Attack
58,767 megtekintés
31 Bejegyzések
Népszerű
Legfrissebb
Crypto firms beware: Lazarus’ new malware can now bypass detection
Lazarus Group, a North Korean hacking collective, has been using a new type of malware as part of its fake employment scams. This malware, dubbed LightlessCan, is far more challenging to detect than its predecessor, BlindingCan.
LightlessCan mimics the functionalities of a wide range of native Windows commands, enabling discreet execution within the RAT itself instead of noisy console executions. This approach offers a significant advantage in terms of stealthiness, both in evading real-time monitoring solutions like EDRs, and postmortem digital forensic tools.
The new payload also uses what researchers call "execution guardrails," ensuring that the payload can only be decrypted on the intended victim's machine, thereby avoiding unintended decryption by security researchers.
In one case, Lazarus Group used LightlessCan to attack a Spanish aerospace firm. The hackers sent a fake job offer to an employee, and when the employee clicked on a link in the email, their computer was infected with the malware.
Lazarus Group's attack on the aerospace firm was motivated by cyberespionage. The hackers were likely trying to steal sensitive data from the company.
#YasinCoder
#Malware
#Attack
Lazarus Group, a North Korean hacking collective, has been using a new type of malware as part of its fake employment scams. This malware, dubbed LightlessCan, is far more challenging to detect than its predecessor, BlindingCan.
LightlessCan mimics the functionalities of a wide range of native Windows commands, enabling discreet execution within the RAT itself instead of noisy console executions. This approach offers a significant advantage in terms of stealthiness, both in evading real-time monitoring solutions like EDRs, and postmortem digital forensic tools.
The new payload also uses what researchers call "execution guardrails," ensuring that the payload can only be decrypted on the intended victim's machine, thereby avoiding unintended decryption by security researchers.
In one case, Lazarus Group used LightlessCan to attack a Spanish aerospace firm. The hackers sent a fake job offer to an employee, and when the employee clicked on a link in the email, their computer was infected with the malware.
Lazarus Group's attack on the aerospace firm was motivated by cyberespionage. The hackers were likely trying to steal sensitive data from the company.
#YasinCoder
#Malware
#Attack
#MEV-Bot Nets $1.5 Million Profits in a $4 #Attack
On October 11, an MEV (Miner Extractable Value) bot operating on the BNB Chain made a remarkable profit of $1.575 million through an attack that involved flash loan exploitation on the BH/USDT trading pair on PancakeSwap, as reported by EigenPhi. The expenses for executing this arbitrage, which turned out to be one of the largest in BNB Chain's history, amounted to a mere $4.16.
According to experts from Beosin, the BH token was exploited for approximately $1.27 million by manipulating its price. The attacker provided a USDT loan, subsequently exchanging it for BH, thereby depleting the token's liquidity. The contract dictated a standard 1 USDT: 100 BH ratio upon deposit. Thanks to this swap, the attacker was able to withdraw approximately 1 USDT for every 2 BH.
According to Beosin, the unknown attacker sent the acquired assets through the #TornadoCash mixer.
On October 11, the price of BH unexpectedly surged from $0.01 to approximately $2 in the #USDT pair on #PancakeSwap This movement followed a sudden drop in quotes. At the time of writing, the token is trading around $2.1.
On October 11, an MEV (Miner Extractable Value) bot operating on the BNB Chain made a remarkable profit of $1.575 million through an attack that involved flash loan exploitation on the BH/USDT trading pair on PancakeSwap, as reported by EigenPhi. The expenses for executing this arbitrage, which turned out to be one of the largest in BNB Chain's history, amounted to a mere $4.16.
According to experts from Beosin, the BH token was exploited for approximately $1.27 million by manipulating its price. The attacker provided a USDT loan, subsequently exchanging it for BH, thereby depleting the token's liquidity. The contract dictated a standard 1 USDT: 100 BH ratio upon deposit. Thanks to this swap, the attacker was able to withdraw approximately 1 USDT for every 2 BH.
According to Beosin, the unknown attacker sent the acquired assets through the #TornadoCash mixer.
On October 11, the price of BH unexpectedly surged from $0.01 to approximately $2 in the #USDT pair on #PancakeSwap This movement followed a sudden drop in quotes. At the time of writing, the token is trading around $2.1.
🚨 Breaking News! 🚨
Former US President Donald Trump attacked at political rally!
🇺🇸🚨 Shocking incident sparks immediate security concerns and a swift investigation. Trump's condition remains unclear.
🤕 Stay tuned for updates as this story continues to unfold!
Feel Free to Reach out us 👉TG@ItxAP117
For signals📶🚦
#Trump #Rally #Attack #BreakingNews #apCryptoCalls
$BTC
Former US President Donald Trump attacked at political rally!
🇺🇸🚨 Shocking incident sparks immediate security concerns and a swift investigation. Trump's condition remains unclear.
🤕 Stay tuned for updates as this story continues to unfold!
Feel Free to Reach out us 👉TG@ItxAP117
For signals📶🚦
#Trump #Rally #Attack #BreakingNews #apCryptoCalls
$BTC