Over 31,000 Australian bank passwords are being traded by cybercriminals online. The stolen credentials—snatched from the personal devices of more than 14,000 Commbank, 7,000 ANZ, 5,000 NAB, and 4,000 Westpac customers—were captured using a type of malware called an "Infostealer".
#cybersecurity #australia #infostealer #databreach #bankingsecurity
Got invited to speak on a crypto podcast? It might be a scam.
A threat group known as "Elusive Comet" is targeting Web3 professionals, founders, and investors — using fake media invites and Zoom calls to infect devices and steal crypto assets.
Researchers at the Open Security Alliance have confirmed that Elusive Comet has already stolen millions, using a mix of social engineering and malware deployment.
Here’s how they operate:
- Create fake brands like Aureon Capital, Aureon Press, and The OnChain Podcast
- Build a convincing online presence with active websites and social profiles
- DM or email victims with interview or podcast invites
- Schedule urgent Zoom calls and ask the target to share their screen
- Then request remote access — and install infostealers or RATs on the victim’s machine
Even the CEO of Trail of Bits was recently targeted under the guise of a "Bloomberg Crypto" interview.
Security tips:
- Be cautious with unsolicited interview or partnership invites
- Don’t grant remote control access in Zoom unless you’re 100% sure
- Use cold wallets for crypto and monitor outbound device behavior
At @Efani, we believe the biggest threat to your digital life isn’t always technical — it’s psychological. And Elusive Comet is a reminder of just how polished modern scams have become.
Given that sophisticated #infostealer #malware increasingly includes checks to avoid detection by shutting down if it detects it is on a virtualised host...
What is the security vs convenience+performance tradeoff for running a primary work environment inside a virtualised guest?
Or... is there actually a (small) security benefit by running a kernel shim to make your real environment appear to be virtualised?
random #infosec thought for the day
Surge in Infostealer Attacks: How to Fortify Your Cybersecurity
In a startling revelation, IBM X-Force reports an 84% rise in infostealer malware, signaling a shift in cybercriminal tactics from ransomware to data theft. This article explores the implications of t...
https://news.lavx.hu/article/surge-in-infostealer-attacks-how-to-fortify-your-cybersecurity
NEW: HellCat ransomware hits 4 companies across the US and Europe by exploiting Jira credentials stolen through infostealer malware.
Read: https://hackread.com/hellcat-ransomware-firms-infostealer-stolen-jira-credentials/
#HellCat ransomware group has exploited stolen Jira credentials from #infostealer malware to target new four organizations
https://ransomfeed.it/stats.php?page=group-profile&group=hellcat
StealC infostealer has a major update.
According to the person behind the malware, the development of the second version took half a year, and in its essence, it is an entirely new software.
Me being me, I decided not to bother too much and, instead, just dump a machine translation of the user’s post, with some minor edits from my side.
Blog post: https://cryptolek.info/2025/03/30/stealc-v2-a-major-update-to-a-popular-infostealer/
#Infostealer campaign compromises 10 #npm packages, targets devs
malicious npm packages (again) targeting cryptocurrency projects, CEOs cranky over CVEs, and BlackLock gets pantsed - here's your Friday wrap up in Infosec News 
https://opalsec.io/daily-news-update-friday-march-28-2025-australia-melbourne/
Here's a quick rundown of what's inside:
npm Package Nightmare: 10 packages compromised by an infostealer campaign targeting developer environments. Sensitive data was siphoned off to a remote host. Most of the packages are still available on npm, so be careful!
Firefox Flaw: A critical sandbox escape vulnerability (CVE-2025-2857) patched in Firefox 136.0.4. Windows users, update ASAP! This one's similar to a Chrome zero-day used in espionage campaigns.
Ransomware Reckoning: Advanced, a UK healthcare IT provider, slapped with a £3.1 million fine after a LockBit ransomware attack. Lack of vulnerability scanning and poor patch management were key factors.
Extension Exploitation: Browser extensions can be bought and repurposed, posing a sneaky threat to enterprises. An extension was bought for $50 and was quickly repurposed to redirect traffic.
Solar Scare: Dozens of vulnerabilities in solar inverters could let attackers disrupt power grids. Remote code execution, device takeover, and more are possible.
CrushFTP Clash: CEO responds aggressively to VulnCheck after critical unauthenticated access vulnerability (CVE-2025-2825) is released. Vulnerability disclosure and patching processes need to be improved!
Pegasus in Serbia: Journalists targeted with Pegasus spyware, marking the third time in two years that Amnesty has found Pegasus deployed against Serbian civil society.
Mamont Malware: Russian authorities arrest three for developing the Mamont Android banking trojan. This malware steals financial data and spreads through Telegram.
Ransomware Reverse: Resecurity infiltrates the BlackLock ransomware gang, gathering intel to help victims. LFI vulnerability exploited, and data shared with authorities.
Stay vigilant out there, folks!
Flashpoint GTIR 2025 enthüllt: 33 % mehr gestohlene Logins – Infostealer im Höhenflug
#Cyberangriffe #Hintergrundberichte #Cybercrime #darknet #Flashpoint #GTIR2025 #Infostealer #Ransomware https://sc.tarnkappe.info/5ca938
Security researchers jailbroke AI chatbots to create a Chrome infostealer using a novel technique called "Immersive World." 
This method requires no prior malware coding knowledge, lowering the barrier for cybercriminals. 
Read more on TechRadar! 
https://www.techradar.com/pro/security/ai-chatbots-jailbroken-to-create-a-chrome-infostealer #AI #security #cybersecurity #infostealer #newz
NEW: Researchers use AI jailbreak on top LLMs, including ChatGPT, DeepSeek, and Copilot, to create functional Google Chrome infostealers.
Read: https://hackread.com/ai-jailbreak-on-top-llms-to-create-chrome-infostealer/
Beware, Reddit users! Cybercriminals are targeting crypto traders with fake, cracked versions of TradingView, loaded with AMOS & Lumma Stealer malware. Don't let them drain your wallets! 
Stay safe, download software only from trusted sources! https://cyberinsider.com/reddit-users-targeted-with-infostealer-malware-disguised-as-tradingview/ #cybersecurity #malware #reddit #tradingview #cryptocurrency #infostealer #newz
A new MacOS infostealer was advertised on XSS forum. I copy-pasted and used a machine translation:
Clipboard-Hijacking Angriff: Gefälschte Captchas als neue Malware-Falle
#Cyberangriffe #Malware #ClipboardHijackingAngriff #Infostealer https://sc.tarnkappe.info/79d288
