Tag: hacker news

Hackers Exploit WebAPK to Deceive Android Users into Installing Malicious Apps
News

Hackers Exploit WebAPK to Deceive Android Users into Installing Malicious Apps

Threat actors are using Android's WebAPK technology to lure unwary users into installing malicious web apps that are intended to collect sensitive personal information on Android phones. According to analysts from CSIRT KNF, the attack started when victims received SMS messages advising them to upgrade a mobile banking application. "The message's link pointed to a page where WebAPK technology was being used to install a malicious application on the victim's device." The program poses as PKO Bank Polski, a major international provider of banking and financial services with its headquarters in Warsaw. RIFFSEC, a Polish cybersecurity company, was the first to reveal information about the campaign read more Hackers Exploit WebAPK to Deceive Android Users into Installing Malicious Apps. ...
Gamaredon hackers start stealing data 30 minutes after a breach
News

Gamaredon hackers start stealing data 30 minutes after a breach

The Gamaredon hacker operates in quick attacks and can take data from compromised computers in less than an hour, according to a warning from Ukraine's Computer Emergency Response Team (CERT-UA). Cybersecurity researchers have connected Gamaredon, also known as Armageddon, UAC-0010, and Shuckworm, to the Russian Federal Security Service and have noted that some of its members are former SSU officials who defected to Russia in 2014. Threat actors are thought to be behind thousands of attacks against the Ukrainian government and other important public and private organizations since the beginning of the Russian invasion read more Gamaredon hackers start stealing data 30 minutes after a breach. Stay informed with the best cybersecurity news and raise your cybersecurity awareness wit...
Hackers Steal $20 Million by Exploiting Flaw in Revolut’s Payment Systems
News

Hackers Steal $20 Million by Exploiting Flaw in Revolut’s Payment Systems

Early in 2022, malicious actors took advantage of an undiscovered weakness in Revolut's payment infrastructure to steal more than $20 million from the business. The Financial Times reported the situation and cited numerous unnamed sources who were aware of the occurrence. The breach hasn't been made publically known. The problem was caused by differences between Revolut's European and American systems, which led to funds being mistakenly repaid with company funds when some transactions were denied read more Hackers Steal $20 Million by Exploiting Flaw in Revolut's Payment Systems. Stay one step ahead of cyber threats with ReconBee.com. Explore our comprehensive coverage of recent cyber attacks, cybersecurity awareness, and the latest cybersecurity news to safeguard your digital w...
Iranian Hackers Sophisticated Malware Targets Windows and macOS Users
News

Iranian Hackers Sophisticated Malware Targets Windows and macOS Users

The spear-phishing attempts that infect Windows and macOS operating systems with malware have been connected to the Iranian nation-state actor known as TA453. "TA453 eventually used a variety of cloud hosting providers to deliver a novel infection chain that deploys the newly identified PowerShell backdoor GorjolEcho," Proofpoint claimed in a recent research. "When given the chance, TA453 transferred its malware and tried to start a NokNok infection chain with an Apple flavor. Additionally, TA453 used multiple persona impersonations in its never-ending spying mission read more Iranian Hackers' Sophisticated Malware Targets Windows and macOS Users. Stay one step ahead of cyber threats with ReconBee.com. Explore our comprehensive coverage of recent cyber attacks, cybersecurity awar...
Mexico Based Hacker Targets Global Banks with Android Malware
News

Mexico Based Hacker Targets Global Banks with Android Malware

An Android mobile malware campaign targeting financial institutions worldwide, with a concentration on Spanish and Chilean banks, has been traced to an e-crime actor of Mexican descent between June 2021 and April 2023. Security analyst Pol Thill believes the Neo_Net actor is responsible for the activities. Following a malware research challenge in conjunction with vx-underground, SentinelOne disclosed the results. By tailoring their infrastructure to specific targets, Neo_Net has achieved a high success rate despite using relatively simple tools. This has led to the theft of over 350,000 EUR from victims' bank accounts and the compromise of thousands of victims' Personally Identifiable Information read more Mexico Based Hacker Targets Global Banks with Android Malware. Stay one s...
Chinese Hackers Use HTML Smuggling to Infiltrate European Ministries with PlugX
News

