Lmst

Recent research highlights continued proxyware distribution through malware disguised as legitimate installers, including tools branded as Notepad++.

The campaign demonstrates evolving persistence techniques, including scheduled task abuse, process injection, and the use of both JavaScript and Python loaders to deploy proxy services.

This activity underscores the growing relevance of non-cryptomining monetization threats and the need for visibility into network-level resource abuse.

Follow @technadu for neutral, technically grounded cybersecurity reporting.

Source: https://asec.ahnlab.com/en/92183/

Thoughtful discussion encouraged.

#InfoSec #ThreatIntelligence #Proxyware #MalwareResearch #EndpointDefense #CyberThreats #SecurityAwareness

Proxyware malware w popularnych serwisach do pobierania filmów z YouTube – nowa kampania cyberprzestępców

Cyberprzestępcy stają się coraz bardziej kreatywni w wymyślaniu nowych sposobów dystrybucji złośliwego oprogramowania. Najnowsza kampania, wykryta przez badaczy bezpieczeństwa z AhnLab Security Intelligence Center (ASEC) potwierdza ten trend. Tym razem, atakujący postanowili wykorzystać popularne serwisy do pobierania filmów z YouTube, w celi propagacji złośliwego oprogramowania typu proxyware. TLDR: Czym jest...

#WBiegu #Malware #Proxyware #YoutubeDownloader

https://sekurak.pl/proxyware-malware-w-popularnych-serwisach-do-pobierania-filmow-z-youtube-nowa-kampania-cyberprzestepcow/

❗ Spamhaus #TicketDeskTeam has noticed an 📈 increase in removal requests from frustrated mobile phone users who can't send emails from their devices, due to their ISPs policies.

Can you guess what the ISP's in question are still doing?

Find out here ⬇
https://www.spamhaus.org/resource-hub/compromised/spammers-love-mobile-phone-ip-space-heres-how-to-fix-that/

#ISP #MobilePhoneCompanies #Proxyware #Malware #SMTPauthentication

Human Security identified a cluster of VPN apps available on the Google Play Store that transformed the user’s device into a proxy node without their knowledge. They dubbed this operation PROXYLIB after the Golang library responsible for the proxy node enrollment in each of the apps. They uncovered 28 applications related to PROXYLIB. They provide background and analysis of PROXYLIB. They list the applications removed. No IOC 🔗 https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-proxylib-and-lumiapps-transform-mobile-devices-into-proxy-nodes

#proxyware #threatintel #PROXYLIB

A particularly malicious practice involves compromising devices and installing #proxyware on them. The attackers infiltrate their victims’ systems without their consent and secretly install the software, making the device an unwitting exit point for the #RESIP network.