoft repositories, making the malware appear trustworthy.
05
Researchers found that the DOS-to-NT path conversion process in Windows can be exploited to achieve rootkit-like capabilities, allowing unprivileged users to hide and impersonate files and processes without admin permissions.
06
A malware campaign has been found targeting child exploiters, using a honeytrap approach to extort money from them. The malware, called CryptVPN, is designed to look like a subscription service for UsenetClub.
07
Cybersecurity researchers discovered nearly 30 phishing websites mimicking the electronic toll service E-ZPass, following a warning from the FBI last week.
08
An ongoing sophisticated phishing campaign by CryptoChameleon targeted LastPass users, leading them to disclose their master passwords to the attackers.
09
CrushFTP warned users to patch an actively exploited zero-day vulnerability immediately. The company released new versions on April 19 to address the issue.
10
Ukrainian armed forces are facing an increasing threat from the UAC-0184 threat group, attempting to plant data-stealing malware on messaging apps used by military personnel - stated CERT-UA.
