Found 4 bookmarks
Custom sorting
An Update on Fake Updates: Two New Actors, and New Mac Malware
An Update on Fake Updates: Two New Actors, and New Mac Malware
Key findings  Proofpoint identified and named two new cybercriminal threat actors operating components of web inject campaigns, TA2726 and TA2727.  Proofpoint identified a new Proofpoint identified and named two new cybercriminal threat actors operating components of web inject campaigns, TA2726 and TA2727. Proofpoint identified a new MacOS malware delivered via web inject campaigns that our researchers called FrigidStealer. * The web inject campaign landscape is increasing, with a variety of copycat threat actors conducting similar campaigns, which can make it difficult for analysts to track.
#proofpoint#EN#2025#Fake#Updates#TA2726#TA2727#macOS#FrigidStealer
·proofpoint.com·
An Update on Fake Updates: Two New Actors, and New Mac Malware
ClearFake Malware Analysis | malware-analysis
ClearFake Malware Analysis | malware-analysis
There are several malicious fake updates campaigns being run across thousands of compromised websites. Here I will walk through one with a pattern that doesn’t match with others I’ve been tracking. This campaign appears to have started around July 19th, 2023. Based on a search on PublicWWW of the injection base64 there are at least 434 infected sites. I’m calling this one ClearFake until I see a previously used name for it. The name is a reference to the majority of the Javascript being used without obfuscation. I say majority because base64 is used three times. That’s it. All the variable names are in the clear, no obfuscation on them. One noticeable difference from SocGholish is that there appears to be no tracking of visits by IP or cookies. As an analyst you can you go back to the compromised site over and over coming from the same IP and not clearing your browser cache. This also means the site owner is more likely to see the infection as well.
#rmceoin#EN#2023#fake#updates#campaigns#browsers#ClearFake#analysis
·rmceoin.github.io·
ClearFake Malware Analysis | malware-analysis