computer virus | Breaking Cybersecurity News | The Hacker News

The Dridex banking trojan that is widely being used by cyber criminals to distribute malware onto users' machines has now been found distributing a security software. A portion of the Dridex banking Trojan botnet may have been hacked or compromised by an unknown Whitehat Hacker, who replaced the malicious links with  Avira Antivirus  installers. What is Dridex Banking Trojan? How it Works? Dridex malware – also known as Bugat and Cridex – is believed to have been created by cyber criminals in Eastern Europe in an effort to harvest online banking details. Even after a high-profile takedown operation in late 2015, the Dridex botnet seems to be active again. The Dridex virus typically distributes itself through spam messages or emails that include malicious attachments, most often a Microsoft Office file or Word document integrated with malicious macros. Once the malicious file has been clicked, the macros download and install the main payload of the virus – th

You should be very careful while visiting websites on the Internet because you could be hit by a new upgrade to the World's worst Exploit Kit – Angler , which lets hackers develop and conduct their own drive-by attacks on visitors' computers with relative ease. Many poorly-secured websites are targeting Windows users with a new "Cocktail" of malware that steals users' passwords before locking them out from their machines for ransom. Yes, stealing Windows users' passwords before encrypting their data and locking their PCs for ransom makes this upgrade to the Angler Exploit Kit nastier. Here's How the New Threat Works: Once the Angler exploit kit finds a vulnerable application, such as Adobe Flash, in visitor's computer, the kit delivers its malicious payloads, according to a blog post published by Heimdal Security. The First Payload infects the victim's PC with a widely used data thief exploit known as Pony that systematic

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

Security researchers at Symantec have uncovered a new Backdoor Trojan that grants hackers remote access and some control over infected machines. " Duuzer ," as dubbed by the researchers, has been targeting organizations in South Korea and elsewhere in an attempt to steal valuable information. The Trojan is designed to infect both 32-bit and 64-bit computers running Windows 7, Windows Vista, and Windows XP. Duuzer gives attackers remote access to the compromised computer, allowing them to: Collect system and drive information Create, enumerate, and end processes Access, modify and delete files Upload and Download additional files Change the time attributes of files Execute malicious commands Steal data from infected system Know about victim's Operating System Duuzer Infects via Spear Phishing or Watering Hole Attacks It is currently unclear how the malware is being distributed, but according to Symantec Researchers, the most obvious routes ar

Security researchers have uncovered a new piece of Adware that replaces your entire browser with a dangerous copy of Google Chrome , in a way that you will not notice any difference while browsing. The new adware software, dubbed " eFast Browser ," works by installing and running itself in place of Google Chrome The adware does all kinds of malicious activities that we have seen quite often over the years: Generates pop-up, coupon, pop-under and other similar ads on your screen Placing other advertisements into your web pages Redirects you to malicious websites containing bogus contents Tracking your movements on the web to help nefarious marketers send more crap your way to generating revenue Therefore, having eFast Browser installed on your machine may lead to serious privacy issues or even identity theft. What's Nefariously Intriguing About this Adware? The thing that makes this Adware different from others is that instead of taking contr

A network of compromised Linux servers has grown so powerful that it can blow large websites off the Internet by launching crippling Distributed Denial-of-service (DDoS ) attacks of over 150 gigabits per second (Gbps). The distributed denial-of-service network, dubbed XOR DDoS Botnet , targets over 20 websites per day , according to an advisory published by content delivery firm Akamai Technologies. Over 90 percent of the XOR DDoS targets are located in Asia, and the most frequent targets are the gaming sector and educational institutions. XOR creator is supposed to be from China, citing the fact that the IP addresses of all Command and Control (C&C) servers of XOR are located in Asia, where most of the infected Linux machines also reside. How XOR DDoS Botnet infects Linux System? Unlike other DDoS botnets , the XOR DDoS botnet infects Linux machines via embedded devices such as network routers and then brute forces a machine's SSH service to gain ro

