There are more and more sites that use a clipboard hijacker and instruct victims on how to infect their own machine. I realize that may sound like something trivial to steer clear from, but apparently it’s not because the social engineering behind it is pretty sophisticated.
At first, these attacks were more targeted at people that could provide cybercriminals a foothold at a targeted company, but their popularity has grown so much that now anyone can run into one of them. It usually starts on a website that promises visitors some kind of popular content: Movies, music, pictures, news articles, you name it. Nobody will think twice when they are asked to prove they are not a robot.
Read more…
Source: Malwarebytes Labs
Related:
- HQWar: the higher it flies, the harder it drops
October 2, 2019
Mobile dropper Trojans are one of today’s most rapidly growing classes of malware. In Q1 2019, droppers are in the 2nd or 3rd position in terms of share of total detected threats, while holding nearly half of all Top 20 places in 2018. Since the droppers’ main task is to deliver payload while sidestepping the ...
- Securing the Industrial Internet of Things: Addressing IIoT Risks in Healthcare
October 2, 2019
The constant quest for prolonging and preserving human life has continually driven technologies to develop groundbreaking innovations in the delivery of healthcare services and state-of-the-art treatments. Like in many other enterprises, the industrial internet of things (IIoT) has rapidly transformed the network and data infrastructure in health and medicine. With the IIoT, medical data and information have ...
- New Fileless Botnet Novter Distributed by KovCoreG Malvertising Campaign
October 1, 2019
Trend Micro found a new modular fileless botnet malware, which we named “Novter,” (also reported and known as “Nodersok” and “Divergent”) that the KovCoreG campaign has been distributing since March. We’ve been actively monitoring this threat since its emergence and early development, and saw it being frequently updated. KovCoreG, active since 2011, is a long-running campaign ...
- New SIM card attack disclosed, similar to Simjacker
September 27, 2019
A team of security researchers has detailed a second SMS-based attack that can allow malicious actors to track users’ devices by abusing little-known apps that are running on SIM cards. This new attack, named WIBattack, is identical to Simjacker, an attack disclosed at the start of the month by mobile security firm AdaptiveMobile. Both attacks work in the ...
- Thousands of PCs Affected by Nodersok/Divergent Malware
September 27, 2019
New malware identified by Microsoft and Cisco Talos has affected thousands of PCs in the United States and Europe and turns systems into proxies for performing malicious activity, the companies said. The fileless threat—called Nodersok by Microsoft and Divergent by Cisco Talos—has many of its own components but also takes advantage of existing tools to do ...
- WhiteShadow downloader uses Microsoft SQL queries to deliver malicious payloads
September 27, 2019
Researchers have documented the emergence of a downloader that makes use of Microsoft SQL queries to pull and deliver malicious payloads. In August this year, Proofpoint researchers found the new, staged downloader, known as WhiteShadow, which is being used to deliver a variety of malware to vulnerable systems. The cybersecurity team said in a blog post on Thursday ...