#information-stealer

[ follow ]
#malware #macos #cybersecurity #malvertising #supply-chain-attack #phishing #obfuscated-shell-command
#macos
fromMedium
1 week ago
Information security

Unmasking SHub Stealer: A Deep Dive into a Sophisticated macOS Info-Stealer Masquerading as GitHub...

Information security
fromMedium
1 week ago

Unmasking SHub Stealer: A Deep Dive into a Sophisticated macOS Info-Stealer Masquerading as GitHub...

A phishing page mimics GitHub Desktop for macOS and uses an obfuscated Terminal command to deliver an aggressive macOS information stealer.
Information security
fromSecurityWeek
1 month ago

Cloudflare-Themed ClickFix Attack Drops Infiniti Stealer on Macs

macOS users are targeted by a ClickFix campaign delivering a Python-based information stealer through a fake Cloudflare verification page.
more#macos
Information security
fromThe Hacker News
1 month ago

ClickFix Campaigns Spread MacSync macOS Infostealer via Fake AI Tool Installers

Three ClickFix campaigns deliver MacSync, a macOS information stealer, by tricking users into executing terminal commands without requiring exploits.
Information security
fromSecurityWeek
2 months ago

Cloned AI Tool Sites Distribute Malware in 'InstallFix' Campaign

InstallFix campaign uses cloned webpages and malvertising to distribute information-stealing malware through fake installation pages for popular development tools.
fromThe Hacker News
2 months ago

CRESCENTHARVEST Campaign Targets Iran Protest Supporters With RAT Malware

The campaign exploits recent geopolitical developments to lure victims into opening malicious .LNK files disguised as protest-related images or videos, researchers Subhajeet Singha, Eliad Kimhy, and Darrel Virtusio said in a report published this week. These files are bundled with authentic media and a Farsi-language report providing updates from 'the rebellious cities of Iran.' This pro- protest framing appears to be intended to increase credibility and to attract Farsi-speaking Iranians seeking protest-related information.
Information security
fromThe Hacker News
3 months ago

Evelyn Stealer Malware Abuses VS Code Extensions to Steal Developer Credentials and Crypto

The executable, for its part, decrypts and injects the main stealer payload into a legitimate Windows process ("grpconv.exe") directly in memory, allowing it to harvest sensitive data and exfiltrate it to a remote server ("server09.mentality[.]cloud") over FTP in the form of a ZIP file. Some of the information collected by the malware includes - Clipboard content Installed apps Cryptocurrency wallets Running processes Desktop screenshots
Information security
Information security
fromThe Hacker News
7 months ago

Rhadamanthys Stealer Evolves: Adds Device Fingerprinting, PNG Steganography Payloads

Rhadamanthys stealer operates as a professional MaaS with advanced fingerprinting and OCR, tiered paid packages, and related tools marketed under a rebranded cybercrime business.
Information security
fromThe Hacker News
8 months ago

TamperedChef Malware Disguised as Fake PDF Editors Steals Credentials and Cookies

A malvertising campaign distributes a trojanized AppSuite PDF Editor that installs the TamperedChef information stealer and establishes persistence via Windows Registry.
fromThe Hacker News
8 months ago

Noodlophile Malware Campaign Expands Global Reach with Copyright Phishing Lures

The Noodlophile campaign, active for over a year, now leverages advanced spear-phishing emails posing as copyright infringement notices, tailored with reconnaissance-derived details like specific Facebook Page IDs and company ownership information.
Information security
[ Load more ]