Security Affairs Malware Newsletter – Round 3

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Hardening of HardBit   

10,000 Victims a Day: Infostealer Garden of Low-Hanging Fruit

This Meeting Should Have Been an Email  

Ransomware Detection Model Based on Adaptive Graph Neural Network Learning

SEXi ransomware rebrands to APT INC, continues VMware ESXi attacks  

Facebook ads for Windows desktop themes push info-stealing malware

Akira Ransomware Targets the LATAM Airline Industry

Tactics, Techniques, and Procedures (TTPs) in Interpreted Malware: A Zero-Shot Generation with Large Language Models

NEW BUGSLEEP BACKDOOR DEPLOYED IN RECENT MUDDYWATER CAMPAIGNS  

MuddyWater replaces Atera by custom MuddyRot implant in a recent campaign

Fake AWS Packages Ship Command and Control Malware In JPEG Files      

Microsoft links Scattered Spider hackers to Qilin ransomware attacks

Qilin Revisited: Diving into the techniques and procedures of the recent Qilin Ransomware Attacks  

North Korean Hackers Update BeaverTail Malware to Target MacOS Users

HotPage: Story of a signed, vulnerable, ad-injecting driver  

MoonWalk: A deep dive into the updated arsenal of APT41 | Part 2    

Follow me on LinkedIn and subscribe to the Newsletter to receive it for free every week.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)