In mid-March 2025, Kaspersky technologies detected a wave of infections by previously unknown and highly sophisticated malware.
In all cases, infection occurred immediately after the victim clicked on a link in a phishing email, and the attackers’ website was opened using the Google Chrome web browser. No further action was required to become infected. All malicious links were personalized and had a very short lifespan. However, Kaspersky’s exploit detection and protection technologies successfully identified the zero-day exploit that was used to escape Google Chrome’s sandbox. Kaspersky researchers quickly analyzed the exploit code, reverse-engineered its logic, and confirmed that it was based on a zero-day vulnerability affecting the latest version of Google Chrome, which was then reported to the Google security team.
Read more…
Source: Kaspersky
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- REvil Group Claims Slew of Ransomware Attacks
March 12, 2021
The REvil ransomware threat group is on a cyberattack tear, claiming over the past two weeks to have infected nine organizations across Africa, Europe, Mexico and the U.S. The organizations include two law firms, an insurance company, an architectural firm, a construction company and an agricultural co-op, all located in the U.S.; as well as two ...
- New ZHtrap botnet malware deploys honeypots to find more targets
March 12, 2021
A new botnet is hunting down and transforming infected routers, DVRs, and UPnP network devices into honeypots that help it find other targets to infect. The malware, dubbed ZHtrap by the 360 Netlab security researchers who spotted it, is loosely based on Mirai’s source code, and it comes with support for x86, ARM, MIPS, and other ...
- Threat Assessment: DearCry Ransomware
March 12, 2021
Last week, Microsoft reported that attackers compromised Exchange Mail Servers with the use of four zero-day vulnerabilities. While patches have been released by Microsoft, adversaries are still attacking vulnerable versions of Microsoft Exchange Servers with malicious tools, malware and data exfiltration. Further, Microsoft has confirmed the existence of a ransomware variant leveraging these vulnerabilities, which ...
- Security and Privacy of COVID-19 Contact-Tracing Apps
March 12, 2021
Symantec analyzed the top 25 COVID-19 national contact-tracing apps to see which follow security and privacy best practices. Unfortunately, in this new COVID-19 era it’s not just our computers we have to protect from infection, but also ourselves and our loved ones. Along with social distancing, wearing a mask, and washing our hands, technology is also ...
- Good old malware for the new Apple Silicon platform
March 12, 2021
A short while ago, Apple released Mac computers with the new chip called Apple M1. The unexpected release was a milestone in the Apple hardware industry. However, as technology evolves, we also observe a growing interest in the newly released platform from malware adversaries. This inevitably leads us to new malware samples compiled for the ...
- No Laughing Matter: Joker’s Latest Ploy
March 12, 2021
Joker reveals more tricks up its sleeves: new malicious Android apps that, like in past schemes, subscribe users to premium services without their consent. Joker (a.k.a. Bread) is one of the most persistent malware families that continually targets Android devices. The malware entered the scene in 2017, and by early 2020, Google has removed more than ...