Two years ago Chinese firm Lenovo got banned from supplying equipment for networks of the intelligence and defense services various countries due to hacking and spying concerns. Earlier this year, Lenovo was caught red-handed for selling laptops pre-installed with Superfish malware . One of the most popular Chinese computer manufacturers 'Lenovo' has been caught once again using a hidden Windows feature to preinstall unwanted and unremovable rootkit software on certain Lenovo laptop and desktop systems it sells. The feature is known as " Lenovo Service Engine " (LSE) – a piece of code presents into the firmware on the computer's motherboard.  If Windows is installed, the LSE automatically downloads and installs Lenovo's own software during boot time before the Microsoft operating system is launched, overwriting Windows operating system files. More worrisome part of the feature is that it injects software that updates drivers, firmware, and oth

Last Week someone just hacked the infamous Hacking Team , The Italy-based cyber weapons manufacturer and leaked a huge trove of 400GB internal data , including: Emails Hacking tools Zero-day exploits Surveillance tools Source code for Spyware A spreadsheet listing every government client with date of purchase and amount paid Hacking Team is known for its advanced and sophisticated Remote Control System (RCS) spyware , also known as Galileo , which is loaded with lots of zero-day exploits and have ability to monitor the computers of its targets remotely. Today, Trend Micro security researchers found that the Hacking Team " uses a UEFI  (Unified Extensible Firmware Interface)  BIOS Rootkit to keep their Remote Control System (RCS) agent installed in their targets' systems ." That clearly means, even if the user reinstalls the Operating System, formats the hard disk, and even buys a new hard disk, the agents are implanted after Microsoft Windows is

Security firm Trend Micro has identified a 20-year-old Brazilian college student responsible for developing and distributing over 100 Banking Trojans selling each for around US$300 . Known online as ' Lordfenix ', ' Hacker's Son ' and ' Filho de Hacker ', the computer science student first began his career by posting in forums, asking for programming help for a Trojan he was developing, researchers said. Developed More than 100 Trojans However, Lordfenix has "grown quite confident in his skills" and began developing and distributing malware tailored to pilfer financial information since at least 2013. "Based on our research, Lordfenix has created more than 100 different banking Trojans , not including his other malicious tools, since April 2013," Trend Micro says . "With each Trojan costing around R$1,000 (roughly $320), this young cybercriminal channeled his talent in programming into a lucrative, illegal venture." Trend Mi

A Swedish man who was the mastermind behind the $40 BlackShades Remote Access Tool (RAT) that infected over half a million systems around the world was sentenced to almost five years in a U.S. prison on Tuesday. Alex Yücel , 25, owned and operated an organization called "BlackShades" that sold a sophisticated and notorious form of software, called RAT, to several thousands of hackers and other people in more than 100 countries for prices ranging from $40 to $50. BlackShades malware was designed to capture keystrokes, steal usernames and passwords for victims' email and Web services, FTP clients, instant messaging applications, and lots more. In the worst case, the malicious software even allowed hackers to take remote control of victim's computer and webcam to pilfer photos or videos without the knowledge of the computer owner. Yucel (a.k.a. " marjinz ") was sentenced to four and three-quarter years in prison by U.S. District Judge Kev

U.S. and European law enforcement agencies have shut down a highly sophisticated piece of the botnet that had infected more than 12,000 computers worldwide , allowing hackers to steal victims' banking information and other sensitive data. The law enforcement agencies from the United States, United Kingdom and the European Union conducted a joint operation to get rid of the botnet across the globe and seized the command-and-control server that had been used to operate the nasty Beebone (also known as AAEH ) botnet . What's a Botnet? A botnet is a network of large number of computers compromised with malicious software and controlled surreptitiously by hackers without the knowledge of victims. Basically, a "botnet" is a hacker's "robot" that does the malicious work directed by hackers. Hackers and Cyber Criminals have brushed up their hacking skills and started using Botnets as a cyber weapon to carry out multiple crimes such as DDoS attacks

