Tag: macos
Malware campaign attacks 300 organizations
Throughout June and August of this year, a sophisticated off-the-shelf malware campaign targeted over 300 organizations. According to cybersecurity company CrowdStrike, the campaign deployed SHAMOS, a malware variant of Atomic macOS Stealer (AMOS) developed by cybercriminal group COOKIE SPIDER.
MacOS users targeted by ‘infostealer’ malware
Apple computer users are suffering a growing number of ‘infostealer’ attacks across multiple regions and industries. These are a form of malicious software created to breach computer systems in order to steal sensitive information. The Palo Alto Networks Unit42 research group has detected a 101 percent increase in macOS infostealers in the last two quarters of 2024. The researchers identified three particularly prevalent macOS infostealers: Poseidon, Atomic, and Cthulhu. The developers of Atomic Stealer sell it as malware as a service (MaaS) in hacker forums and on Telegram. The Atomic Stealer operators usually distribute their malware via malvertising - the use of online advertising to spread malware. This typically involves injecting malicious or malware-laden advertisements into legitimate online advertising networks and webpages. It is capable of stealing notes and documents, browser data such as passwords, and cookies, cryptocurrency wallets, and instant messaging data. Atomic Stealer, also known as AMOS was first discovered in April 2023.
Officials Take Down the “911 S5 botnet” – May 30th
A US-led law enforcement sting operation against the global '911 S5 botnet' network was a major success. The 911 S5 botnet network of millions of compromised Windows computers was used to facilitate cyber-attacks, fraud, and child exploitation, among other illicit activities.
Zscaler Clarifies, Only The Test Server Was Compromised – May 14th
In conclusion, in its investigations on hacking claims, Zscaler found that only an isolated test environment was compromised. The investigation arrived after a hacker named 'IntelBroker' confirmed that he breached Zscaler, offering to sell their data for $20K. The incident investigation is now also being conducted with Europol.
Boeing Discloses $200M Ransomware Attempt – May 13th
Boeing made a significant disclosure: The LockBit ransomware group targeted the company, which demanded a staggering $200M extortion payment. Boeing did not pay LockBit a ransom despite 43 GB of company data leaked on the ransomware group's website in November 2023. Boeing is now in contact with the FBI to mitigate the breach.
Millions of AT&T Data at Risk from Data Breach – April 1st
AT&T sent out a mass announcement to its customers, informing them that a dataset containing sensitive data from 7.6M current users and 65.4M former users is for sale on the dark web. To mitigate the breach, AT&T reset the passcodes of all its current users and will constantly communicate with customers to further protect accounts.
Exfiltrated Info Automatically Spread on Discord Bot Channel – January 23rd
On an analysis published by Trellix security researcher Gurumoorthi Ramanathan, the "NS-STEALER" malware distributed via a hidden ZIP file could lead to captured data automatically displayed on the Discord bot channel "EventListener". The hidden malware "NS-STEALER" when deployed onto a user's system, can automatically collect screenshots, cookies, credentials, autofill data, and system information from web browsers.