Tag: Malware

CrackedCantil Dropper Delivers Numerous Malware

CrackedCantil is a versatile dropper malware, capable of unleashing multiple malicious payloads.

CrackedCantil is a unique dropper malware sample that operates with a wide variety of malware families. Infecting with one may effectively mean up to five other malware types running in the system. Let’s break down on what it is, how it spreads, and why it is so dangerous. What is CrackedCantil? CrackedCantil is a dropper… Continue reading CrackedCantil Dropper Delivers Numerous Malware

PUABundler:Win32/CandyOpen Analysis & Removal Guide

CandyOpen is a malware used to download unwanted software

PUABundler:Win32/CandyOpen is an unwanted program that acts as a browser hijacker and can download junk apps to your system. Specifically, it points at a thing known as OpenCandy adware, that is known for its indecent behavior. Let’s break it down and see what the PUABundler/Candyopen on a real-world example. What is PUABundler:Win32/CandyOpen? As I’ve said… Continue reading PUABundler:Win32/CandyOpen Analysis & Removal Guide

Seven Common Types of Malware – Analysis & Description

Being aware of the types of malware is key to protecting your devices and systems from potential cyberattacks.

In the intricate landscape of cybersecurity, comprehending the various forms of malware is crucial. This article offers an in-depth look at the most pervasive malware types, from Loaders to Keyloggers. We’ll explore their mechanisms, impacts, and how they compromise digital security, providing you with the knowledge to better safeguard against these ever-evolving cyber threats. Let’s… Continue reading Seven Common Types of Malware – Analysis & Description

PUABundler:Win32/PiriformBundler

PiriformBundler is a detection name for software developed by Piriform

PUABundler:Win32/PiriformBundler is the detection of an unwanted program, developed and issued by Piriform Software. While applications from this developer aren’t inherently malicious, the bundled software they carry and their questionable behavior make them less than desirable. What is PUABundler:Win32/PiriformBundler? PiriformBundler is a detection name for unwanted software developed by Piriform. Microsoft assigns such names to… Continue reading PUABundler:Win32/PiriformBundler

Novice Rugmi Loader Delivers Various Spyware

Analysts uncovered a novice Rugmi Loader, malware that primarily aims at spreading spyware and stealers

The threat landscape meets a new player – Rugmi Loader. This threat specializes in spreading spyware, and is in fact capable of delivering any malware type. Rugmi boasts of its unusual structure, which makes it rather promising among other loaders. What is Rugmi Loader? The Rugmi is a complex loader with multiple components that deliver… Continue reading Novice Rugmi Loader Delivers Various Spyware

Xamalicious Trojan Hits Over 327K Android Devices

Android backdoor, Xamalicious, has been discovered, carrying out various malicious actions on infected devices.

A new Android backdoor, dubbed Xamalicious, was discovered by the researchers at the edge of 2023. This malware exhibits potent capabilities to perform malicious actions on infected devices. Malware reportedly exploits Android’s accessibility permissions to gain access to various sources of user data. What is Xamalicious Malware? As I’ve said in the introduction, Xamalicious is… Continue reading Xamalicious Trojan Hits Over 327K Android Devices

UAC-0099 Targets Ukrainian Companies With Lonepage Malware

UAC-0099 has been using a critical vulnerability in WinRAR software to spread Lonepage malware.

Ukrainian cyberwarfare sees further action as the UAC-0099 threat actor escalates its cyber espionage campaign against Ukrainian firms. Leveraging a severe vulnerability in the popular WinRAR software, the group orchestrates sophisticated attacks to deploy the Lonepage malware, a VBS malware capable of remote command execution and data theft. UAC-0099 Exploits WinRar Vulnerability In most recent… Continue reading UAC-0099 Targets Ukrainian Companies With Lonepage Malware

FalseFont Malware Targets Defence Contractors Worldwide

Iranian hackers joined the big hacking game with a novice malware sample

The Iranian hacking group APT33 has developed a new malware called FalseFont. They use it to target the Defense Industrial Base worldwide. Microsoft reports the surge in its activity in December, 2023. APT33 targets defense firms with FalseFont malware Researchers recently shed light on a new cyber-espionage campaign. The Iranian APT33 group has been deploying… Continue reading FalseFont Malware Targets Defence Contractors Worldwide

Trojan:Script/Wacatac.B!ml

Wacatac is a common noun for a wide group of spyware

Trojan Wacatac is an umbrella detection for a wide range of malicious software, that shares functionality and code. In particular, the Wacatac name points to malware with dropper capabilities that are used to deliver ransomware. Trojan Wacatac Detection Overview Win32/Wacatac detection is one of the numerous detection names that Microsoft assigns to minor malware families.… Continue reading Trojan:Script/Wacatac.B!ml

Malicious Loan Apps in Play Store Decieved 12M Users

Offering money just now in exchange for your confidential information.

Eighteen malicious loan apps on the Google Play Store, posing as legitimate financial services, have scammed users. They offer high-interest-rate loans while harvesting their personal and financial data for malicious purposes, totaling over 12 million downloads. 18 Malicious Loan Apps Defraud Millions of Android Users Cybersecurity researchers have exposed 18 malicious loan apps on the… Continue reading Malicious Loan Apps in Play Store Decieved 12M Users