#information-stealer

[ follow ]
#malware #crescentharvest #remote-access-trojan #iran-protests #vs-code-extensions #supply-chain-attack
fromThe Hacker News
1 week ago

CRESCENTHARVEST Campaign Targets Iran Protest Supporters With RAT Malware

The campaign exploits recent geopolitical developments to lure victims into opening malicious .LNK files disguised as protest-related images or videos, researchers Subhajeet Singha, Eliad Kimhy, and Darrel Virtusio said in a report published this week. These files are bundled with authentic media and a Farsi-language report providing updates from 'the rebellious cities of Iran.' This pro- protest framing appears to be intended to increase credibility and to attract Farsi-speaking Iranians seeking protest-related information.
Information security
Information security
fromThe Hacker News
1 month ago

Evelyn Stealer Malware Abuses VS Code Extensions to Steal Developer Credentials and Crypto

Evelyn Stealer uses malicious VS Code extensions to infect developer environments, steal credentials and crypto data, and enable deeper organizational access.
Information security
fromThe Hacker News
4 months ago

Rhadamanthys Stealer Evolves: Adds Device Fingerprinting, PNG Steganography Payloads

Rhadamanthys stealer operates as a professional MaaS with advanced fingerprinting and OCR, tiered paid packages, and related tools marketed under a rebranded cybercrime business.
Information security
fromThe Hacker News
5 months ago

TamperedChef Malware Disguised as Fake PDF Editors Steals Credentials and Cookies

A malvertising campaign distributes a trojanized AppSuite PDF Editor that installs the TamperedChef information stealer and establishes persistence via Windows Registry.
fromThe Hacker News
6 months ago

Noodlophile Malware Campaign Expands Global Reach with Copyright Phishing Lures

The Noodlophile campaign, active for over a year, now leverages advanced spear-phishing emails posing as copyright infringement notices, tailored with reconnaissance-derived details like specific Facebook Page IDs and company ownership information.
Information security
[ Load more ]