More than 600 servers worldwide have been subjected to recent attacks with the Androxgh0st malware, reports Hackread.
The U.S., India, and Taiwan accounted for the bulk of the impacted servers, which were compromised by Androxgh0st malware operators through web shells deployed via the exploitation of several security vulnerabilities, including CVE-2019-2725, CVE-2021-3129, and CVE-2024-1709, a report from Veriti Research revealed.
Read more…
Source: SC Media
Related:
- Major supermarket distributor to Tesco and Sainsbury’s ‘held to ransom’
May 20, 2025
A major distributor to Britain’s biggest supermarkets, including Tesco, Sainsbury’s and Aldi, is being held to ransom by cyber hackers following a string of assaults on UK retail in the last month. Peter Green Chilled said clients were “receiving regular updates” including “workarounds” on how to continue deliveries. No orders would be processed on Thursday, although any ...
- Broadcom hit by employee data theft after breach in supply chain
May 19, 2025
Customers of the global semiconductor giant Broadcom have had their sensitive data leaked on the dark web after a two-step supply chain attack. Apparently, a company called Business Systems House (BSH), a human capital management (HCM) services provider from the Middle East, suffered a ransomware attack in September 2024, in which a group known as El ...
- Threat Group Assessment: Muddled Libra
May 16, 2025
Palo Alto researchers have added an additional section to this article that describes the evolution of Muddled Libra activity since the beginning for 2024. This group is a dynamic one, and as members cycle in and out of the group, its knowledgebase and skill set naturally shift. Its toolbox has now expanded to include: Social engineering of ...
- Ransomware Is Changing Financial Services – Are You Ready?
May 16, 2025
Whenever cybercriminals successfully target financial services (FinServ), we’re reminded all too well that money makes the world go round. A fruitful attack can lock customers out of their bank accounts, expose sensitive data and fuel theft, fraud and a worrying distrust in financial institutions. The stakes are clearly high, and unfortunately attacks are still soaring. Between ...
- CrazyHunter Campaign Targets Taiwanese Critical Sectors
May 16, 2025
CrazyHunter has quickly emerged as a serious ransomware threat. The group made their introduction in the past month with the opening of their data leak site where they posted ten victims – all located from Taiwan. Trend Micro researchers have followed some of their operations through internal monitoring since the start of January and have witnessed ...
- State of ransomware in 2025
May 7, 2025
With the International Anti-Ransomware Day just around the corner on May 12, Kaspersky explores the ever-changing ransomware threat landscape and its implications for cybersecurity. According to Kaspersky Security Network data, the number of ransomware detections decreased by 18% from 2023 to 2024 – from 5,715,892 to 4,668,229. At the same time, the share of users affected ...