StealC v2 is rewriting the rules of cyberattack—with stealth upgrades, multi-method payloads, and even real-time alerts via Telegram. Are your defenses ready for a subscription-based cyber weapon that's as adaptable as it is dangerous?
https://thedefendopsdiaries.com/stealc-v2-a-new-era-of-information-stealing-malware/
Fake Social Security Statement emails trick users into installing remote tool
A phishing campaign is targeting users with fake emails purportedly from the US Social Security Administration. These emails aim to trick recipients into installing ScreenConnect, a legitimate remote access tool that can be misused by cybercriminals. The campaign, attributed to a group called Molatori, sends emails with links to download the ScreenConnect client under misleading names. Once installed, attackers can remotely access the victim's computer, potentially leading to data theft and financial fraud. The campaign is difficult to detect due to the use of compromised WordPress sites for sending emails, image-based content to evade filters, and the legitimacy of the ScreenConnect application itself.
Pulse ID: 68133275aea46cd7781eec41
Pulse Link: https://otx.alienvault.com/pulse/68133275aea46cd7781eec41
Pulse Author: AlienVault
Created: 2025-05-01 08:36:05
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #DataTheft #ELF #Email #FinancialFraud #InfoSec #Mac #OTX #OpenThreatExchange #Phishing #RAT #RDP #ScreenConnect #Word #Wordpress #bot #AlienVault
HANNIBAL Stealer: A Rebranded Threat Born from Sharp and TX Lineage
The Hannibal Stealer is a sophisticated information stealer targeting Chromium and Gecko-based browsers, developed in C# and operating on the .NET Framework. It bypasses Chrome Cookie V20 protection and steals data from cryptocurrency wallets, FTP clients, VPNs, and messaging apps. The malware performs system profiling, captures screenshots, and exfiltrates targeted files. It includes a crypto clipper module and is controlled via a dedicated C2 user panel. Advertised on various forums, it employs geofencing, domain-matching, and comprehensive data theft techniques. The stealer is likely a rebranded version of earlier SHARP and TX Stealers, with minimal innovation beyond updated communication methods.
Pulse ID: 6811dd434197b551215abaf3
Pulse Link: https://otx.alienvault.com/pulse/6811dd434197b551215abaf3
Pulse Author: AlienVault
Created: 2025-04-30 08:20:19
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Browser #Chrome #CyberSecurity #DataTheft #InfoSec #Malware #NET #Nim #OTX #OpenThreatExchange #RAT #Troll #VPN #bot #cryptocurrency #AlienVault
SnakeKeylogger – A Multistage Info Stealer Malware Campaign
This analysis explores a sophisticated malware campaign utilizing SnakeKeylogger, a credential-stealing threat. The attack begins with malicious spam emails containing disguised attachments. The infection chain involves multiple stages, including encrypted payload delivery, process hollowing, and stealthy execution. SnakeKeylogger targets various applications to harvest sensitive data, including web browsers, email clients, and FTP software. The malware employs advanced evasion techniques such as obfuscation and memory injection. It specifically targets Microsoft Outlook profiles and Wi-Fi credentials. The campaign demonstrates a structured approach with regular payload updates and abuse of legitimate servers for distribution. This threat poses significant risks for data theft and potential business email compromise.
Pulse ID: 680a3f63bd3d072221e25eba
Pulse Link: https://otx.alienvault.com/pulse/680a3f63bd3d072221e25eba
Pulse Author: AlienVault
Created: 2025-04-24 13:40:51
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Browser #CyberSecurity #DataTheft #Email #InfoSec #KeyLogger #Malware #Microsoft #OTX #OpenThreatExchange #Outlook #RAT #SnakeKeylogger #Spam #bot #AlienVault
DPP Law, a firm in the United Kingdom, didn't think a data theft was worth reporting to the authorities.
New Google Phishing Scam Targets Crypto Users with Legitimate Emails.
#cryptocurrency #Cybercrime #datatheft #google #Phishing
https://blazetrends.com/new-google-phishing-scam-targets-crypto-users-with-legitimate-emails/?fsp_sid=14109
Malicious JScript Loader Jailbreaked to Uncover Xworm Payload Execution Flow
A new malware campaign has been identified leveraging JScript and obfuscated
PowerShell commands to deliver highly evasive malware variants XWorm and
Rhadamanthys. These threats are distributed using fileless techniques, making
them extremely difficult to detect using traditional antivirus solutions. The
campaign primarily targets Windows environments and utilizes scheduled tasks
or deceptive ClickFix CAPTCHA screens to trick users into executing malicious
payloads. Such loaders are often seen in enterprise environments, where attackers
aim to infiltrate business systems for espionage, data theft, or financial gain.
Pulse ID: 67fef516074ec94b68f3a8e7
Pulse Link: https://otx.alienvault.com/pulse/67fef516074ec94b68f3a8e7
Pulse Author: cryptocti
Created: 2025-04-16 00:08:54
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CAPTCHA #CyberSecurity #DataTheft #Espionage #InfoSec #Malware #OTX #OpenThreatExchange #PowerShell #RAT #Rhadamanthys #Windows #Worm #XWorm #bot #cryptocti
Ouch, that Hertz
"Car rental giant Hertz Corporation warns it suffered a data breach after customer data for its Hertz, Thrifty, and Dollar brands was stolen in the Cleo zero-day data theft attacks."
