Thursday, January 21, 19:59
Home security New 'grab-bag' hacking attack deploys 6 different types of malware

New 'grab-bag' hacking attack deploys 6 different types of malware

malwareHer researchers Deep Instinct they discovered a new one great hacking campaign, targeting organizations around the world by spreading "Grab-bag" malware. This includes stealing trojans information, remote backdoor, cryptojacker and cryptocurrency stealer.

The campaign with a large number of attacks and different types of malware was named Hornet's Nest.

Researchers believe that attacks are part of one cybercrime-as-a-service business and that hackers behind the original dropper (Legion Loader) offer their services to other cybercriminals.

Multiple malware is still in use and updated. The attacks that use the loader are focused on targets United States and Europe.

Investigators do not know exactly how the attacks began. Once the machine gets infected, however, the Legion Loader will execute commands PowerShell that will allow him to start executing malicious payloads. The loader will distribute three different types trojan malware, which can be found on underground forums.

One trojan is the Vidar, which targets personal information. The second trojan is the Predator the Thief. It is a malware that steals data and steals it photos using the web camera of the victims. Finally, the third trojan is the Racoon Stealer, a relatively new information theft malware that is very powerful and at the same time easy to use.

In addition to these three trojans, the Legion Loader also contains one RDP-based backdoor allowing hackers to access the infected machine. Hackers can then launch other attacks.

Through the Legion Loader, attackers can steal in person data of different kinds that they can use for others scams or sell them on the dark web.

But beyond that, the Hornet's Nest campaign allows hackers to get instant money, as Legion Loader also has a PowerShell-based cryptocurrency stealer, stealing them cryptocurrencies from the purses of the victims. It also contains one cryptomining software.

The campaign is not very sophisticated in its techniques. However, the fact that it contains a lot of malware can cause major problems in victims, as a huge amount of information of various kinds can be stolen.

Organizations and businesses need to take key steps security to avoid such attacks.


Please enter your comment!
Please enter your name here

Absent Mia
Absent Mia
Being your self, in a world that constantly tries to change you, is your greatest achievement


Mac: How to see which model you have and when it was released

When you need support for your Mac - or want to install some kind of upgrade - you usually need to know the exact ...

Bill Gates: Will he work with Biden on COVID-19 / climate change?

Microsoft co-founder Bill Gates said on Twitter that he is looking forward to working with the new US President, Joe Biden, and ...

What are the rumors circulating about the iPhone 13?

Apple iPhone 13 will have a redesigned Face ID system that will have a smaller notch at the top of the screen, ...

Biden: How was the political transition in the US captured on social media?

As Joe Biden was sworn in as President of the United States, this important political transition was captured on popular social media. On January 20, ...

CentOS ceases to be supported but RHEL is offered for free

Last month, Red Hat caused a great deal of concern in the Linux world when it announced the discontinuation of CentOS Linux.

Microsoft Office 365 employee passwords leaked online!

A new large-scale phishing campaign targeting global organizations has been found to bypass Microsoft Office 365 Advanced Threat Protection (ATP) and ...

COSMOTE and Microsoft provide new cloud solutions for businesses

COSMOTE and Microsoft expand their cooperation, offering even more advanced and high quality cloud solutions, in large and small ...

Cyber ​​attacks in Eastern Europe are on the rise!

The cyber-attacks that have taken place in many US government agencies and companies in recent months have caused concern in the developing countries of ...

Tesla reduces the prices of the Model 3 in Europe

Tesla has reduced the prices of the Model 3 in many European markets, which reductions could be partly linked ...

iOS, Android, XBox users in the crosshairs of a new malvertising campaign

Recently a new malvertising campaign was discovered that targets users of mobile and other connected devices and uses effective ...