In mid-March 2025, Kaspersky technologies detected a wave of infections by previously unknown and highly sophisticated malware.
In all cases, infection occurred immediately after the victim clicked on a link in a phishing email, and the attackers’ website was opened using the Google Chrome web browser. No further action was required to become infected. All malicious links were personalized and had a very short lifespan. However, Kaspersky’s exploit detection and protection technologies successfully identified the zero-day exploit that was used to escape Google Chrome’s sandbox. Kaspersky researchers quickly analyzed the exploit code, reverse-engineered its logic, and confirmed that it was based on a zero-day vulnerability affecting the latest version of Google Chrome, which was then reported to the Google security team.
Read more…
Source: Kaspersky
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- FBI IC3 Logs 6 Million Complaints – Record Increase in Reporting Brings IC3 to New Milestone
May 14, 2021
It took nearly seven years for the FBI’s Internet Crime Complaint Center (IC3) to log its first million complaints. It took only 14 months to add the most recent million. The IC3 logged five million complaints on March 12, 2020, a few weeks before it marked its 20th anniversary. After a period of record reporting, the ...
- Meet Lorenz – A new ransomware gang targeting the enterprise
May 13, 2021
A new ransomware operation known as Lorenz targets organizations worldwide with customized attacks demanding hundreds of thousands of dollars in ransoms. The Lorenz ransomware gang began operating last month and has since amassed a growing list of victims whose stolen data has been published on a ransomware data leak site. Read more… Source: Bleeping Computer
- Fresh Loader Targets Aviation Victims with Spy RATs
May 13, 2021
A cyberattack campaign that goes after aviation targets has been uncovered, which is spreading remote access trojan (RAT) malware bent on cyber-espionage. Researchers from Microsoft said this week on Twitter that spear-phishing emails are the main attack vector. Individuals in the aerospace and travel sectors are being targeted with a range of gambits, such as using ...
- Colonial Pipeline paid close to $5 million in ransomware blackmail payment
May 13, 2021
Colonial Pipeline reportedly paid the ransomware group responsible for a cyberattack last week close to $5 million to decrypt locked systems. On Thursday, Bloomberg reported that two people close to the matter said a blackmail demand was agreed to within hours of the cyberattack that has impacted the fuel giant’s systems for close to a week. On ...
- Apple’s ‘Find My’ Network Exploited via Bluetooth
May 13, 2021
Apple’s “Find My device” function for helping people track their iOS and macOS devices can be exploited to transfer data to and from random passing devices without using the internet, a security researcher has demonstrated. Security researcher Fabian Bräunlein with Positive Security developed a proof of concept, using a microcontroller and a custom MacOS app, that ...
- Hacker group behind Colonial Pipeline attack claims it has three new victims
May 12, 2021
The hacker group DarkSide claimed on Wednesday to have attacked three more companies, despite the global outcry over its attack on Colonial Pipeline this week, which has caused shortages of gasoline and panic buying on the East Coast of the U.S. Over the past 24 hours, the group posted the names of three new companies on ...