Malware

Iran Targeted by Self-Propagating Malware in Supply-Chain Cyberattacks

Self-propagating malware hidden in open-source software is targeting Iranian systems, wiping data on infected machines while sparing others, signalling a shift towards precise, politically motivated cyber sabotage through widely trusted digital supply chains. more

FCC Alert on Cybersecurity Risks

The FCC warns telecom companies of rising ransomware threats after attacks quadrupled since 2022. The agency urges stronger defenses including patching, multifactor authentication, network segmentation, and closer oversight of vendors and incident response planning. more

Kadnap Malware Infects 14,000 Routers Worldwide, Designed to Resist Takedowns Experts Warn

Security researchers have uncovered Kadnap malware infecting more than 14,000 routers worldwide, forming a resilient peer-to-peer botnet that exploits outdated edge devices and could enable covert communications, proxy traffic, and future cyber attacks. more

How Bad Actors Are Leveraging DNS: Looking at the Latest Trends

Bad actors are exploiting DNS with growing sophistication. New domains dominate threat infrastructure, daily user exposures are rising, and AI is accelerating attack creation, making DNS intelligence an increasingly critical early-warning system for modern cyber defence. more

AI-Powered Malware Evolves: Google Uncovers Live Use of Generative Models in Active Intrusions

Google's Threat Intelligence Group reveals that hackers are integrating AI models directly into malware, enabling live code mutation, stealthier operations, and dynamic payload execution while exploiting AI tools through deceptive prompts and underground marketplaces. more

eco and AV-Test Publish Monthly topDNS Reports for Internet Service Providers

eco's topDNS initiative and AV-Test are publishing monthly reports to help ISPs detect and mitigate DNS abuse by analysing malware, phishing, and PUA trends, creating a long-term data foundation for industry-wide transparency. more

An Unnatural .Bond: A Study of a ‘Megacluster’ of Malware Domains

A recent news story, following research from security provider Infoblox, highlighted the case of the 'Revolver Rabbit' cybercriminal gang, who have registered more than half-a-million domains to be used for the distribution of information-stealing malware. The gang make use of automated algorithms to register their domains, but unlike the long, pseudo-random ('high entropy') domain names frequently associated with such tools, the Revolver Rabbit domains instead tend to consist of hyphen-separated dictionary words (presumably so as to obfuscate their true purpose), with a string of digits at the end. more

South Korean Telecom Giant KT Corporation Accused of Infecting 600,000 Users with Malware Over Torrent Use

South Korean telecom giant KT Corporation has been implicated in deliberately infecting over 600,000 users with malware due to their use of torrent services, as reported by JTBC. more

Mystery Malware Takes Down 600,000 Windstream Routers in Coordinated Attack

In late October, subscribers of Windstream's Kinetic broadband service reported widespread router failures, affecting approximately 600,000 devices across 18 states. Users flooded online forums with complaints, noting their ActionTec T3200 routers displayed a persistent red light and were unresponsive to resets. more

Damaging Malware Uncovered in the Google Play Store

Android users can choose from 3.718 million applications in the Google Play Store. When installing applications, the majority of consumers trust Google to keep their devices safe from hackers. However, the reality is different. Just back in May 2023, researchers discovered over 101 infected applications in the Android store. Many of these apps counted over 400 million downloads. more

Challenges in Measuring DNS Abuse

From the creation of DNSAI Compass ("Compass"), we knew that measuring DNS Abuse1 would be difficult and that it would be beneficial to anticipate the challenges we would encounter. With more than a year of published reports, we are sharing insights into one of the obstacles we have faced. One of our core principles is transparency and we've worked hard to provide this with our methodology. more

Unsolicited Smartwatches Bearing Malware Target U.S. Service Members: Army CID Raises Alarm

U.S. military service members around the country have reported receiving unsolicited smartwatches by mail, triggering warnings from the Department of the Army Criminal Investigation Division (CID). more

Gigabyte Motherboard Firmware Exposes Millions of PCs to Potential Cybersecurity Threats

In a potentially damaging cybersecurity revelation, researchers from the cybersecurity company Eclypsium have identified a hidden mechanism in the firmware of motherboards manufactured by Taiwanese company Gigabyte. more

U.S. Targets Russian Mastermind Behind Dominant Ransomware Landscape, Offers $10 Million Reward

The U.S. government has declared criminal charges, economic sanctions, and a $10 million reward for information leading to the arrest of a Russian citizen, Mikhail Matveev. Accused of a series of ransomware attacks, Matveev's alleged operations, known as Babuk, have targeted entities such as the D.C. police, an airline, and other American industries. more

US Justice Department and FBI Dismantle Long-Running Russian State-Sponsored Cyber-Espionage Operation Targeting NATO

The United States Department of Justice has announced that it has neutralized a global network of computers compromised by malware called "Snake," which the U.S. government attributes to a unit within Center 16 of the Federal Security Service of the Russian Federation (FSB). more