-
Police seize over 100 malware loader servers, arrest four cybercriminals
An international law enforcement operation codenamed 'Operation Endgame' has seized over 100 servers worldwide used by multiple major malware loader operations, including IcedID, Pikabot, Trickbot, Bumblebee, Smokeloader, and SystemBC.
- May 30, 2024
- 04:35 AM
1
-
New Latrodectus malware attacks use Microsoft, Cloudflare themes
Latrodectus malware is now being distributed in phishing campaigns using Microsoft Azure and Cloudflare lures to appear legitimate while making it harder for email security platforms to detect the emails as malicious.
- April 30, 2024
- 06:08 PM
0
-
New Webinar: Choose Your Own Investigation — Browser Attack Edition
Modern attacks have shifted focus to the browser, yet detection tools remain largely blind to the crucial activity happening there.
Join Push Security on February 11th for an interactive "choose-your-own-adventure" webinar on ClickFix, credential phishing, and other in-browser attacks we've observed in the wild.
-
New Latrodectus malware replaces IcedID in network breaches
A relatively new malware called Latrodectus is believed to be an evolution of the IcedID loader, seen in malicious email campaigns since November 2023.
- April 04, 2024
- 04:38 PM
- 0
-
Zeus, IcedID malware gangs leader pleads guilty, faces 40 years in prison
Ukrainian national Vyacheslav Igorevich Penchukov, one of the heads of the notorious JabberZeus cybercrime gang, has pleaded guilty to charges related to his leadership roles in the Zeus and IcedID malware groups.
- February 15, 2024
- 06:05 PM
- 2
-
New PindOS JavaScript dropper deploys Bumblebee, IcedID malware
Security researchers discovered a new malicious tool they named PindOS that delivers the Bumblebee and IcedID malware typically associated with ransomware attacks.
- June 26, 2023
- 12:39 PM
- 0
-
New IcedID variants shift from bank fraud to malware delivery
New IcedID variants have been found without the usual online banking fraud functionality and instead focus on installing further malware on compromised systems.
- March 27, 2023
- 03:25 PM
- 0
-
How to prevent Microsoft OneNote files from infecting Windows with malware
The seemingly innocuous Microsoft OneNote file has become a popular file format used by hackers to spread malware and breach corporate networks. Here's how to block malicious OneNote phishing attachments from infecting Windows.
- March 05, 2023
- 03:23 PM
- 12
-
Hackers behind IcedID malware attacks diversify delivery tactics
The threat actors behind IcedID malware phishing campaigns are utilizing a wide variety of distribution methods, likely to determine what works best against different targets.
- October 10, 2022
- 04:24 PM
- 0
-
Fake copyright complaints push IcedID malware using Yandex Forms
Website owners are being targeted with fake copyright infringement complaints that utilize Yandex Forms to distribute the IcedID banking malware.
- July 07, 2022
- 05:04 PM
- 0
-
Malicious Windows 'LNK' attacks made easy with new Quantum builder
Malware researchers have noticed a new tool that helps cybercriminals build malicious .LNK files to deliver payloads for the initial stages of an attack.
- June 23, 2022
- 11:04 AM
- 0
-
Quantum ransomware seen deployed in rapid network attacks
The Quantum ransomware, a strain first discovered in August 2021, were seen carrying out speedy attacks that escalate quickly, leaving defenders little time to react.
- April 25, 2022
- 08:03 AM
- 1
-
Hackers target Ukrainian govt with IcedID malware, Zimbra exploits
Hackers are targeting Ukrainian government agencies with new attacks exploiting Zimbra exploits and phishing attacks pushing the IcedID malware.
- April 14, 2022
- 11:09 AM
- 0
-
Microsoft Exchange targeted for IcedID reply-chain hijacking attacks
The distribution of the IcedID malware has returned to notable numbers thanks to a new campaign that hijacks existing email conversations threads and injects payloads that are hard to spot as malicious.
- March 28, 2022
- 09:32 AM
- 0
-
Prometheus TDS: The $250 service behind recent malware attacks
Security researchers investigating multiple malware distribution campaigns found that an underground traffic distribution service called Prometheus is responsible for delivering threats that often lead to ransomware attacks.
- August 05, 2021
- 09:57 AM
- 0
-
QBot malware is back replacing IcedID in malspam campaigns
Malware distributors are rotating payloads once again, switching between trojans that are many times an intermediary stage in a longer infection chain.
- April 13, 2021
- 11:38 AM
- 0
-
Attackers deliver legal threats, IcedID malware via contact forms
Threat actors are using legitimate corporate contact forms to send phishing emails that threaten enterprise targets with lawsuits and attempt to infect them with the IcedID info-stealing malware.
- April 09, 2021
- 01:55 PM
- 0
-
BazarCall malware uses malicious call centers to infect victims
For the past two months, security researchers have been waging an online battle against a new 'BazarCall' malware that uses call centers to distribute some of the most damaging Windows malware.
- March 31, 2021
- 01:05 PM
- 2
-
Trickbot Trojan Gets IcedID Proxy Module to Steal Banking Info
Trickbot trojan continues to evolve as its operators started to deploy a custom proxy module to their victims. The new component is derived from BokBot's code for web injection attacks and works with popular web browsers.
- July 09, 2019
- 11:09 AM
- 0
-
Emotet Returns with Thanksgiving Theme and Better Phishing Tricks
After a short break, Emotet malware has been observed concealed in documents delivered through emails that pretended to be from financial institutions or disguised as Thanksgiving-themed greetings for employees.
- November 20, 2018
- 06:51 PM
- 1
-
New IcedID Banking Trojan Discovered
Malware experts have spotted a new player on the banking trojan scene that they named IcedID and which is currently in its first stages of development.
- November 13, 2017
- 06:00 AM
- 1