It seems like the world has declared war against the Cyber Criminals. In a recent update, we reported that FBI is offering $3 Million in Reward for the arrest of GameOver Zeus botnet mastermind, and meanwhile British cyber-police has taken down widely-spread RAMNIT botnet . The National Crime Agency (NCA) in a joint operation with Europol's European Cybercrime Centre (EC3) and law enforcement agencies from Germany, Italy, the Netherlands, and the United Kingdom has taken down the Ramnit "botnet", which has infected over 3.2 million computers worldwide, including 33,000 in the UK. Alike GameOver Zeus, RAMNIT is also a ' botnet ' - a network of zombie computers which operate under criminal control for malicious purposes like spreading viruses, sending out spam containing malicious links, and carrying out distributed denial of service attacks (DDoS) in order to bring down target websites. RAMNIT believes to spread malware via trustworthy links se

It's better for smokers to quit smoking. Are you using electronic cigarettes (E-cigarettes) instead normal ones?? Still, you should quit your smoking habit, because it not only damages your health, but could pose a danger risk to the health of your computer. E-cigarettes have become the latest vector for hackers to distribute malicious software. E-cigarettes manufactured in China are reportedly being used to spread malware via a USB port to computers when users plug in for charging it up. The report broke when an executive at a "large corporation" had been infected with malware from an undetermined source after he quit smoking and switched to e-cigarettes made in China, detailed a recent post to social news forum Reddit . Further investigating the matter, he found that the chargers of the e-cigarettes - bought from the online auction site eBay for $5 - are hard-coded with the malware that infected his workstation despite having latest virus and anti m

Human rights experts and Privacy International have launched a free tool allowing users to scan their computers for surveillance spyware, typically used by governments and other organizations to spy on human rights activists and journalists around the world. This free-of-charge anti-surveillance tool, called Detekt , is an open source software app released in partnership with Human rights charity Amnesty International, Germany's Digitale Gesellschaft, the Electronic Frontier Foundation ( EFF ) and Privacy International, in order to combat government surveillance. NEED AN EYE FOR AN EYE The global surveillance carried out by the US National Security Agency (NSA) and other government agencies recently disclosed by the former NSA contractor Edward Snowden shed light on just how far our own government can go to keep track of citizens, whether innocent or otherwise. Therefore, such tool will help them see if their devices have been infected by any spyware. Detekt was dev

It's been almost two weeks since the WireLurker malware existence was revealed for the first time, and Chinese authorities have arrested three suspects who are allegedly the authors of the Mac- and iOS-based malware that may have infected as many as hundreds of thousands of Apple users. The Beijing Bureau of Public security has announced the arrest of three suspects charged with distributing the WireLurker malware through a popular Chinese third-party online app store. The authorities also say the website that was responsible for spreading the malware has also been shut down. "WireLurker" malware was originally discovered earlier this month by security firm Palo Alto Networks targeting Apple users in China. The malware appeared as the first malicious software program that has ability to penetrate the iPhone's strict software controls. The main concern to worry about this threat was its ability to attack non-jailbroken iOS devices. Once a device infected

A new surge of malware has been discovered which goes on to infect hundreds of thousands of computers worldwide and allegedly steals users' social and banking site credentials. Few days back, a list of 5 million combinations of Gmail addresses and passwords were leaked online. The search engine giant, Google said that Gmail credentials didn't come from the security breaches of its system, rather the credentials had been stolen by phishing campaigns and unauthorized access to user accounts. Just now, we come across another similar incident where cyber criminals are using a malware which has already compromised thousands of Windows users worldwide in an effort to steal their Social Media account, Online account and Banking account Credentials. A Greek Security Researcher recently discovered a malware sample via a spam campaign (caught in a corporate honeypot), targeting large number of computers users rapidly. He investigated and posted a detailed technical analyses of

Cyber criminals have exploited the power of two online advertising networks, Google's DoubleClick and popular Zedo advertising agency , to deliver malicious advertisements to millions of internet users that could install malware on a user's computer. A recent report published by the researcher of the security vendor Malwarebytes suggests that the cyber criminals are exploiting a number of websites, including The Times of Israel, The Jerusalem Post and the Last.fm music streaming website, to serve malicious advertisements designed to spread the recently identified Zemot malware . Malvertising is not any new tactic used by cybercriminals, but Jerome Segura, a senior security researcher with Malwarebytes, wrote in a blog post that his company " rarely see attacks on a large scale like this. " "It was active but not too visible for a number of weeks until we started seeing popular sites getting flagged in our honeypots," Segura wrote. "That's