A crime service gives attackers the ability to generate malicious Microsoft Word documents capable of compromising systems with hard-to-detect attacks, underscoring the continued danger posed by macros, according to a new analysis from threat intelligence firm Intel471.
Hackers are using a new, malleable malicious document builder to run their criminal schemes, according to Intel 471 research published Tuesday.
Cybercrime groups are using a new malicious document builder known as EtterSilent as part of recent campaigns that have dropped a number of different malware strains, including TrickBot and Bazar loader.
A malicious document builder named EtterSilent is gaining more attention on underground forums, security researchers note. As its popularity increased, the developer kept improving it to avoid detection from security solutions.
Researchers at Intel471 have identified a new malicious document builder that has gone from a new, relatively unknown exploit to being incorporated into the attack chains of top cybercriminal groups in less than a year.
In what's a case of hackers getting hacked, a prominent underground online criminal forum by the name of Maza has been compromised by unknown attackers, making it the fourth forum to have been breached since the start of the year.
Since the beginning of this year, an unknown threat actor has been hacking cybercrime forums and leaking user data publicly or offering it for sale. At least four such forums have been breached to date, namely Verified in January, Crdclub in February, and Exploit and Maza in March. All are predominantly Russian-language forums and saw their breaches publicly disclosed elsewhere.
Four widely-used hacking forums operating on the dark web have been compromised in a series of cyber attacks, with unknown attackers seizing the personal data of members while also siphoning away cash. Over the past few weeks, attackers have stolen user databases from these forums, which have included email addresses and hashed passwords, according to security researcher Brian Krebs. The incidents have left members of these sites worried that subsequent leaks could reveal their real-world identities.
Maza, a Russian carding and fraud discussion forum, has been breached, and hackers have leaked users' email addresses and forum credentials, security firms report.
In the very latest string of "hits" coming from the Russian dark web forums, it seems like one of the most popular and prominent crime sites called Maza has just been breached by someone some time earlier during the week. In other words, one of the most popular hacker forum sites for dangerous criminals has just been hacked!
In the latest in a string of “hits” on Russian dark web forums, the prominent crime site Maza appears to have been hacked by someone earlier this week.
Over the past few weeks, three of the longest running and most venerated Russian-language online forums serving thousands of experienced cybercriminals have been hacked. In two of the intrusions, the attackers made off with the forums’ user databases, including email and Internet addresses and hashed passwords.
Stay informed with our weekly executive update, sending you the latest news and timely data on the threats, risks, and regulations affecting your organization.