malware Archives

The ‘16 billion password breach’ story is a farce

Experts told CyberScoop the research 'doesn’t pass a sniff test' and detracts from needed conversations around credential abuse and information stealers.

Jun 24, 2025 By Matt Kapko

AVCheck site for counter antivirus service displays a seizure notice on May 29, 2025.

Top counter antivirus service disrupted in global takedown

AVCheck and related crypting services helped cybercriminals make malware difficult to detect and confirm that malware could slip through various antivirus tools undetected, officials said.

May 30, 2025 By Matt Kapko

Traffic streaks past the Department of Justice (DOJ) headquarters building late in the evening on May 18, 2024 in Washington, DC. (Photo by J. David Ake/Getty Images)

DanaBot malware operation seized in global takedown

The successful break-up of DanaBot marks the second high-profile law enforcement disruption of a widespread malware operation in as many days.

May 22, 2025 By Matt Kapko

A seal reading "Department of Justice Federal Bureau of Investigation" is displayed on the J. Edgar Hoover FBI building in Washington, DC, on August 9, 2022. — (Photo by STEFANI REYNOLDS/AFP via Getty Images)

Lumma infostealer infected about 10 million systems before global disruption

Cybercriminals used the prolific malware to target individuals and businesses, including Fortune 500 companies, according to the FBI.

May 21, 2025 By Matt Kapko

Anyproxy, 5socks botnet domains seized. — Federal authorities seized the domains allegedly used for Anyproxy and 5socks botnets. (Screenshot of Anyproxy.net)

US seizes Anyproxy, 5socks botnets and indicts alleged administrators

The long-running botnet operation used malware that infected older wireless internet routers over a 20-year period, according to federal prosecutors.

May 12, 2025 By Matt Kapko

Infostealers fueled cyberattacks and snagged 2.1B credentials last year

Inexpensive information-stealing malware surged in 2024, infecting 23 million hosts, according to Flashpoint.

Mar 18, 2025 By Matt Kapko

In this picture taken near the truce village of Panmunjom inside the demilitarized zone (DMZ) separating the two Koreas, a bird flies near a North Korean flag fluttering in the wind at the propaganda village of Gijungdong in North Korea on October 4, 2022. (Photo by ANTHONY WALLACE/AFP via Getty Images)

Lazarus Group deceives developers with 6 new malicious npm packages

Socket researchers said the malware-ridden packages were collectively downloaded over 330 times. GitHub removed all of the malicious packages Wednesday.

Mar 12, 2025 By Matt Kapko

New zero-day exploit targets Ivanti VPN product

After Ivanti detected the activity, Mandiant says it found malware in impacted devices associated with a Chinese-linked threat group.

Jan 9, 2025 By Matt Bracken

A hacker with China’s national flag in background. (Getty Images)

PHP backdoor looks to be work of Chinese-linked APT group

Known as Glutton, researchers at QiAnXin’s XLab believe Winnti is responsible for the malware.

Dec 16, 2024 By Greg Otto

Treasury sanctions Chinese cyber company, employee for 2020 global firewall attack

The department’s Office of Foreign Assets Control said Guan Tianfeng used a zero-day exploit to deploy malware on 81,000 firewalls.

Dec 10, 2024 By Matt Bracken