#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Cybersecurity

Download Manager | Breaking Cybersecurity News | The Hacker News

Category — Download Manager
Ukrainian Hacker Suspected to be Behind "Free Download Manager" Malware Attack

Ukrainian Hacker Suspected to be Behind "Free Download Manager" Malware Attack

Sep 21, 2023 Supply Chain / Malware
The maintainers of Free Download Manager (FDM) have acknowledged a security incident dating back to 2020 that led to its website being used to distribute malicious Linux software. "It appears that a specific web page on our site was compromised by a Ukrainian hacker group, exploiting it to distribute malicious software," it  said  in an alert last week. "Only a small subset of users, specifically those who attempted to download FDM for Linux between 2020 and 2022, were potentially exposed." Less than 0.1% of its visitors are estimated to have encountered the issue, adding it may have been why the problem went undetected until now. The disclosure comes as Kaspersky  revealed  that the project's website was infiltrated at some point in 2020 to redirect select Linux users who attempted to download the software to a malicious site hosting a Debian package. The package was further configured to deploy a DNS-based backdoor and ultimately serve a Bash stealer mal
Free Download Manager Site Compromised to Distribute Linux Malware to Users for 3+ Years

Free Download Manager Site Compromised to Distribute Linux Malware to Users for 3+ Years

Sep 14, 2023 Supply Chain / Malware
A download manager site served Linux users malware that stealthily stole passwords and other sensitive information for more than three years as part of a supply chain attack. The modus operandi entailed establishing a reverse shell to an actor-controlled server and installing a Bash stealer on the compromised system. The campaign, which took place between 2020 and 2022, is no longer active. "This stealer collects data such as system information, browsing history, saved passwords, cryptocurrency wallet files, as well as credentials for cloud services (AWS, Google Cloud, Oracle Cloud Infrastructure, Azure)," Kaspersky researchers Georgy Kucherin and Leonid Bezvershenko  said . The website in question is freedownloadmanager[.]org, which, according to the Russian cybersecurity firm, offers a legitimate Linux software called "Free Download Manager," but starting in January 2020, began redirecting some users who attempted to download it to another domain deb.fdmpkg[.]
Shining a Light on Shadow Apps: The Invisible Gateway to SaaS Data Breaches

Shining a Light on Shadow Apps: The Invisible Gateway to SaaS Data Breaches

Sep 10, 2024SaaS Security / Risk Management
Shadow apps, a segment of Shadow IT, are SaaS applications purchased without the knowledge of the security team. While these applications may be legitimate, they operate within the blind spots of the corporate security team and expose the company to attackers.  Shadow apps may include instances of software that the company is already using. For example, a dev team may onboard their own instance of GitHub to keep their work separate from other developers. They might justify the purchase by noting that GitHub is an approved application, as it is already in use by other teams. However, since the new instance is used outside of the security team's view, it lacks governance. It may store sensitive corporate data and not have essential protections like MFA enabled, SSO enforced, or it could suffer from weak access controls. These misconfigurations can easily lead to risks like stolen source code and other issues. Types of Shadow Apps  Shadow apps can be categorized based on their interac
Expert Insights / Articles Videos
Cybersecurity Resources