In mid-March 2025, Kaspersky technologies detected a wave of infections by previously unknown and highly sophisticated malware.
In all cases, infection occurred immediately after the victim clicked on a link in a phishing email, and the attackers’ website was opened using the Google Chrome web browser. No further action was required to become infected. All malicious links were personalized and had a very short lifespan. However, Kaspersky’s exploit detection and protection technologies successfully identified the zero-day exploit that was used to escape Google Chrome’s sandbox. Kaspersky researchers quickly analyzed the exploit code, reverse-engineered its logic, and confirmed that it was based on a zero-day vulnerability affecting the latest version of Google Chrome, which was then reported to the Google security team.
Read more…
Source: Kaspersky
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- GandCrab ransomware affiliate arrested for phishing attacks
March 9, 2021
A suspected GandCrab Ransomware member was arrested in South Korea for using phishing emails to infect victims. The GandCrab ransomware operation started in January 2018 when it quickly became a malware empire threatening businesses worldwide. Operated as a Ransomware-as-a-Service (RaaS), the GandCrab developers teamed up with affiliates in a revenue share partnership, with affiliates earning between 70-80% ...
- Hackers access surveillance cameras at Tesla, Cloudflare, banks, more
March 9, 2021
Hackers gained access to live surveillance cameras installed at Tesla, Equinox, healthcare clinics, jails, and banks, including the Bank of Utah. In addition to images captured from the cameras, the hacker also shared screenshots of their ability to gain root shell access to the surveillance systems used by Cloudflare and at Telsa HQ. Hacks multiple cameras in ...
- Fake Google reCAPTCHA Phishing Attack Swipes Office 365 Passwords
March 8, 2021
Microsoft users are being targeted with thousands of phishing emails, in an ongoing attack aiming to steal their Office 365 credentials. The attackers add an air of legitimacy to the campaign by leveraging a fake Google reCAPTCHA system and top-level domain landing pages that include the logos of victims’ companies. According to researchers, at least 2,500 ...
- Newest Intel Side-Channel Attack Sniffs Out Sensitive Data
March 8, 2021
Intel processors are vulnerable to a new side-channel attack, which researchers said can allow attackers to steal sensitive information such as encryption keys or passwords. Unlike previous side-channel attacks, this attack does not rely on sharing memory, cache sets and other former tactics. Instead it leverages a component called CPU ring interconnect contention. This component facilitates ...
- European Banking Authority discloses Exchange server hack
March 8, 2021
The European Banking Authority (EBA) took down all email systems after their Microsoft Exchange Servers were hacked as part of the ongoing attacks targeting organizations worldwide. EBA is part of the European System of Financial Supervision and it oversees the integrity orderly functioning of the EU banking sector. “The Agency has swiftly launched a full investigation, in ...
- Supernova malware clues link Chinese threat group Spiral to SolarWinds server hacks
March 8, 2021
A possible link to China has been noted by researchers examining the exploit of SolarWinds servers to deploy malware. On Monday, Secureworks’ counter threat unit (CTU) said that during late 2020, a compromised Internet-facing SolarWinds server was used as a springboard to deploy Supernova, a .NET web shell. Similar intrusions on the same network suggest that the ...