#1 Trusted Cybersecurity News Platform Followed by 3.45+ million
The Hacker News Logo
Subscribe to Newsletter

VBScript | Breaking Cybersecurity News | The Hacker News

Experts Warn of 'Ice Breaker' Cyberattacks Targeting Gaming and Gambling Industry

Experts Warn of 'Ice Breaker' Cyberattacks Targeting Gaming and Gambling Industry

Feb 01, 2023 Gaming / Cyber Attack
A new attack campaign has been targeting the gaming and gambling sectors since at least September 2022, just as the ICE London 2023 gaming industry trade fair event is scheduled to kick off next week. Israeli cybersecurity company Security Joes is tracking the activity cluster under the name  Ice Breaker , stating the intrusions employ clever social engineering tactics to deploy a JavaScript backdoor. The attack sequence proceeds as follows: The threat actor poses as a customer while initiating a conversation with a support agent of a gaming company under the pretext of having account registration issues. The adversary then urges the individual on the other end to open a screenshot image hosted on Dropbox. Security Joes said that the threat actor is "well-aware of the fact that the customer service is human-operated." Clicking the purported screenshot link sent in the chat leads to the retrieval of an LNK payload or, alternatively, a VBScript file as a backup option,
Earth Bogle Campaign Unleashes NjRAT Trojan on Middle East and North Africa

Earth Bogle Campaign Unleashes NjRAT Trojan on Middle East and North Africa

Jan 18, 2023 Cyber Threat / Malware
An ongoing campaign dubbed  Earth Bogle  is leveraging geopolitical-themed lures to deliver the NjRAT remote access trojan to victims across the Middle East and North Africa. "The threat actor uses public cloud storage services such as files[.]fm and failiem[.]lv to host malware, while compromised web servers distribute NjRAT," Trend Micro  said  in a report published Wednesday. Phishing emails, typically tailored to the victim's interests, are loaded with malicious attachments to activate the infection routine. This takes the form of a Microsoft Cabinet (CAB) archive file containing a Visual Basic Script dropper to deploy the next-stage payload. Alternatively, it's suspected that the files are distributed via social media platforms such as Facebook and Discord, in some cases even creating bogus accounts to serve ads on pages impersonating legitimate news outlets. The CAB files, hosted on cloud storage services, also masquerade as sensitive voice recordings to e
cyber security

external linkTraditional App Security is No Longer Enough

websitewww.nonamesecurity.comAPI Security
When it comes to ensuring the security of your APIs, there are four critical capabilities.
GuLoader Malware Utilizing New Techniques to Evade Security Software

GuLoader Malware Utilizing New Techniques to Evade Security Software

Dec 26, 2022 Reverse Engineering
Cybersecurity researchers have exposed a wide variety of techniques adopted by an advanced malware downloader called  GuLoader  to evade security software. "New shellcode anti-analysis technique attempts to thwart researchers and hostile environments by scanning entire process memory for any virtual machine (VM)-related strings," CrowdStrike researchers Sarang Sonawane and Donato Onofri  said  in a technical write-up published last week. GuLoader, also called  CloudEyE , is a Visual Basic Script (VBS) downloader that's used to distribute remote access trojans such as Remcos on infected machines. It was first detected in the wild in 2019. In November 2021, a JavaScript malware strain dubbed RATDispenser  emerged  as a conduit for dropping GuLoader by means of a Base64-encoded VBScript dropper. Recent GuLoader samples unearthed by CrowdStrike have been found to exhibit a three-stage process wherein the VBScript is designed to deliver a next-stage that performs anti-a
Cybersecurity Resources