EHA
Hackers Use Google Ads to Install Malware that Evades Antivirus

Hackers Use Google Ads to Install Malware that Evades Antivirus

A cluster of virtualized.NET malware loaders that were disseminated via malvertising attacks was discovered by SentinelLabs. The loaders, known as MalVirt, leverage the Windows Process Explorer driver for process termination together with obfuscated virtualization for...
Malware App on Google Play

New Malware App on Google Play With Over 20 Million Downloads

Recently the cybersecurity experts at Dr. Web antivirus reported that over 20 million devices have recently downloaded a highly successful new category of activity-tracking apps from the Google Play Store. Among the features offered by...
PlugX Malware Hides on USB Devices

PlugX Malware Hides on Removable USB Devices to Infect Windows Machine

An investigation by cyber security experts at Palo Alto Network’s Unit 42 team recently revealed that a variation of PlugX malware has the ability to conceal harmful files on USB drives and subsequently infect...
Mimic Ransomware Abuses Windows Search

New Mimic Ransomware Abuses Windows Search Engine to Look Files for Encryption

A new strain of ransomware named Mimic has been uncovered recently by security experts at Trend Micro in June 2022. Mimic takes advantage of the APIs of the 'Everything' a file search tool for...
Hackers Use Shapeshifting Tactics

Hackers Use Shapeshifting Tactics to Steal Information Stealing Malware

Recently, Cyble Research and Intelligence Labs (CRIL) discovered Aurora Stealer malware imitating popular applications on phishing sites to infect as many users as possible. To target a variety of well-known applications, the threat actors behind...
Chinsese Hackers Using Golang Source Code Interpreter To Bypass Detection

Chinese Hackers Using Golang Source Code Interpreter To Bypass Detection

Researchers uncovered a new uncommon technique employed by Chinese threat actors in which Golang Source Code Interpreter used to evade detection in the Dragonspark malware campaign. DragonSpark is the first malicious campaign that utilizes SparkRAT,...
Roaming Mantis Uses Android Malware that Hijacks DNS by Exploiting Wi-Fi Routers

Roaming Mantis Uses Android Malware To Hijacks DNS by Exploiting Wi-Fi Routers

Roaming Mantis is a cyberattack campaign that has been active for an extended period of time. The attackers behind this campaign use malicious APK files, which are the files used to install apps on...
Hook Banking Trojan

Hook Banking Trojan Infect Stored Files in Devices & Create Remote Session

A new Android malware known as 'Hook' has surfaced in the cybercrime market, and this malware has been developed by the creator (DukeEugene) of Ermac who is now selling it to potential buyers.  The malware...
Rhadamanthys Stealer Delivered Via a Spam Email

Beware! New Infostealer Malware Spreading Through Google Ads

Cyble Research & Intelligence Labs (CRIL) discovered a brand-new malware variant called "Rhadamanthys Stealer." This malware stealer variation is now in use and the threat actors who created it are offering it for sale...
IcedID Malware Active Directory

IcedID Malware Let Attackers Compromise the Active Directory Domain

In a recent incident, within just 24 hours of initial access, the IcedID (aka BokBot) malware was used to successfully penetrate the Active Directory domain of an unnamed target.  The attack employed tactics similar to...