News

Skype DarkGate malware, Shadow PC breach and AvosLocker ransomware warning

Dan Virgillito
October 16, 2023 by
Dan Virgillito

DarkGate hackers use Skype to distribute malware, PC gaming service Shadow PC hit by data breach and FBI warns of AvosLocker ransomware. Catch all this and more in this week’s edition of Cybersecurity Weekly.

See Infosec IQ in action

See Infosec IQ in action

From gamified security awareness to award-winning training, phishing simulations, culture assessments and more, we want to show you what makes Infosec IQ an industry leader.

1. DarkGate hackers use compromised Skype accounts to infect targets with malware

Trend Micro recently revealed that, from July to September, DarkGate threat actors used compromised Skype accounts to send malicious payloads. They utilized existing chat histories to craft deceptive file names, making their malicious intent harder to detect. The group's overarching goal was to secure full system access and introduce threats such as ransomware and cryptomining. This surge in activity "underscores the growing influence of this malware-as-a-service (MaaS) operation within the cybercriminal sphere," Bleeping Computer reported.

Read more »

2. PC gaming giant Shadow suffers data breach exposing customer info

French tech firm Shadow recently suffered a data breach that compromised customer details. As confirmed by its CEO Eric Sèle, the hack stemmed from a sophisticated social engineering attack initiated on Discord and involved malware disguised as a game on Steam. Despite quick action, hackers tapped into a SaaS provider's interface, accessing names, emails, birthdates, billing details and card expiry dates of over 530,000 users. While Shadow has bolstered security measures, they urge customers to use multi-factor authentication and scrutinize emails closely.

Read more »

3. Hackers still using LinkedIn smart links to conduct phishing attacks

Email security firm Cofense recently uncovered a phishing campaign that uses LinkedIn's smart links to target Microsoft users. Hackers sent over 800 phishing emails containing 80 unique smart links to professionals across multiple industries. The primary targets include employees from the financial and manufacturing sectors, although other industries have also been affected. Cofense suggests that the campaign's broad reach implies a general intent to gather as many credentials as possible rather than targeting a specific organization or sector.

Read more »

4. Feds warn of growing AvosLocker ransomware campaign targeting critical infrastructure  

The U.S. Cybersecurity Infrastructure and Security Agency (CISA) and FBI recently cautioned against AvosLocker, a ransomware-as-a-service operation that has been increasingly targeting the country's vital industries. AvosLocker's broad targeting includes various operating systems and relies heavily on genuine and open-source tools for hacking. Following system compromise, the group both encrypts and offloads data for further extortion. With ransomware attacks escalating, CISA advises critical service providers to employ cybersecurity best practices like network division and multifactor authentication.

Read more »

5. Researchers discover backdoor disguised as WordPress Caching plugin

Defiant analysts recently spotted deceptive malware posing as a WordPress caching plugin. Equipped with features like rogue user creation and content alteration, it jeopardizes website SEO and user safety. Unsuspecting users may be redirected to rouge websites, where hackers have bots for spoofing their personal information. Defiant has swiftly responded by introducing tools to detect and combat this threat.

Read more »

See Infosec IQ in action

See Infosec IQ in action

From gamified security awareness to award-winning training, phishing simulations, culture assessments and more, we want to show you what makes Infosec IQ an industry leader.

 

Dan Virgillito
Dan Virgillito

Dan Virgillito is a blogger and content strategist with experience in cyber security, social media and tech news.