A new FakeUpdates campaign targeting WordPress sites has been detected
20/03/2024Over the past few weeks, a new wave of the FakeUpdates malware, also known as SocGholish, has been detected, aimed at WordPress websites. The objective is to lure users into downloading remote access trojans, allowing attackers to take control of their systems. Since its emergence in 2017, FakeUpdates has been one of the most recurring malicious software in the cyber threat landscape. It has previously been associated with cybercriminal groups like Evil Corp, who monetize its use by selling access to infected systems. In this new campaign, cybercriminals are using JavaScript to target WordPress web pages, compromising compromised administrator accounts to introduce altered versions of WordPress plugins. These adulterated versions deceive users into downloading remote access trojans, granting attackers full control over infected devices. What is the most popular type of malware? In addition to the FakeUpdates attack, the threat index from Check Point Research, whose researchers have warned about this new attack, reveals around 200 suspicious content websites directed by ransomware groups. They utilize double extortion tactics to pressure victims into paying immediate ransoms. These attacks have impacted many companies, with the Lockbit3 ransomware being the most utilized by cybercriminals, followed by Play and 8base. The most exploited vulnerabilities by malicious actors include 'Web Servers Malicious URL Directory Traversal,' 'Command Injection Over HTTP,' and 'Zyxel ZyWALL Command Injection,' affecting numerous companies worldwide and allowing attackers to access and manipulate files or execute commands on compromised systems. In Spain, despite a 7% decrease in malware attacks in February, the most sought-after malware includes FakeUpdates, Qbot, and Pandora. In the case of FakeUpdates, it has affected 11.9% of companies in Spain. Mobile Malware In the realm of mobile devices, Anubis remains the most utilized malware in Spain, followed by AhMyth and Hiddad, all designed to compromise the security and privacy of Android device users by collecting confidential information and executing malicious actions.
[ ... ]
The mining hardware market is booming
09/09/2021There is no doubt about it: cryptocurrency mining is booming. According to a report by Technavio, the mining hardware market is expected to grow by about €2.4 billion between 2020 and 2024. It would grow at an annual rate of more than 7%. So much so that Facebook has already announced that it will launch its own cryptocurrency, a stablecoin pegged to the fiat currency of the country where it operates. It also announced that it will get involved in the NFT industry. Meanwhile, interest in different types of mining tools continues to grow. Day after day, miners join the network. “It began as a niche hobby. Early adopters had to set up rigs on their own and then figure out how to connect them to pools (groups of miners) and earn profit. But since hosting facilities became a thing, anyone can purchase a rig and earn some passive crypto”, explains Josh Metnick, CEO of Navier, a company that hosts different types of miners.
[ ... ]