Latest news with #StealC
Forbes
27-05-2025
- General
- Forbes
No, That TikTok Video Won't Help You Get Free Software
Selecting TikTok TikTok users are being warned to look out for videos—likely deepfakes—showing them how to activate Windows and Microsoft Office, or to enable premium features in apps such as Spotify or CapCut. The similarity of the videos suggests that they were likely created through automation, said Trend Micro, which uncovered the campaign, while the voice issuing instructions also appears to be AI-generated. This makes the videos particularly dangerous, as it allows for extremely large-scale operations, as well as the ability to target different categories of users with different tactics. The videos instruct users to pull up the Run program on Windows and then execute a PowerShell command that, they're told, will activate the software or extra features for free. In reality, though, the command downloads a malicious script that distributes the Vidar and StealC information-stealing malware. Vidar can then take screenshots of the victim's desktop and steal credentials, credit cards, and cryptocurrency wallets, while StealC can also harvest a broad range of sensitive information. "In this campaign, attackers are using TikTok videos to verbally instruct users into executing malicious commands on their own systems. The social engineering occurs within the video itself, rather than through detectable code or scripts", Trend Micro warned. "There is no malicious code present on the platform for security solutions to analyze or block. All actionable content is delivered visually and aurally. Threat actors do this to attempt to evade existing detection mechanisms, making it harder for defenders to detect and disrupt these campaigns." The researchers found a number of accounts posting the videos, including @gitallowed, @ @allaivo2, @ @alexfixpc, and @digitaldreams771. One video reached more than half a million views, with over 20,000 likes and more than 100 comments. "The vast user base and algorithmic reach of social media platforms provide an ideal delivery mechanism for threat actors", said Trend Micro threats analyst Junestherry Dela Cruz. "For attackers, this means broad distribution without the logistical burden of maintaining an infrastructure. The use of AI-generated content also elevates these kinds of attacks from isolated incidents to a highly scalable operation, as these videos can be rapidly produced and tailored to target different user segments." The popularity of TikTok means that scams are rife, with fake giveaways, fake celebrity and influencer accounts, romance scams and more. The company regularly takes down scam accounts and warns users, asking them to report any scams that they find. It has taken down the accounts reported by Trend Micro. "Users should be encouraged to scrutinize unsolicited technical instructions, verify the legitimacy of video sources, and report suspicious content, whether on social media, messaging apps, or email", Trend Micro warned. "After all, if an offer seems too good to be true, it probably is."
Business Mayor
01-05-2025
- Business Mayor
Low-tech phishing attacks are gaining ground
Cybercriminals are increasingly favoring low-tech, human-centric attacks to bypass email scanning technologies, according to VIPRE Security. The report is based on an analysis of global real-world data and highlights the most significant email security trends from the first quarter of 2025. Callback phishing Cybercriminals are taking the sentiment 'work smarter, not harder' to a whole other level with callback phishing scams, a vector that wasn't even part of the equation last year In Q1 2025, it accounts for 16% of phishing attempts. This is pertinent because link usage, which accounted for 75% of phishing attempts in Q1 2024, dropped by 42% in Q1 2025, making room for callbacks, which now account for nearly one in five attempts. Callback phishing is a social engineering attack where victims are tricked into calling a seemingly legitimate phone number through emails or texts to reveal sensitive information or download malware. With email scanning technology now adept at spotting compromised links, cybercriminals are resorting to callback scams via emails that leave no trace at all. SVG files are fast becoming cybercriminals' favoured types of attachments (34%) for phishing attacks, coming a close second to PDF attachments (36%). By embedding the script tag of an SVG file with a malicious URL, attackers execute JavaScript when the link is opened in a web browser, redirecting the user to a compromised website. In doing so, they bypass anti-phishing defenses. The US is the most targeted region for such attacks, followed by Europe. The backdoor-type malware, XRed, was responsible for the most malware attacks in Q1 2025, surpassing the second-most prominent malware family (Lumma) by a factor of three. StealC, AgentTesla, and Redline followed. Cybercriminals shift from HTML to PDF In Q1 2025, not only were 92% of all emails classified as spam, but 67% of those were categorised as malicious. The US is the leading source of spam emails, generating 57% of all spam sent, and receiving 75% of malicious emails. The UK and Ireland stand at 8% each for sending and receiving bad emails. HTML attachments took up no more than 12% share of cybercriminals' overall malspam strategy. With heightened awareness about the use of malicious HTML attachments, attackers are looking for less obvious methods, preferring PDFs and SVG files instead. In Q1, Business Email Compromise (BEC) accounted for 37% of all email scam attacks. 73% of all BEC impersonation cases were instances of the CEO or other C-suite players being imitated. Because of the employee-employer power dynamic, making urgent, unexplained requests may be more plausible coming from higher up the hierarchy, as opposed to from a direct supervisor (9%) or even HR (4%). The manufacturing sector remains the most targeted sector in the email threat landscape, holding its lead at 36% vis-à-vis the retail and financial sectors, which tie at second place, with each receiving 15% of attackers' attention. 'There's a clear shift in cybercriminals' preference towards low-tech, high-impact, human-centric tactics. This demands a fundamental rethink of email security,' said Usman Choudhary, Chief Product and Technology Officer, VIPRE Security Group.
