Tag

Infostealer

All articles tagged with #infostealer

technology1 day ago•4 min saved

Chrome secures sessions by binding cookies to hardware, thwarting infostealer theft

Google Chrome 146 on Windows adds Device Bound Session Credentials (DBSC), cryptographically linking a user’s session to the device’s hardware (TPM on Windows, Secure Enclave on macOS) so stolen session cookies can’t be exploited. New short-lived cookies require possession of the hardware-bound private key, otherwise they expire quickly. macOS support is planned for a future Chrome release. The DBSC protocol, developed with Microsoft and tested with partners like Okta, aims to reduce cookie theft while preserving privacy, with implementation guidance and W3C specs available for developers.

via BleepingComputer|

#chrome #dbsc #hardware-security

security19 days ago•6 min saved

Trivy hit by TeamPCP supply-chain attack through GitHub Actions

The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors TeamPCP, who backdoored the Trivy GitHub build process and trojanized releases and related GitHub Actions (notably v0.69.4). This allowed an infostealer to harvest credentials and other secrets from GitHub Actions runners, CI configs, and local developer environments, exfiltrating data to a typosquatted C2 server or via a public repo. Attackers gained write access to publish malicious releases and force-push most tags, making detection difficult; Aqua Security linked the breach to an earlier credential exfiltration and noted token rotation wasn't atomic. The incident is connected to a follow-up CanisterWorm npm campaign by the same actor. Remediation includes rotating all secrets, auditing for compromise, and investigating for persistence across environments.

via BleepingComputer|

#github-actions #infostealer #security

cybersecurity2 months ago•5 min saved

Public Database Leak Exposes 149 Million Logins, Highlighting Infostealer Risk

A publicly accessible database exposed 149 million account credentials, including 48 million Gmail logins and 17 million Facebook logins, along with government, banking, and education accounts. The researcher who found it suspects infostealing malware collected the data, and the provider took the trove down after being alerted; the leak highlights how unsecured databases can become a goldmine for cybercriminals.

via WIRED|

#cybersecurity #data-breach #infostealer

technology7 months ago•1 min saved

Automated Spyware Captures Webcam Images of Victims Watching Porn

A new spyware malware automates sextortion by monitoring browsers for NSFW content, then capturing screenshots and webcam photos of victims, escalating the threat of cybercrime and privacy invasion.

via WIRED|

#cybersecurity #infostealer #malware

technology8 months ago•2 min saved

Hacker Injects Malware into Early Access Steam Game

A threat actor called EncryptHub compromised the early access Steam game Chemia by injecting malware that steals user data, which remains available on Steam and poses a risk to players. The malware includes HijackLoader and Vidar infostealer, and was added through malicious binaries, with the attack possibly involving insider help. Steam has not issued an official statement, and users are advised to avoid downloading the game until further notice.

via BleepingComputer|

#chemia #encrypthub #infostealer

technology9 months ago•1 min saved

Webinar Highlights: Stolen Credentials as the New Network Entry Point

A webinar on July 9th will explore how cybercriminals are increasingly breaching networks using stolen credentials instead of vulnerabilities, covering attack methods, detection, and prevention strategies, with insights from industry experts.

via BleepingComputer|

#credentials #cybersecurity #identitytheft

technology9 months ago•3 min saved

Minecraft Players Targeted by Malware Masquerading as Game Mods

A malware campaign by Stargazers Ghost Network targets Minecraft players with fake mods and cheats, infecting Windows devices to steal credentials, tokens, and cryptocurrency wallets through malicious Java and .NET payloads distributed via GitHub repositories and Pastebin links, with a focus on evading detection and exfiltrating data to Russian-controlled servers.

via BleepingComputer|

#cybersecurity #github #infostealer

cybersecurity2 years ago•1 min saved

"PyPI Malware Threatens Windows and Linux Users with Crypto and Info Theft"

Malicious packages on the PyPI repository have been found to deliver the WhiteSnake Stealer malware on Windows systems, while also targeting Linux hosts with a Python script. The malware, uploaded by a threat actor named "WS," is capable of stealing information, communicating with a C&C server using the Tor protocol, and exfiltrating sensitive data, particularly crypto wallet information. The packages have been observed to overwrite clipboard content with attacker-owned wallet addresses and steal data from browsers, applications, and crypto services. This discovery highlights the ability of a single malware author to disseminate multiple info-stealing malware packages into the PyPI library over time.

via The Hacker News|

#cybersecurity #infostealer #malware

cybersecurity2 years ago•2 min saved

"Realst Malware: Protecting Your macOS Sonoma and Cryptocurrency Wallets"

Cybercriminals are spreading a new infostealer malware called Realst through fake blockchain games, targeting both Windows and macOS users. Some variants of the malware are already targeting macOS 14 Sonoma, which is set to be released in the fall. Realst silently collects web browser data, including stored passwords, and can empty cryptocurrency wallets. To protect against Realst and other malware, users are advised to be cautious when installing software outside the official Mac App Store, verify links before opening them, use strong passwords and two-step authentication, exercise caution when granting permissions, and keep devices and applications up-to-date.

via 9to5Mac|

#cybersecurity #infostealer #macos