malware evolution – Experimental News Clipping Site

Threat Research Archives – Unit 42: RustDoor and Koi Stealer for macOS Used by North Korea-Linked Threat Actor to Target the Cryptocurrency Sector

Mar 10, 2025

—

by

Source URL: https://unit42.paloaltonetworks.com/macos-malware-targets-crypto-sector/ Source: Threat Research Archives – Unit 42 Title: RustDoor and Koi Stealer for macOS Used by North Korea-Linked Threat Actor to Target the Cryptocurrency Sector Feedly Summary: AI Summary and Description: Yes Summary: The text details a significant malware campaign targeting macOS systems, notably linked to North Korean nation-state actors employing advanced…

Unit 42: Stately Taurus Activity in Southeast Asia Links to Bookworm Malware

Feb 20, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://unit42.paloaltonetworks.com/?p=138311 Source: Unit 42 Title: Stately Taurus Activity in Southeast Asia Links to Bookworm Malware Feedly Summary: Unit 42 details the just-discovered connection between threat group Stately Taurus (aka Mustang Panda) and the malware Bookworm, found during analysis of the group’s infrastructure. The post Stately Taurus Activity in Southeast Asia Links to Bookworm…

Cloud Blog: Using capa Rules for Android Malware Detection

Feb 6, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/topics/threat-intelligence/capa-rules-android-malware-detection/ Source: Cloud Blog Title: Using capa Rules for Android Malware Detection Feedly Summary: Mobile devices have become the go-to for daily tasks like online banking, healthcare management, and personal photo storage, making them prime targets for malicious actors seeking to exploit valuable information. Bad actors often turn to publishing and distributing malware…

The Register: Pixel perfect Ghostpulse malware loader hides inside PNG image files

Oct 22, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2024/10/22/ghostpulse_malware_loader_png/ Source: The Register Title: Pixel perfect Ghostpulse malware loader hides inside PNG image files Feedly Summary: Miscreants combine it with an equally tricky piece of social engineering The Ghostpulse malware strain now retrieves its main payload via a PNG image file’s pixels. This development, security experts say, is “one of the most…

Cisco Talos Blog: UAT-5647 targets Ukrainian and Polish entities with RomCom malware variants

Oct 17, 2024

—

by

system automation

in Uncategorized

Source URL: https://blog.talosintelligence.com/uat-5647-romcom/ Source: Cisco Talos Blog Title: UAT-5647 targets Ukrainian and Polish entities with RomCom malware variants Feedly Summary: By Dmytro Korzhevin, Asheer Malhotra, Vanja Svajcer and Vitor Ventura. Cisco Talos has observed a new wave of attacks active since at least late 2023, from a Russian speaking group we track as “UAT-5647”, against Ukrainian…

Tag: malware evolution

Threat Research Archives – Unit 42: RustDoor and Koi Stealer for macOS Used by North Korea-Linked Threat Actor to Target the Cryptocurrency Sector

Unit 42: Stately Taurus Activity in Southeast Asia Links to Bookworm Malware

Cloud Blog: Using capa Rules for Android Malware Detection

The Register: Pixel perfect Ghostpulse malware loader hides inside PNG image files

Cisco Talos Blog: UAT-5647 targets Ukrainian and Polish entities with RomCom malware variants