Hacker News with Generative AI: Malware

FBI forces Chinese malware to delete itself from US computers (arstechnica.com)
The FBI said today that it removed Chinese malware from 4,258 US-based computers and networks by sending commands that forced the malware to use its "self-delete" function.

Cybersecurity, Malware, Government, China, United States

7 points by chha 3 days ago | 2 comments

Justice Dept., FBI and International Partners Delete China-Backed Malware (justice.gov)
The Justice Department and FBI today announced a multi-month law enforcement operation that, alongside international partners, deleted “PlugX” malware from thousands of infected computers worldwide.

Cybersecurity, Malware, Law Enforcement, International Cooperation

11 points by Signez 3 days ago | 1 comments

USB RJ-45 adapter with malware from Aliexpress (twitter.com)

Cybersecurity, Hardware, Online Shopping, Malware

17 points by jesprenj 5 days ago | 2 comments

Cheap rj45 ethernet to USB adapter contains malware (twitter.com)

Security, Hardware, Malware

32 points by rsecora 5 days ago | 23 comments

Malware detection prevents Docker Desktop to start on macOS (github.com/docker)

Malware, Docker, macOS, Security, Software

4 points by Olshansky 8 days ago | 1 comments

Tell HN: macOS is currently detecting Docker as malware (ycombinator.com)
I just finished porting my projects canonical build process to Docker a few days ago, and had a rude awakening today when MacOS declared Docker malware and deleted its executable.

macOS, Docker, Security, Malware

7 points by Rendello 8 days ago | 1 comments

macOS is detecting Docker as a malware and keeping it from starting (github.com/docker)
Malware Blocked. “com.docker.socket” was not opened because it contains malware. this action did not harm your Mac.

Malware, macOS, Security, Docker

10 points by alexkehayias 9 days ago | 3 comments

Time to check if you ran any of these malicious Chrome extensions (arstechnica.com)
As many of us celebrated the year-end holidays, a small group of researchers worked overtime tracking a startling discovery: At least 33 browser extensions hosted in Google’s Chrome Web Store, some for as long as 18 months, were surreptitiously siphoning sensitive data from roughly 2.6 million devices.

Security, Chrome Extensions, Malware, Privacy

27 points by mentalgear 15 days ago | 12 comments

Over 3.1M fake "stars" on GitHub projects used to boost rankings (bleepingcomputer.com)
GitHub has a problem with inauthentic "stars" used to artificially inflate the popularity of scam and malware distribution repositories, helping them reach more unsuspecting users.

GitHub, Security, Malware, Scams, Social Engineering

4 points by elsewhen 17 days ago | 0 comments

Over 3.1M fake "stars" on GitHub projects used to boost rankings (bleepingcomputer.com)
GitHub has a problem with inauthentic "stars" used to artificially inflate the popularity of scam and malware distribution repositories, helping them reach more unsuspecting users.

GitHub, Security, Software Development, Malware, Scams

7 points by gpi 17 days ago | 1 comments

New 'OtterCookie' malware used to backdoor devs in fake job offers (bleepingcomputer.com)
North Korean threat actors are using new malware called OtterCookie in the Contagious Interview campaign that is targeting software developers.

Cybersecurity, Malware, North Korea, Software Development

62 points by sandwichsphinx 22 days ago | 12 comments

Analyzing North Korean Malware (medium.com)
We came across this campaign when a user reported that they were offered a job through LinkedIn, and that the “challenge” presented by the recruiter contained malware.

Cybersecurity, North Korea, Malware

71 points by supitto 22 days ago | 17 comments

Asus bombards Windows 11 with christmas.exe malware-like Christmas wreath banner (windowslatest.com)
The Christmas.exe in Task Manager and the Christmas theme wreath banner that covers half of your screen on Windows 11 are not malware but a new promotional campaign by ASUS on some PCs. It’s causing panic among users who spotted the banner on their PCs in the third week of December.

Windows, Malware, Asus, Marketing, Christmas

12 points by croes 25 days ago | 5 comments

Quasar Rat Disguised as an NPM Package for Detecting Vulnerabilities in Ethereum (socket.dev)
Socket’s threat research team has discovered a malicious npm package, ethereumvulncontracthandler, which is posing as a tool for detecting vulnerabilities in Ethereum smart contracts but instead deploys Quasar RAT, a versatile remote access trojan, onto developers’ machines.

Cybersecurity, Ethereum, Malware, NPM

4 points by feross 28 days ago | 0 comments

Firefox says image download from iCloud contains a virus or malware (superuser.com)
Firefox says image download from iCloud contains a virus or malware

Cybersecurity, Firefox, iCloud, Malware

15 points by josephcsible 37 days ago | 0 comments

BootKitty UEFI malware exploits LogoFAIL to infect Linux systems (bleepingcomputer.com)
The recently uncovered 'Bootkitty' Linux UEFI bootkit exploits the LogoFAIL flaw, tracked as CVE-2023-40238, to target computers running on vulnerable firmware.

