In early April, Trend Micro researchers discovered that a new threat actor group (which they call Void Arachne) was targeting Chinese-speaking users.
Void Arachne’s campaign involves the use of malicious MSI files that contain legitimate software installer files for artificial intelligence (AI) software as well as other popular software. The malicious Winos payloads are bundled alongside nudifiers and deepfake pornography-generating AI software, voice-and-face-swapping AI software, zh-CN (Simplified Chinese) language packs, the simplified Chinese version of Google Chrome, and Chinese-marketed virtual private networks (VPNs), such as LetsVPN and QuickVPN.
Read more…
Source: Trend Micro
Related:
- Cyber-security breaches at 67 percent of healthcare organisations last year
January 16, 2020
A survey has found that a large portion of healthcare organisations in the UK experienced cyber-security incidents last year, which were mostly due to employees sharing data. According to new research, in the last 12 months, 67 percent of healthcare organisations in the UK suffered a cyber-security incident. The data was compiled by Clearswift, which surveyed senior business decision makers ...
- WeLeakInfo.com Domain Name Seized
January 16, 2020
The Federal Bureau of Investigation and the U.S. Department of Justice announced that they have seized the internet domain name weleakinfo.com. The announcement was made by U.S. Attorney Jessie K. Liu of the District of Columbia and Special Agent in Charge Timothy M. Dunham of the FBI’s Washington Field Office. The website had claimed to provide ...
- Satan Ransomware Reborn to Torment Businesses
January 16, 2020
A ransomware with the un-snappy moniker of “5ss5c” has emerged on the scene and appears to be in active development. According to independent researcher Bart Blaze, the malware is the successor to the Satan ransomware, and its authors are still experimenting with focused targeting (China, for now) and features. Blaze said in a blog posted Tuesday that 5ss5c and ...
- Scammers Dupe Texas School District Out of $2.3M
January 13, 2020
A Texas school district, based outside of Austin, Tex., has lost $2.3 million after falling victim to an email scam. The Manor Independent School District encompasses 8,000 students from elementary to high school. Police told local news outlets that the incident started in early November and continued through December, before it was discovered by the district. “It ...
- TrickBot Adds Custom, Stealthy Backdoor to its Arsenal
January 9, 2020
The Russian-speaking cybercriminals behind the TrickBot malware have developed a stealthy backdoor dubbed “PowerTrick,” in order to infiltrate high-value targets. According to research from SentinelLabs, released on Thursday, PowerTrick is designed to execute commands and return the results in Base64 format. It’s deployed as a module after the initial TrickBot infection has already taken hold on ...
- Travelex UK Website Still Down After Cyberattack
January 3, 2020
The British website of foreign currency seller Travelex remains offline as of Friday 3 January, after being taken down following a cyber-attack on Monday 30 December (New Years Eve). The good news is that an investigation has shown there is no indication the virus has compromised any personal or customer data. But the fact that nearly a ...