Tag: command-and-control servers
-
Hacker News: Exposing Russian EFF Impersonators: The Inside Story on Stealc and Pyramid C2
Source URL: https://hunt.io/blog/russian-speaking-actors-impersonate-etf-distribute-stealc-pyramid-c2 Source: Hacker News Title: Exposing Russian EFF Impersonators: The Inside Story on Stealc and Pyramid C2 Feedly Summary: Comments AI Summary and Description: Yes Summary: The text provides an in-depth analysis of a cyber attack targeting the online gaming community, specifically through impersonation of the Electronic Frontier Foundation (EFF) to conduct phishing…
-
Unit 42: RustDoor and Koi Stealer for macOS Used by North Korea-Linked Threat Actor to Target the Cryptocurrency Sector
Source URL: https://unit42.paloaltonetworks.com/?p=138378 Source: Unit 42 Title: RustDoor and Koi Stealer for macOS Used by North Korea-Linked Threat Actor to Target the Cryptocurrency Sector Feedly Summary: Koi Stealer and RustDoor malware were used in a campaign linked to North Korea. This activity targeted crypto wallet owners. The post RustDoor and Koi Stealer for macOS Used…
-
Schneier on Security: FBI Deletes PlugX Malware from Thousands of Computers
Source URL: https://www.schneier.com/blog/archives/2025/01/fbi-deletes-plugx-malware-from-thousands-of-computers.html Source: Schneier on Security Title: FBI Deletes PlugX Malware from Thousands of Computers Feedly Summary: According to a DOJ press release, the FBI was able to delete the Chinese-used PlugX malware from “approximately 4,258 U.S.-based computers and networks.” Details: To retrieve information from and send commands to the hacked machines, the malware…
-
Cloud Blog: Backscatter: Automated Configuration Extraction
Source URL: https://cloud.google.com/blog/topics/threat-intelligence/backscatter-automated-configuration-extraction/ Source: Cloud Blog Title: Backscatter: Automated Configuration Extraction Feedly Summary: Written by: Josh Triplett Executive Summary Backscatter is a tool developed by the Mandiant FLARE team that aims to automatically extract malware configurations. It relies on static signatures and emulation to extract this information without dynamic execution, bypassing anti-analysis logic present in…
-
The Register: Swiss cheesed off as postal service used to spread malware
Source URL: https://www.theregister.com/2024/11/16/swiss_malware_qr/ Source: The Register Title: Swiss cheesed off as postal service used to spread malware Feedly Summary: QR codes arrive via an age-old delivery system Switzerland’s National Cyber Security Centre (NCSC) has issued an alert about malware being spread via the country’s postal service.… AI Summary and Description: Yes Summary: The National Cyber…