minute read
Share this article:
The crooks pay top dollar for Google search results for the popular AnyDesk, Dropbox & Telegram apps that lead to a malicious, infostealer-packed website.
Researchers have tracked down the origins of several increasingly prevalent info-stealers – including Redline, Taurus, Tesla and Amadey – that threat actors are delivering via pay-per-click (PPC) ads in Google’s search results.
On Wednesday, breach prevention firm Morphisec posted an advisory in which it said that over the past month, it’s investigated the origins of paid ads that appear on the first page of search results and that lead to downloads of malicious AnyDesk, Dropbox and Telegram packages wrapped as ISO images.
Panda Stealer Targets Crypto Wallets
A new information stealer is going after cryptocurrency wallets and credentials for applications including NordVPN, Telegram, Discord, and Steam.
Panda Stealer uses spam emails and the same hard-to-detect fileless distribution method deployed by a recent Phobos ransomware campaign discovered by Morphisec.
The attack campaign appears to be primarily targeting users in Australia, Germany, Japan, and the United States.
Panda Stealer was discovered by Trend Micro at the start of April. Threat researchers have identified two infection chains being used by the campaign.
They said: In one, an .XLSM attachment contains macros that download a loader. Then, the loader downloads and executes the main stealer.
These arrests underscore the growing pattern of law enforcement agencies success in pursuing charges against some cybercrime gangs, says Jamie Hart, cyber threat intelligence analyst for Digital Shadows. Since the beginning of 2021, seeing law enforcement coordinate to take down NetWalker, take down Emotet, and now they have taken down Egregor it shows the cooperation is improving and law enforcement are getting the hang of this, she says.
Officials arrests of several people suspected of ties to the Egregor ransomware-as-a-service operation is the latest success. In January, the US Department of Justice arrested a Canadian national and seized almost $500,000 in cryptocurrency as part of their investigation into the Netwalker ransomware operation. A day earlier, an international alliance of law enforcement agencies shut down the Emotet botnet by taking over the infrastructure its operators used.
Morphisec Guard Proves Best-In-Class in the Most Comprehensive Test Ever Performed by AV-Comparatives
Share Article
Morphisec’s Complete Endpoint Prevention Platform Prevents Sophisticated Real-World Attacks Automatically, without Requiring Services or Manual Effort
Morphisec Logo Endpoint security solutions need to be able to stop attacks at multiple phases of the attack chain to ensure maximum risk reduction. This test was a great opportunity for us to demonstrate how Morphisec Guard does this by preventing sophisticated attack tactics in real time. BE’ER SHEVA, Israel & BOSTON (PRWEB) January 28, 2021
Morphisec, a leader in cloud-delivered endpoint and server security solutions, today announced that Morphisec Guard was recognized for its exceptional prevention capabilities by AV-Comparatives, an independent, ISO-certified security testing lab. The AV-Comparatives single product report on Morphisec Guard