Beware! Fake 'NextGen mParivahan' Malware Returns
A new variant of the fake NextGen mParivahan malware has emerged, exhibiting enhanced stealth and data theft capabilities. The malware, disguised as a government traffic notification system, tricks users into downloading a malicious app that requests extensive permissions. This latest version targets messages from social media, communication, and e-commerce apps, posing a greater threat to user privacy. It employs advanced techniques such as malformed APKs, multi-stage dropper-payload architectures, and dynamic C2 generation to evade detection. The malware steals sensitive data, including SMS messages and notification content, uploading it to Firebase or a C2 server. Its ability to access notifications, SMS, and app data significantly risks user privacy, highlighting the need for improved security awareness and analysis tools.
Pulse ID: 67f6b1c771e854bfa88f7cfd
Pulse Link: https://otx.alienvault.com/pulse/67f6b1c771e854bfa88f7cfd
Pulse Author: AlienVault
Created: 2025-04-09 17:43:35
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#APK #CyberSecurity #DataTheft #Government #InfoSec #Malware #OTX #OpenThreatExchange #Privacy #RAT #RCE #SMS #SocialMedia #bot #AlienVault
A company producing goods for #consumer and/or #enterprises putting them #Online, #stealing their #data has no respect towards the customers and should be blow off the market. Furthermore if they steal without info they should be fined really hard!
This affects #car manufactures in the same way the the ones of mobiles, computers and so call smart devices.
We definitely should fight hard against people stealing our data!
#MassSurveilance #datatheft #privacy #security #selfhosing #foss
@bignose @ebay Yet more #Enshitification from #ThievingFucks This time its #Ebay merrily engaging in #DataTheft with Sneaky BS account feature release.
#OptOut of #garbage #AI training using your account data Now!
Vidar Stealer: Infostealer malware discovered in Steam game
A recent analysis uncovered a sophisticated deployment of Vidar Stealer, an infamous information-stealing malware, disguised as a legitimate Microsoft Sysinternals tool, BGInfo.exe. The malware, found with an expired Microsoft signature, was significantly larger than the original file and contained modified initialization routines. It creates virtual memory allocations to execute its malicious code, ultimately extracting and running Vidar Stealer. This variant maintains its core functionalities, including credential theft, cryptocurrency wallet targeting, session hijacking, and cloud data theft. The incident highlights the evolving tactics of cybercriminals, emphasizing the need for vigilant threat hunting and proactive security measures.
Pulse ID: 67f42a4eca9270b211468d90
Pulse Link: https://otx.alienvault.com/pulse/67f42a4eca9270b211468d90
Pulse Author: AlienVault
Created: 2025-04-07 19:41:02
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Cloud #CyberSecurity #DataTheft #ICS #InfoSec #InfoStealer #Malware #Microsoft #OTX #OpenThreatExchange #Steam #Vidar #bot #cryptocurrency #AlienVault
Oshawa, Ont., man charged after allegedly stealing, leaking Texas Republican Party data
An Ontario man is facing charges in an alleged theft and leak of Texas Republican Party data in 2021. The accused gained unauthorized access to a third-party hosting company's computer system to "deface and download a backup of Texas Republican Party's...
#Politics #Crime #DataTheft #Oshawa #Texas #Ontario
https://www.cbc.ca/news/canada/toronto/oshawa-man-charged-texas-republican-party-data-1.7502188?cmp=rss
Oshawa, Ont., man charged after allegedly stealing, leaking Texas Republican Party data
An Ontario man is facing charges in an alleged theft and leak of Texas Republican Party data in 2021. The accused gained unauthorized access to a third-party hosting company's computer system to "deface and download a backup of Texas Republican Party's...
#Politics #Crime #DataTheft #Oshawa #Texas #Ontario
https://www.cbc.ca/news/canada/toronto/oshawa-man-charged-texas-republican-party-data-1.7502188?cmp=rss
North Korean IT Workers: A Growing Cybersecurity Threat in Europe
https://thedefendopsdiaries.com/north-korean-it-workers-a-growing-cybersecurity-threat-in-europe/
#northkoreancyberthreat
#cybersecurity
#remoteinfiltration
#deepfakes
#datatheft
North Korean IT Workers: A Growing Cybersecurity Threat in Europe
https://thedefendopsdiaries.com/north-korean-it-workers-a-growing-cybersecurity-threat-in-europe/
#northkoreancyberthreat
#cybersecurity
#remoteinfiltration
#deepfakes
#datatheft
Understanding Clop Ransomware: Strategies and Defensive Measures
https://thedefendopsdiaries.com/understanding-clop-ransomware-strategies-and-defensive-measures/
#clopransomware
#cybersecurity
#zerodayvulnerabilities
#datatheft
#ransomwaredefense
Steam removes game demo distributing Information-Stealing malware
#cybersecurity #infosec #incident #datatheft
https://beyondmachines.net/event_details/steam-removes-game-demo-distributing-information-stealing-malware-f-e-e-z-6/gD2P6Ple2L
How to get in on the new class-action Dell lawsuit settlement in Canada
Thousands of Canadians will soon be able to claim part of a recently approved settlement in a class-action lawsuit against Dell.Aa representative from the law firm Wagners confirmed over email that a $2.1 million settlement was approved in the Nova Scotia Supreme Court on Feb. 27, 2...
#lawsuit #settlement #datatheft #Canada #NovaScotia
https://www.blogto.com/tech/2025/02/get-in-class-action-dell-lawsuit-settlement-canada/
