Tag Archives: phishing

Compromised Exchange Servers Sending Emails to Infect Computers with IcedID Malware

IcedID Info-Stealing Malware Continues to Spread

Compromised Microsoft Exchange servers are sending out emails that appear to be a part of an email chain’s conversation to lure the un-suspecting user into opening an attached password protected archive or .zip file, along with the included password on open the file, resulting in infecting the user’s computer. From this point IcedID phones home with command-and-control techniques and then it can be utilized for a number of different ways to continue to exploit the infected computer. Due to the age of IcedID malware there is quite a bit of researched patterns and information of how it infects a computer.

More details:

The Register – https://www.theregister.com/2022/03/29/icedid_microsoft_exchange_phishing/

The Hacker News – https://thehackernews.com/2022/03/hackers-hijack-email-reply-chains-on.html

BleepingComputer – https://www.bleepingcomputer.com/news/security/microsoft-exchange-targeted-for-icedid-reply-chain-hijacking-attacks/

A Second Chinese Threat Actor Identified In Ukraine CyberAttacks

“Scarab”, a Chinese speaking threat actor has been identified attacking Ukraine in using a backdoor named “HeaderTip” in spear-phishing attack campaigns.

The Hacker News – “Another Chinese Hacking Group Spotted Targeting Ukraine Amid Russia Invasion” : https://thehackernews.com/2022/03/another-chinese-hacking-group-spotted.html

The Record – “Researchers tie Ukraine cyber intrusion attempt to suspected Chinese threat actor ‘Scarab’” : https://therecord.media/researchers-tie-ukraine-cyber-intrusion-attempt-to-suspected-chinese-threat-actor-scarab/

Google Emergency Patches Chrome’s 0-Day

Google responds quick to the actively exploited Chrome zero day bug to shutdown the cyberattacks observed from two threat groups in North Korea.

BleepingComputer – “Emergency Google Chrome update fixes zero-day used in attacks” : https://www.bleepingcomputer.com/news/security/emergency-google-chrome-update-fixes-zero-day-used-in-attacks/

Ransomware Gangs and Hackers Voice Their Chosen Side Between Russia and Ukraine

Events like these truly show how much war has evolved in the cyber realm.

BleepingComputer – “Ransomware gangs, hackers pick sides over Russia invading Ukraine”: https://www.bleepingcomputer.com/news/security/ransomware-gangs-hackers-pick-sides-over-russia-invading-ukraine/

Ukraine Reaches Out For Help In Cyber Defense Meanwhile Anonymous Takes Action Against Russia

Ukraine sends out calls for help for cyber defenders to protect their Infrastructure. Ukrainian troops targeted by phishing attacks in supposed attempts to possibly gather sensitive data and contact information. Meanwhile, after some of Russia’s internet sites fell to an un-reachable status during Russia’s operation of invading Ukraine, Anonymous has taken responsibility for the denial of service attacks. Anonymous has proclaimed they will continue their cyber attacks against the Kremlin as well in #OpRussia.

Security Affairs – “Anonymous launched its offensive on Russia in response to the invasion of Ukraine”: https://securityaffairs.co/wordpress/128392/hacktivism/anonymous-cyber-attacks-russia.html

Infosecurity Magazine – “Anonymous Hacking Group Declares “Cyber War” Against Russia”: https://www.infosecurity-magazine.com/news/anonymous-hacking-group-cyber-war/

ZDNet – “Report: Ukraine calls for volunteer hackers to protect critical infrastructure”: https://www.zdnet.com/article/ukraine-calls-for-underground-hackers-to-protect-critical-infrastructure-report/

BitDefender – “Ukraine calls for volunteer hackers to protect its critical infrastructure and spy on Russian forces”: https://www.bitdefender.com/blog/hotforsecurity/ukraine-calls-for-volunteer-hackers-to-protect-its-critical-infrastructure-and-spy-on-russian-forces/

DarkReading – “Ukrainian Troops Targeted in Phishing Attacks by Suspected Belarusian APT”: https://www.darkreading.com/endpoint/ukrainian-troops-targeted-in-phishing-attacks-by-suspected-belarusian-apt

Happy Valentines Day

Happy Valentines Day! 💝.

While enjoying this special day please practice caution in the cyber realm. Threat groups are maliciously targeting and phishing users.

“Don’t let scammers ruin your Valentine’s Day” via the Threat Intelligence Team @ Malwarebytes Blog https://blog.malwarebytes.com/threat-analysis/social-engineering-threat-analysis/2022/02/dont-let-scammers-ruin-your-valentines-day/

#valentinesday #cyberthreat #phishing #scam #socialengineering #cybersecurity #cybercrime #technology #tech