Security, Linux, UEFI, Malware, Vulnerability

5 points by sandwichsphinx 46 days ago | 0 comments

SpyLoan Android malware on Google Play installed 8M times (bleepingcomputer.com)
A new set of 15 SpyLoan apps with over 8 million installs was discovered on Google Play, targeting primarily users from South America, Southeast Asia, and Africa.

Android Security, Malware, Mobile Apps, Google Play

6 points by romperstomper 48 days ago | 0 comments

Microsoft accused of Malware-like Bing Wallpaper app (ghacks.net)
Microsoft released the official Bing Wallpaper application on the Microsoft Store this week. The app was available as a standalone download previously only.

Microsoft, Software, Security, Malware

72 points by mikro2nd 49 days ago | 13 comments

Found in the wild: the first unkillable UEFI bootkit for Linux (arstechnica.com)
"Bootkitty" is likely a proof-of-concept, but may portend working UEFI malware for Linux.

Security, Linux, Malware, UEFI

20 points by lisper 51 days ago | 9 comments

Bootkitty: Analyzing the first UEFI bootkit for Linux (welivesecurity.com)
Over the past few years, the UEFI threat landscape, particularly that of UEFI bootkits, has evolved significantly.

Security, Linux, UEFI, Malware

183 points by doener 51 days ago | 82 comments

Salt Typhoon's surge extends far beyond US telcos (theregister.com)
The reach of the China-linked Salt Typhoon gang extends beyond telecommunications giants in the United States, and its arsenal includes several backdoors – including a brand-new malware dubbed GhostSpider – according to Trend Micro researchers.

Cybersecurity, Malware, China, Telecommunications, Research

4 points by romperstomper 51 days ago | 0 comments

Researchers discover first UEFI bootkit malware for Linux (bleepingcomputer.com)
The first UEFI bootkit specifically targeting Linux systems has been discovered, marking a shift in stealthy and hard-to-remove bootkit threats that previously focused on Windows.

Security, Linux, Malware, UEFI

11 points by FUCKTHEPLANET 51 days ago | 5 comments

Hackers abuse popular Godot game engine to infect PCs (bleepingcomputer.com)
Hackers have used new GodLoader malware exploiting the capabilities of the widely used Godot game engine to evade detection and infect over 17,000 systems in just three months.

Cybersecurity, Malware, Gaming, Godot Engine

14 points by sandwichsphinx 51 days ago | 5 comments

Unkillable UEFI bootkit for Linux in the wild (arstechnica.com)
Researchers at security firm ESET said Wednesday that Bootkitty—the name unknown threat actors gave to their Linux bootkit—was uploaded to VirusTotal earlier this month.

Security, Linux, Malware

16 points by tatersolid 51 days ago | 3 comments

Malware can turn off webcam LED and record video, demonstrated on ThinkPad X230 (github.com/xairy)
This repository contains tools that allow getting software control of the webcam LED on ThinkPad X230 without physical access to the laptop.

Malware, Security, Hardware, Laptops, ThinkPad

1042 points by xairy 51 days ago | 522 comments

1,000s of Palo Alto Networks firewalls hijacked miscreants exploit critical hole (theregister.com)
Thousands of Palo Alto Networks firewalls were compromised by attackers exploiting two recently patched security bugs. The intruders were able to deploy web-accessible backdoors to remotely control the equipment as well as cryptocurrency miners and other malware.

Cybersecurity, Network Security, Data Breaches, Malware, Cryptocurrency

10 points by LinuxBender 53 days ago | 1 comments

1,000s of Palo Alto Networks firewalls hijacked as miscreants exploit hole (theregister.com)
Thousands of Palo Alto Networks firewalls were compromised by attackers exploiting two recently patched security bugs. The intruders were able to deploy web-accessible backdoors to remotely control the equipment as well as cryptocurrency miners and other malware.

Cybersecurity, Network Security, Data Breaches, Malware

18 points by LinuxBender 55 days ago | 2 comments

Chinese hackers target Linux with new WolfsBane malware (bleepingcomputer.com)
A new Linux backdoor called 'WolfsBane' has been discovered, believed to be a port of Windows malware used by the Chinese 'Gelsemium' hacking group.

Cybersecurity, Malware, Linux, China, Hacking Groups

13 points by aard 56 days ago | 1 comments

A Study of Malware Prevention in Linux Distributions (arxiv.org)
Malicious attacks on open source software packages are a growing concern.

Linux, Security, Open Source, Malware

62 points by belter 57 days ago | 10 comments

Security researchers identify new malware targeting Linux (welivesecurity.com)
ESET researchers have identified multiple samples of Linux backdoor, which we have named WolfsBane, that we attribute with high confidence to the Gelsemium advanced persistent threat (APT) group.

Security, Malware, Linux

135 points by heresie-dabord 57 days ago | 65 comments