Lifeboat Foundation

A banking trojan for Android that researchers call Fakecalls comes with a powerful capability that enables it to take over calls to a bank’s customer support number and connect the victim directly with the cybercriminals operating the malware.

Disguised as a mobile app from a popular bank, Fakecalls displays all the marks of the entity it impersonates, including the official logo and the customer support number.

When the victim tries to call the bank, the malware breaks the connection and shows its call screen, which is almost indistinguishable from the real one.

Cybersecurity researchers have detailed a “simple but efficient” persistence mechanism adopted by a relatively nascent malware loader called Colibri, which has been observed deploying a Windows information stealer known as Vidar as part of a new campaign.

“The attack starts with a malicious Word document deploying a Colibri bot that then delivers the Vidar Stealer,” Malwarebytes Labs said in an analysis. “The document contacts a remote server at (securetunnel[.]co) to load a remote template named ‘trkal0.dot’ that contacts a malicious macro,” the researchers added.

First documented by FR3D.HK and Indian cybersecurity company CloudSEK earlier this year, Colibri is a malware-as-a-service (MaaS) platform that’s engineered to drop additional payloads onto compromised systems. Early signs of the loader appeared on Russian underground forums in August 2021.

Cybercriminals have started using Static Web Apps, an Azure service, in their phishing attacks against Microsoft 365 (opens in new tab) users.

Researchers from MalwareHunterTeam noted Static Web Apps have two features that are being abused with ease — custom branding for web apps, and web hosting for static content such as HTML, CSS, JavaScript, or images.

Hackers so far are focusing on decentralized finance (DeFi) projects to steal crypto this year, a new report found, a reversal from 2021 when they used scams and online fraud for most of their exploits.

So far, investors have lost over $1.22 billion to hackers in the first three months of the year, nearly eight times more than the $154 million lost in the first quarter of 2021, according to crypto security firm Immunefi. Ninety-nine percent of those losses were from software exploits, the report found, specifically the hacks against Wormhole and Ronin.

This is not an anomaly, experts warn. It’s likely this kind of nefarious activity will become more common, while scamming of investors could wane.

A newly discovered data wiper malware that wipes routers and modems has been deployed in the cyberattack that targeted the KA-SAT satellite broadband service to wipe SATCOM modems on February 24, affecting thousands in Ukraine and tens of thousands more across Europe.

The malware, dubbed AcidRain by researchers at SentinelOne, is designed to brute-force device file names and wipe every file it can find, making it easy to redeploy in future attacks.

SentinelOne says this might hint at the attackers’ lack of familiarity with the targeted devices’ filesystem and firmware or their intent to develop a reusable tool.

We’ve seen this funky dual disk polar printer already recently, but [Heinz Loepmeier] has been busy working on it, so here’s an update. The primary focus here is nozzleboss, a blender plugin which enables the surface textures of already sliced objects to be manipulated. The idea is to read in the gcode for the object, and convert it to an internal mesh representation that blender needs in order to function. From there the desired textures can be applied to the surfaces for subsequent stages to operate upon. One trick that nozzleboss can do is to create weight maps to tweak the extrusion flow rate or print velocity value according to the pixel value at the surface — such ‘velocity painting’ can produce some very subtle surface effects on previously featureless faces. Another

Continue reading “Texture Map GCode Directly In Blender With NozzleBoss” »

Hackers using a “complex and powerful” malware loader with the ultimate objective of deploying cryptocurrency miners on compromised systems.

Researchers have uncovered a new malware campaign spreading Mars info-stealer via Google ads.

Researchers have uncovered a new malware campaign spreading Mars info-stealer via Google ads.

WASHINGTON — SpiderOak Mission Systems announced March 29 it won a contract from Lockheed Martin Space for its cybersecurity software.

The contract allows Lockheed Martin to use SpiderOak’s OrbitSecure software. “This is commercial technology that was developed for terrestrial applications and has been repurposed for the space business, specifically for low Earth orbit,” SpiderOak chairman Charles Beames told SpaceNews.

Beames said he could not disclose the value of the contract with Lockheed Martin. “The goal is to make OrbitSecure available to Lockheed Martin customers as part of an offering to provide an extra level of cybersecurity,” he said.