In early April, Trend Micro researchers discovered that a new threat actor group (which they call Void Arachne) was targeting Chinese-speaking users.
Void Arachne’s campaign involves the use of malicious MSI files that contain legitimate software installer files for artificial intelligence (AI) software as well as other popular software. The malicious Winos payloads are bundled alongside nudifiers and deepfake pornography-generating AI software, voice-and-face-swapping AI software, zh-CN (Simplified Chinese) language packs, the simplified Chinese version of Google Chrome, and Chinese-marketed virtual private networks (VPNs), such as LetsVPN and QuickVPN.
Read more…
Source: Trend Micro
Related:
- National Lottery website brought down by cyber hack attack leaving thousands unable to buy tickets
September 30, 2017
A cyber attack brought down the the National Lottery website last night, Camelot has admitted. The website was down for more than an hour-and-a-half yesterday evening, due to a distributed denial of service (DDOS) attack – when hackers flooded the website with online traffic. A Camelot spokesperson said: “Unfortunately, as experienced by many companies, The National Lottery website was subject to ...
- Two Danish ministries taken offline by cyber attack
September 28, 2017
A Turkish hacker group has claimed responsibility for a cyber attack that has rendered the Danish Ministry of Immigration website inaccessible. The Ministry of Immigration, as well as the Ministry of Foreign Affairs of Denmark, were hit Wednesday by a cyber attack thought to have come from a Turkish hacker group, reports broadcaster DR. The former ministry’s website ...
- Researchers promise demo of ‘God-mode’ pwnage of Intel mobos
September 26, 2017
Security researchers say they’ve found a way to exploit Intel’s accident-prone Management Engine, and will reveal the problem at Black Hat Europe in December. Positive Technologies researchers say the exploit “allows an attacker of the machine to run unsigned code in the Platform Controller Hub on any motherboard via Skylake+”. Intel Management Engine (ME), a microcontroller that ...
- EternalBlue Exploit Used in Retefe Banking Trojan Campaign
September 22, 2017
Criminals behind the Retefe banking Trojan have added a new component to their malware that uses the NSA exploit EternalBlue. The update makes Retefe the latest malware family to adopt the SMBv1 attack against a patched Windows vulnerability, and could signal an emerging trend, said researchers at Proofpoint. Earlier this year, researchers at Flashpoint observed the TrickBot ...
- More data lost or stolen in first half of 2017 than the whole of last year
September 20, 2017
More data records have been lost or stolen during the first half of 2017 (1.9 billion) than all of 2016 (1.37 billion). Digital security company Gemalto’s Breach Level Index (PDF), published Wednesday, found that an average of 10.4 million records are lost or stolen every day. During the first half of 2017 there were 918 reported data ...
- Banker helped gang launder £16m for cybercriminals
September 20, 2017
A gang of five men, including a corrupt banker, have pleaded guilty to their part in laundering more than £16m for international cybercriminals. Using their man on the inside at Barclays, the gang set up around 400 bank accounts over a three-year period, according to the UK’s National Crime Agency. They shuffled stolen funds through these accounts ...