Browsing CategoryCyber Attack

QBot Trojan Attacks

QBot malware, also referred to as Qakbot and Pinkslipbot, is a banking Trojan active since 2008. Attackers are using the QBot malware with updated worm features to steal users’ keystrokes, deploy backdoors, and spread malware payloads on compromised devices. Researchers stated that the newest version of QBot has detection and research-evasion techniques that hide the malware codes […]

The post QBot Trojan Attacks Victims with Malicious Election Interference Attachments appeared first on GBHackers On Security.

King Engine Ransomware

According to Cofense Intelligence researchers, a new version of Hentai OniChan Ransomware dubbed “King Engine” is being delivered during a Coronavirus-themed phishing campaign. The new variant called King Engine exfiltrates data and demands a huge amount as ransom, which is significantly on top of previously analysed versions of Hentai OniChan campaigns. In previous campaigns, cybercriminals […]

The post Fake COVID-19 Test Results Drop King Engine Ransomware appeared first on GBHackers On Security.

Google Drive Notifications

Scammers found a new phishing lure to play with Google Drive.  An unpatched security loophole within the Drive is being exploited to send seemingly legitimate emails and push notifications from Google that, if opened, could land people on malicious websites. Users reported that they have received Google Drive notifications in Russian or English asking them to collaborate on […]

The post Attackers Using Google Drive Notifications to Trick the Users in Clicking Malicious Links appeared first on GBHackers On Security.

Iranian APT Group

The latest advisory issued by the Cybersecurity and Infrastructure Security Agency (CISA) along with the FBI, states that they are aware of an Iranian Advanced Persistent Threat (APT) actor targeting US websites, including election websites. It is believed that a group of hackers have accessed the voter data and have sent out thousands of threatening […]

The post U.S. Govt Released Advisory on how Iranian APT Group Obtained Voter Registration Data appeared first on GBHackers On Security.

Vermont Health Network

The University of Vermont Health Network is now the latest victim in an ongoing onslaught of cyberattacks. The cyberattack has targeted the University’s six hospitals in Vermont and New York which has mainly targeted in causing computer network problems. The hospital mentioned that their ‘MyChart’ and other appointments were affected because of this. The FBI […]

The post Vermont Hospitals Now Latest Victim of Ransomware Attacks appeared first on GBHackers On Security.

Trula Hacker Group Uses Custom Malware & Legacy Tools to Attack Government Organizations

Trula, a sophisticated hacking group also known as Krypton, VenomousBear, Waterbug, Uroburos, or Snakegroup targets government entities, military, energy, and nuclear research organizations. The group knows for conducting various spear-phishing techniques and watering-hole attacks to infect targeted victims. The group knows to be active since at least 2014. Accenture threat researchers identified the group typical […]

The post Trula Hacker Group Uses Custom Malware & Legacy Tools to Attack Government Organizations appeared first on GBHackers On Security.

Russian Hackers Attack U.S. Government Networks To Steal Sensitive Data

CISA & FBI released a joint alert detailing Russian state-sponsored advanced persistent threat (APT) targeting various U.S. government networks to steal sensitive data. Russian State-sponsored actors group such as Berserk Bear, Energetic Bear, TeamSpy, Dragonfly, Havex, Crouching Yeti, and Koala are active since 2010 and targeting various U.S. state, local, territorial, and tribal (SLTT) government […]

The post Russian Hackers Attack U.S. Government Networks To Steal Sensitive Data appeared first on GBHackers On Security.

QQAAZZ Group Charged

Law enforcement agencies charged the QQAAZZ group for working with Cybercriminals around the world to launder money stolen from victims of computer fraud in the United States and worldwide. The law operation was conducted in 16 countries resulting in the arrest of 20 individuals suspected to be part of the QQAAZZ criminal network. Transnational Criminal […]

The post QQAAZZ Group Charged for Providing money-laundering Services to Malware Operations appeared first on GBHackers On Security.

Emotet Malware Attacks

CISA observes a significant increase in Emotet malware attacks that steals login credentials from various browsers, email clients, and applications. The malware was first observed in mid-2014 as a banking Trojan, it is one of the most notorious email-based malware that offers several botnet-driven spam campaigns and ransomware attacks as a service. Earlier this year […]

The post CISA Warns of Emotet Malware Attacks Targeting Government Entities Via Weaponized Word Documents appeared first on GBHackers On Security.

Ttint IoT Botnet

Netlab observed a new IoT botnet exploits two Tenda router 0-day vulnerabilities to install a Remote Access Trojan (RAT). The botnet dubbed Ttint was found to be active since November 2019, along with DDoS capabilities it includes 12 remote access functions. Ttint IoT Botnet Attack Attackers used following Tenda router 0-day vulnerability (CVE-2018-14558 & CVE-2020-10987) […]

The post A New Mirai based IoT RAT Spreading Through 2 0-day Vulnerabilities appeared first on GBHackers On Security.