TgToxic Malware’s Automated Framework Targets Southeast Asia Android Users

Trend Micro researchers analyzed an ongoing campaign that has been targeting Android users in Southeast Asia since July 2022. Its goal is to steal victims’ assets from finance and banking applications (such as cryptocurrency wallets, credentials for official bank apps Read More …

WannaRen Returns as Life Ransomware, Targets India

Although not as well-known as ransomware families such as Ryuk, REvil, or Maze, WannaRen ransomware made a name for itself back in 2020 after it launched attacks against Chinese internet users, infecting tens of thousands of victims. However, it has Read More …

Earth Preta Spear-Phishing Governments Worldwide

Trend Micro researchers have been monitoring a wave of spear-phishing attacks targeting the government, academic, foundations, and research sectors around the world. Based on the lure documents researchers observed in the wild, this is a large-scale cyberespionage campaign that began Read More …

Hack the Real Box: APT41’s New Subgroup Earth Longzhi

In early 2022, Trend Micro investigated an incident that compromised a company in Taiwan. The malware used in the incident was a simple but custom Cobalt Strike loader. After further investigation, however, we found incidents targeting multiple regions using a Read More …

ADATA denies RansomHouse cyberattack, says leaked data from 2021 breach

Taiwanese chip maker ADATA denies claims of a RansomHouse cyberattack after the threat actors began posting stolen files on their data leak site. The RansomHouse gang added ADATA files to their data leak site on Tuesday, claiming they stole 1TB Read More …

Buzzing in the Background: BumbleBee, a New Modular Backdoor Evolved From BookWorm

In March 2021, Trend Micro researchers investigated a backdoor with a unique modular architecture and called it BumbleBee due to a string embedded in the malware. Its type of modular framework has made Trend Micro static analysis more challenging because Read More …

Taiwanese military reports DDoS in wake of Pelosi visit

Taiwan’s Ministry of National Defense confirmed it was hit by a DDoS attack on Wednesday in what has been an eventful week for the island nation, US-Sino relations, and semiconductors. The ministry said the network was attacked around 23:40 with Read More …

Website of Taiwan’s presidential office receives overseas cyber attack

The website of Taiwan’s presidential office received an overseas cyber attack on Tuesday and was at one point malfunctioning, a source briefed on the matter said. The website was shortly brought back online, the source told Reuters. U.S. House of Read More …

Roaming Mantis hits Android and iOS users in malware, phishing attacks

After hitting Germany, Taiwan, South Korea, Japan, the US, and the U.K. the Roaming Mantis operation moved to targeting Android and iOS users in France, likely compromising tens of thousands of devices. Roaming Mantis is believed to be a financially-motivated Read More …