Back in mid-2018, Trend Micro researchers revealed a campaign that was targeting Japanese and Korean Speaking users with a trojan or we can say infostealer named as Fakespy. This campaign impersonates the end user of being a legit banking app but ended up delivering trojan in the target user’s device. Following this campaign, today some researchers from Cybereason unveiled this campaign which has revived with more capabilities of affecting its users. Now this campaign is not only targeting the Korean users, but it is affecting users all around the world, especially users in countries like China, Taiwan, France, Switzerland, Germany, United Kingdom, United States, and others. This campaign targets its users…
-
-
THANATOSCRYPT IS EXPLOITING BLUEKEEP VULNERABILITY TO MINE CRYPTO FROM YOUR SYSTEMS
Some days before, Ethical Debuggers presented how Chinese hackers are attacking servers to mine cryptocurrency from them. Today, we are presenting a similar campaign ,which is currently going on ,to mine cryptocurrency from your systems . It was found by Tencent Security Intelligence Team. This time the hackers used a simple phenomenon to attack on your systems. They used a Bluekeep vulnerability which was discovered in early May, an year ago. It was a vulnerability in Microsoft’s Desktop Protocol and allows attacker to execute arbitrary code post exploitation. This vulnerability was regarded as one of the high-risk vulnerability and can be tracked via CVE-2019-0708. On 6 September 2019, Metasploit launched…
-
THIS RATKing WILL EAT UP YOUR PRIVACY
RATKing is an animal which consists of a collection of rats with entwined tails . Some researchers found a new group that attacks the victims with a variety of trojans and thus named as RATKing .This group was in consideration by the researchers from late may . Let’s analyse the anatomy of this attack. ANATOMY OF THE ATTACK The attacker uses a simple phenomena of phishing to attack its victim. The attacker first sends an email to it’s victim that convinces them to download a file that is pertaining to be a PDF file but it is a VBScript that is used as a first process in the generation of…
-
DARK CREW FRIENDS ARE ATTACKING THE SITES USING CMS. HOW IS YOUR SITE DEVELOPED?
In this worldwide lockdown, many people have launched their own website to entertain people. Many of them tried a Content Management System like WordPress to create their site. The simple reason behind this is that CMS(Content Management System) automates task, saves time and money as well. But what about security and privacy of our website? Many users think that setting up a web application firewall can prevent their site from all the attacks, but Beware! Hackers are smarter than us . They don’t waste their time where we have already taken precautions instead they attack on that vulnerability which we are unaware about. Some researchers from Checkpoint have explored the…
-
CHINESE GOLDEN SPY MALWARE IN THE NAME OF GOLDEN TAX DEPARTMENT
In this new era of increasing attacks, new malwares are taking new form to exploit the big firms. This Coronavirus has caused damage to many organisations. The controversy about China and its Cyber attacks when they targeted an Australian firm, even now afraid everyone. Being attacked physically and socially, Chinese Cyber criminals have not stopped to make a reign of their cyber terror. Researching about their Cyber attacks, some researchers from Trustwave SpiderLabs has discovered a new malware family, operating in China, named as GoldenSpy which is attacking corporation in the name of tax payment software, making them install a software that contains a backdoor which allow attackers to get…