Fox News
26-02-2025
- Fox News
Malware exposes 3.9 billion passwords in huge cybersecurity threat
We saw a rise in infostealer malware in 2024, with hackers using it to steal credentials, cryptocurrency and other personal data from millions of users. If you recall, I reported countless incidents of an infostealer called Lumma preying on Android, Windows and even iOS and Mac users. A new cybersecurity report now highlights that hackers using Lumma, along with StealC, Redline and other infostealers, infected 4.3 million machines in 2024, leading to an astonishing 330 million compromised credentials. Security researchers have also observed 3.9 billion credentials shared in credential lists that appear to be sourced from infostealer logs. A cybersecurity report by threat intelligence platform KELA has uncovered a sharp rise in infostealer malware in 2024. Researchers also observed an alarming trend in how stolen data was circulated. Large compilations of credentials, often referred to as "credential lists," were being shared across cybercrime forums. These lists, primarily sourced from infostealer logs, contained billions of login details harvested from infected devices. One of the most notable incidents linked to infostealer malware was the breach of Snowflake, a cloud data storage provider. In April 2024, threat actors gained access to customer accounts using stolen login credentials, many of which were obtained through infostealers. Exploiting weak security practices, such as the absence of multifactor authentication, attackers extracted valuable data and later attempted to sell it on underground markets. The breach affected at least 165 companies. The KELA report highlights that hackers deploying Lumma, StealC, Redline and other infostealers infected 4.3 million machines, leading to the compromise of 330 million credentials. Nearly 40% of these infected machines contained credentials for corporate systems, including content management platforms, email accounts, Active Directory Federation Services and remote desktop environments. In total, this accounted for 1.7 million compromised bots and 7.5 million stolen credentials. The report also found that 3.9 billion credentials were shared in credential lists that appear to be sourced from infostealer logs. KELA's analysis suggests that almost 65% of infected devices were personal computers storing corporate credentials, making them a prime target for infostealer malware. Infostealer malware is not going anywhere in 2025. With malware-as-a-service platforms on the rise and infostealers becoming more advanced, cybercriminals will likely keep using them as a go-to method for stealing credentials and gaining access to systems. Law enforcement has been cracking down, though. In 2024, authorities managed to take down key parts of the infostealer ecosystem, including disrupting Redline, one of the most widely used infostealers. This showed that international agencies can go after not just the malware developers but also the networks and underground markets that keep these operations running. But takedowns like these rarely put an end to the problem. When one major infostealer operation is shut down, others quickly step in to take its place. The constant demand for stolen credentials and the ability of cybercriminals to adapt means infostealer attacks will likely remain a major threat in 2025. With infostealer malware becoming a growing threat, protecting your data requires a mix of smart security habits and reliable tools. Here are some effective ways to keep your information safe. 1. Enable two-factor authentication (2FA): Even if your credentials are stolen, 2FA adds an extra layer of security by requiring a second form of verification, such as a code from an authentication app or biometric confirmation. Cybercriminals rely on stolen usernames and passwords to break into accounts, but with 2FA enabled, they cannot gain access without the additional security step. Make sure to enable 2FA on important accounts like email, banking and work-related logins. 2. Use strong antivirus software and be cautious with downloads and links: Infostealer malware often spreads through malicious downloads, phishing emails and fake websites. Avoid downloading software or files from untrusted sources and always double-check links before clicking them. Attackers disguise malware as legitimate software, game cheats or cracked applications, so it is best to stick to official websites and app stores for downloads. The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices. 3. Use a password manager: Many infostealers target saved passwords in web browsers. Instead of relying on your browser to store credentials, use a dedicated password manager. Get more details about my best expert-reviewed password managers of 2025 here. 4. Keep software updated: Cybercriminals exploit outdated software to deliver malware. Keeping your operating system, browsers and security software up to date ensures that known vulnerabilities are patched. Enable automatic updates whenever possible and install reputable antivirus or endpoint protection software that can detect and block infostealer threats before they compromise your system. Given the surge in infostealer malware warnings, it is clear that cybercriminals are actively targeting passwords. Both organizations and individuals are urged to strengthen their security measures by enabling 2FA, monitoring credential exposure and using endpoint protection tools. While no security measure is completely foolproof, combining these practices can significantly reduce the risk of falling victim to infostealer malware. CLICK HERE TO GET THE FOX NEWS APPDo you feel that companies are doing enough to protect your data from infostealer malware and other cyber threats? Let us know by writing us at For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Follow Kurt on his social channels: Answers to the most asked CyberGuy questions: New from Kurt: Copyright 2025 All rights reserved.