Chinese Hackers Use HTML Smuggling to Infiltrate European Ministries with PlugX

Throughout order to install the PlugX remote access trojan on compromised systems, a Chinese nation-state group has been seen targeting foreign affairs ministries and embassies throughout Europe. The SmugX operation, according to cybersecurity company Check Point, has been going on since at least December 2022. According to Check Point, "the campaign leverages novel delivery mechanisms to deploy (most notably - HTML Smuggling) a new variation of PlugX, an implant frequently connected to numerous Chinese threat actors. Although the payload itself resembles those of earlier PlugX variations read more Chinese Hackers Use HTML Smuggling to Infiltrate European Ministries with PlugX. Stay one step ahead of cyber threats with ReconBee.com. Explore our comprehensive coverage of recent...
Hackers Exploiting Unpatched WordPress Plugin Flaw to Create Secret Admin Accounts
News

Hackers Exploiting Unpatched WordPress Plugin Flaw to Create Secret Admin Accounts

Up to 200,000 WordPress websites could be targeted by continuing assaults that take advantage of a serious unpatched security flaw in the Ultimate Member plugin. All versions of the Ultimate Member plugin, including the most recent version (2.6.6) that was released on June 29, 2023, are affected by the vulnerability, tracked as CVE-2023-3460 (CVSS score: 9.8). A well-liked plugin called Ultimate Member makes it easier to create user profiles and communities on WordPress websites. Additionally, it offers account administration capabilities. "This is a very serious issue: unauthenticated attackers may exploit this vulnerability to create new user accounts with administrative privileges read more Hackers Exploiting Unpatched WordPress Plugin Flaw to Create Secret Admin Accounts. ...
Russian satellite telecom Dozor allegedly hit by hackers
News

Russian satellite telecom Dozor allegedly hit by hackers

Hackers associated with the private military company (PMC) Wagner are thought to have attacked Dozor-Teleport, a Russian satellite communications company used by the nation's Ministry of Defence and security services. Users' terminals were damaged as attackers focused on the infrastructure of the satellite communication provider. Hackers may have seriously harmed client equipment and the network core, according to pro-Ukrainian hacker and malware historian Herm1t. The Dozor network has been offline since 2:00 AM UTC, according to the Internet Outage Detection and Analysis (IODA) project, run by the Internet Intelligence Research Lab read more Russian satellite telecom Dozor allegedly hit by hackers. Stay one step ahead of cyber threats with ReconBee.com. Explore our comprehensive...
North Korean Hacker Group Andariel Strikes with EarlyRat Malware
News

North Korean Hacker Group Andariel Strikes with EarlyRat Malware

A previously unknown piece of malware named EarlyRat was used in phishing assaults by the North Korea-aligned threat actor Andariel, adding to the group's extensive toolkit. In a recent analysis, Kaspersky stated that "Andariel infects machines by executing a Log4j exploit, which, in turn, downloads further malware from the command-and-control (C2) server." Andariel, also known as Silent Chollima and Stonefly, is connected to North Korea's Lab 110, a main hacking organisation that also contains APT38 (also known as BlueNoroff) and other subordinate parts that are all monitored under the Lazarus Group banner. The threat actor is known to engage in cybercrime as an additional source of revenue for the country under sanctions read more North Korean Hacker Group Andariel Strikes with...
Flipper hacking device on track to make $80M worth of sales
News

Flipper hacking device on track to make $80M worth of sales

You might have come across the circulating hacking tool called Flipper Zero. The business, which was founded in Russia in 2020, departed the nation at the outbreak of the conflict and has since relocated. It asserts that it is no longer connected to Russia, that it sold $25 million worth of the gadgets last year, and that it is on course to sell $80 million worth of its products this year after raising nearly $5 million through Kickstarter preorders. Then what do they sell? Flipper Zero is a "portable gamified multi-tool" designed for anyone interested in cybersecurity, including penetration testers, nerdy people on the internet, students, and anyone with more sinister motives read more Flipper hacking device on track to make $80M worth of sales. Stay one step ahead of cyber thr...