Malware

FortiGuard Labs has uncovered a sophisticated phishing campaign delivering XWorm version 7.2, a multi-functional Remote Access Trojan (RAT) that provides attackers with full remote control of compromised Windows systems. Campaign Overview The campaign utilizes multiple phishing email themes written in various languages to maximize its reach. Emails are disguised as: Payment detail requests requiring recipient…

A sophisticated brand impersonation campaign is weaponizing the popular 7-Zip file archiver to silently transform infected Windows computers into residential proxy nodes—monetizing victims’ IP addresses for fraud, scraping, and anonymity laundering operations. The Lookalike Domain Trap Security researchers at Malwarebytes have documented a long-running campaign where attackers operate 7zip[.]com—a convincing lookalike of the legitimate 7-zip.org…

The SystemBC malware loader has demonstrated remarkable resilience, continuing to operate despite targeted efforts during Europol’s Operation Endgame in May 2024. Cybersecurity firm Silent Push has identified more than 10,000 unique infected IP addresses across a massive botnet infrastructure that shows no signs of slowing down. Key Findings Silent Push researchers deployed a custom-built SystemBC…

A newly identified Windows malware strain called PDFSider has emerged as a dangerous tool in the arsenals of multiple ransomware operators, with at least one confirmed attack targeting a Fortune 100 finance company. Security researchers at Resecurity uncovered the malware during an incident response engagement, describing it as an advanced stealth backdoor designed for long-term…