In mid-March 2025, Kaspersky technologies detected a wave of infections by previously unknown and highly sophisticated malware.
In all cases, infection occurred immediately after the victim clicked on a link in a phishing email, and the attackers’ website was opened using the Google Chrome web browser. No further action was required to become infected. All malicious links were personalized and had a very short lifespan. However, Kaspersky’s exploit detection and protection technologies successfully identified the zero-day exploit that was used to escape Google Chrome’s sandbox. Kaspersky researchers quickly analyzed the exploit code, reverse-engineered its logic, and confirmed that it was based on a zero-day vulnerability affecting the latest version of Google Chrome, which was then reported to the Google security team.
Read more…
Source: Kaspersky
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Ransomware gangs are now rich enough to buy zero-day flaws
November 16, 2021
Cyber criminals are becoming more advanced as they continue to find new ways to deliver attacks, and some are now willing to buy zero-day vulnerabilities, something more traditionally associated with nation-states. Knowledge about vulnerabilities and exploits can command a high price on underground forums, because being able to take advantage of them can be very profitable ...
- FBI Email Hoaxer ID’ed by the Guy He Allegedly Loves to Torment
November 16, 2021
Vinny Troia, the cybersecurity researcher mentioned in a fake alert gushed out to thousands of people from the FBI’s own email system on Friday night, has fingered the guy who allegedly pulled off the exploit. Troia – white hat threat hunter, cybercrime investigator and founder of security firms Night Lion Security and its rebranded version, Shadowbyte ...
- Emotet, once the world’s most dangerous malware, is back
November 16, 2021
Emotet, once described as “the world’s most dangerous malware” before being taken down by a major international police operation, is apparently back – and being installed on Windows systems infected with TrickBot malware. Emotet malware provided its controllers with a backdoor into compromised machines, which could be leased out to other groups, including ransomware gangs, to ...
- 200M Adult Cam Model, User Records Exposed in Stripchat Breach
November 16, 2021
A database containing the highly sensitive information on both users and models on the popular adult cam site StripChat were discovered online, left completely unprotected. The data exposure puts models and users at risk of extortion, violence and more. Stripchat is a popular site founded in 2016 and based in Cyprus that sells live access to ...
- MosesStaff attacks organizations with encryption malware: No payment demand made
November 16, 2021
The MosesStaff hacking group has entered the ‘ransomware’ fray with a difference: blackmail payments are furthest from their minds. On November 15, Check Point Research (CPR) said the group began targeting organizations in Israel during September this year, joining campaigns launched by Pay2Key and BlackShadow. The focus of these operations was to deploy ransomware on their victim’s ...
- New Rowhammer technique bypasses existing DDR4 memory defenses
November 15, 2021
Researchers have developed a new fuzzing-based technique called ‘Blacksmith’ that revives Rowhammer vulnerability attacks against modern DRAM devices that bypasses existing mitigations. The emergence of this new Blacksmith method demonstrates that today’s DDR4 modules are vulnerable to exploitation, allowing a variety of attacks to be conducted. Rowhammer is a security exploit that relies on the leaking of ...