Short-form video platforms like TikTok and Instagram Reels have become the latest way cybercriminals spread malware.
We’ve already seen attackers move away from traditional phishing emails and toward tactics that trick people into installing malware themselves. Now they’re being lured with slick social media videos that promise free Spotify Premium, free Windows activation, or free Microsoft Office, but instead leave people with infostealers on their Windows devices.
Read more…
Source: MalwareBytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Investigation into a Nefilim Attack Shows Signs of Lateral Movement, Possible Data Exfiltration
April 3, 2020
Trend Micro’s Managed XDR (MxDR) and Incident Response (IR) teams recently investigated an incident involving a company that was hit by the Nefilim ransomware, which was initially discovered in March 2020. What makes Nefilim especially devious is that the threat actors behind the attack threaten to release the victim’s stolen data on an online leak site. This represents a ...
- Spearphishing Campaign Exploits COVID-19 To Spread Lokibot Infostealer
April 3, 2020
Researchers have discovered threat actors once again capitalizing on the COVID-19 pandemic and current attention on the World Health Organization (WHO) with a new spearphishing email designed to spread the LokiBot trojan sent using the WHO trademark as a lure. Researchers at FortiGuard Labs on March 27 first observed the malicious COVID-19-themed scam, which claims to ...
- Hacking forum gets hacked for the second time in a year
April 3, 2020
OGUsers, one of the most popular hacking forums on the internet, disclosed today a security breach, the second such incident in the past year. “It appears that someone was able to breach the server through a shell in avatar uploading in the forum software and get access to our current database dating April 2, 2020,” said ...
- Firefox gets fixes for two zero-days exploited in the wild
April 3, 2020
Firefox users are advised to update their browsers to patch two bugs that are being exploited in the real world by hackers. The fixes are available in Firefox 74.0.1, released earlier today. This new Firefox version includes fixes for CVE-2020-6819 and CVE-2020-6820, two bugs that reside in the way Firefox manages its memory space. The bugs are so-called user-after-free vulnerabilities, ...
- FakeNet Genie: Improving Dynamic Malware Analysis with Cheat Codes for FakeNet-NG
April 2, 2020
As developers of the network simulation tool FakeNet-NG, reverse engineers on the FireEye FLARE team, and malware analysis instructors, we get to see how different analysts use FakeNet-NG and the challenges they face. We have learned that FakeNet-NG provides many useful features and solutions of which our users are often unaware. In this blog post, ...
- Nemty Ransomware – Learning by Doing
April 2, 2020
The McAfee Advanced Threat Research Team (ATR) observed a new ransomware family named ‘Nemty’ on 20 August 2019. We are in an era where ransomware developers face multiple struggles, from the great work done by the security community to protect against their malware, to initiatives such as the No More Ransom project that offer some victims a way ...