Recently, Check Point Research observed threat actors using GitHub to achieve initial infections by utilizing new methods.
Previously, GitHub was used to distribute malicious software directly, with a malicious script downloading either raw encrypted scripting code or malicious executables. Their tactics have now changed and evolved. Threat actors now operate a network of “Ghost” accounts that distribute malware via malicious links on their repositories and encrypted archives as releases. This network not only distributes malware but also provides various other activities that make these “Ghost” accounts appear as normal users.
Read more…
Source: Check Point
Related:
- Virgin America Hacked, Employee Passwords and Personal Information Compromised
July 28, 2017
Virgin America has confirmed in a letter sent to employees that its network was compromised by hackers, with data belonging to thousands of workers compromised and possibly stolen by the attackers. While an investigation is already under way, the airline did not provide any specifics about the hackers, saying instead that it’s working with law enforcement ...
- Attack Uses Docker Containers To Hide, Persist, Plant Malware
July 27, 2017
A novel attack vector allows for adversaries to abuse the Docker API to hide malware on targeted systems, and even execute remote code. The proof of concept attack was developed by researchers at Aqua Security, and the technique was first demonstrated today at Black Hat by Sagie Dulce, senior security researcher, with Aqua Security. The attack works ...
- UniCredit Bank Hacked, 400,000 Accounts Exposed
July 26, 2017
UniCredit has just announced in an official statement that its servers were breached by hackers, with details of approximately 400,000 clients said to be exposed. The bank explained that hackers managed to get inside its systems in Italy twice in the last 12 months. The first hack took place in September and October 2016, while the ...
- Global ransomware attacks on the rise: Europol
July 25, 2017
Global ransomware attacks soared by over 11 percent in the 12 months to March, Europol reported Tuesday, but specialist tools developed with its partners had helped unlock some 28,000 encrypted devices. “Ransomware has soared since 2012, with criminals lured by the promise of profit and ease of implementation,” the European police agency said in a statement. According ...
- Medical technology is advancing, but how secure is it?
July 25, 2017
We’re fortunate to live in an age when medical technology is hyper-advanced and continuing to innovate rapidly. Today, depending on where you live, you may expect to live to be up to 80 years or older; but just a hundred years ago, most people didn’t make it beyond the age of 50. Obviously researchers, medical professionals, ...
- Bank of America Customers Under Attack, Phishing Site Hosted on Russian Server
July 24, 2017
You might be tempted to believe that hackers are getting tired of using phishing scams to target bank clients across the globe, but as Bank of America customers might find out the hard way, this doesn’t seem to be the case just yet. HackRead has come across a new major phishing attack aimed at BoA clients, ...