In the shadowy world of cybercrime, even the most cunning hackers can make blunders that expose their operations. In this article CPR describes the discovery of Styx Stealer, a new malware variant derived from the notorious Phemedrone Stealer.
Check Point investigation revealed critical missteps by the developer of Styx Stealer, including a significant operational security (OpSec) lapse that leaked sensitive information from his own computer. The roots of Styx Stealer can be traced back to Phemedrone Stealer, which became widely known in early 2024 when the CVE-2023-36025 vulnerability in Microsoft Windows Defender SmartScreen was exploited to deliver this malware.
Read more…
Source: Check Point
Related:
- Banking Apps Found Vulnerable to MITM Attacks
December 7, 2017
Leading US and UK-based banks have patched a flaw found in their Android and iOS mobile apps that allowed adversaries to conduct man-in-the-middle attacks to steal customer credentials and view and manipulate network traffic. According to researchers at the School of Computer Science at the University of Birmingham that found the flaw, the vulnerability impacted nine apps belonging ...
- International team takes down virus-spewing Andromeda botnet
December 5, 2017
Police and private companies have taken down a massive botnet used to move malware onto compromised PCs. The Andromeda botnet, also known as Gamarue, is thought to have spanned over two million PCs and distributed over 80 types of malware onto infected PCs. It was shut down on November 29 in a combined operation by Europol, ...
- Ursnif Trojan Adopts New Code Injection Technique
December 4, 2017
Hackers are testing a new variation of the Ursnif Trojan aimed at Australian bank customers that utilizes novel code injection techniques. Since the summer of 2017, IBM X-Force researchers report that Ursnif (or Gozi) samples have been tested in wild by a new malware developer. The samples are a noteworthy upgrade from previous versions. “This finding is ...
- PayPal Subsidiary Data Breach Hits Up to 1.6 Million Customers
December 3, 2017
Global e-commerce business PayPal has disclosed a data breach that may have compromised personally identifiable information for roughly 1.6 million customers at a payment processing company PayPal acquired earlier this year. PayPal Holdings Inc. said Friday that a review of its recently acquired company TIO Networks showed evidence of unauthorized access to the company’s network, including some confidential ...
- RAT Distributed Via Google Drive Targets East Asia
November 30, 2017
Researchers said that they are tracking a new remote access Trojan dubbed UBoatRAT that is targeting individuals or organizations linked to South Korea or the video game industry. While targets aren’t 100 percent clear, researchers at Palo Alto Networks Unit 42 said UBoatRAT threats are evolving and new variants are increasingly growing more sophisticated. They said ...
- Hackers Now Have Incredibly Sophisticated Ways to Breach Banks’ Defenses
November 29, 2017
Global banks need to do more to protect themselves from cyberattacks after a “significant evolution” in the threat level in the last 18 months, according to the SWIFTglobal payments network. Hackers are deploying increasingly sophisticated ways of breaching banks’ cyber defenses to launch finely orchestrated attacks, SWIFT said in a report co-written with defense contractor BAE Systems. ...