Schneider Electric Hacked and Blackmailed Following Lumma Infostealer Infection
Free Infostealer Intelligence Tools by Hudson Rock – www.hudsonrock.com/free-tools On November 4th, Schneider Electric acknowledged a data breach in which hackers stole 40GB of data from the company’s Jira server. “Schneider Electric is investigating a cybersecurity incident involving unauthorized access to one of our internal project execution tracking platforms which is hosted within an isolated […]
Law Enforcement Hacked Infrastructure of Redline and Meta Infostealers (Operation Magnus)
*Not fully confirmed yet According to the website which was discovered through Redline related Telegram channels, law enforcement was able to hack the infrastructure of Redline and Meta Infostealers and obtain critical data With the message being that more information is to come In addition, law enforcement attached the following video: Update: Security researcher g0njxa […]
Threat Actors Push ClickFix Fake Browser Updates Using Stolen Credentials
Key findings Overview The GoDaddy Security team is tracking a new variant of ClickFix (also known as ClearFake) fake browser update malware that is distributed via bogus WordPress plugins. These seemingly legitimate plugins are designed to appear harmless to website administrators but contain embedded malicious scripts that deliver fake browser update prompts to end-users. This technique leverages social […]
Largest Retail Breach in History: 350 Million “Hot Topic” Customers’ Personal & Payment Data Exposed — As a Result of Infostealer Infection
Disclaimer: Hudson Rock does not insinuate or imply responsibility or liability on behalf of any parties mentioned herein. The content is intended solely for informational purposes and reflects our findings at the time of publication. Hudson Rock disclaims any responsibility for how this information regarding Infostealer Infection may be interpreted or used by others. Update […]
ClickFix tactic: The Phantom Meet (Infostealers)
This blog post provides a chronological overview of the observed ClickFix campaigns. We further share technical details about a ClickFix cluster that uses fake Google Meet video conference pages to distribute infostealers. Context In May 2024, a new social engineering tactic called ClickFix emerged, featuring a ClearFake cluster that the Sekoia Threat Detection & Research […]
How Hackers Really Used Infostealers for the Biggest Recent Cyber Breaches
We are now at a point where numerous cyberattacks have been carried out using compromised Infostealer data. Major companies such as AT&T, Ticketmaster, Orange, Airbus, Uber, and EA Sports have all suffered similar fates. But how does a breach really unfold once an employee is infected by Infostealers? Threat actors often target low-hanging fruit; like […]
Exposing Information Stealers | Protecting Identities Online
Interview with Malware Protection expert Leonid Rozenberg with Hudson Rock (www.hudsonrock.com) on exposing information stealers, protecting identities online, hackers who sell vulnerabilities, and how to know if your identity is stolen. Check out Hudson Rock’s free tools available here – https://www.hudsonrock.com/threat-intelligence-cybercrime-tools
FIN7 Hosting Honeypot Domains with Malicious AI DeepNude Generators – New Silent Push Research
Key findings Executive summary Silent Push Threat Analysts have observed the FIN7 group (aka Sangria Tempest) using new tactics in their malware and phishing attacks. We found that FIN7 has created at least seven websites serving malware to visitors looking to use an “AI Deepnude generator.” The threat group is also continuing to use browser […]
Does the New Infostealer CAPTCHA Infection Actually Work?
In case you missed it, hackers have been utilizing a new technique to infect victims with Infostealers, it is done by setting a fake Captcha page that prompts the victim to paste a powershell command into their Windows Run which causes a Lumma Infostealer infection. But does it actually work? In reality, the Infostealer infection […]
Actor Uses Compromised Accounts, Customized Social Engineering to Target Transport and Logistics Firms with Malware
What happened Proofpoint researchers are tracking a cluster of activity targeting transportation and logistics companies in North America to deliver a variety of different malware payloads. Notably, this activity leverages compromised legitimate email accounts that belong to transportation and shipping companies. At this time, it is unclear how the actor achieves access to the compromised […]
Sextortion Is About to Get Much Worse with Infostealers – A Red Flag for Victims
Sextortion schemes are about to take a much darker turn. With the rise of Infostealer malware, the game is changing. Hackers will no longer rely on fake threats or generic scare tactics like Google Street View images. Instead, they now have access to real victim data pulled straight from infected computers—data that includes sensitive browsing […]
Infostealer Infected Computers Could Lead to Cybercriminal Arrests After Exchanges Takedown
German authorities recently took down 47 cryptocurrency exchanges used by ransomware groups, money launderers, and botnet operators. Although the domains have been seized, no arrests have been made so far. The real impact, however, might come from what was left behind by these ransomware groups. By examining the data from these domains through Hudson Rock’s […]
