Daily Perk 2/26/2021

It’s DNS. It’s always DNS

2000% Increase in New Malware Written in Go per ZDNet

Noting a trend where malware writers have shifted away from using C and C++. Cybercriminals and APTs both find it easy to work with and it’s good for evasion because it’s hard to detect. Moreover, with the massive migration to all things cloud, many cloud-native applications are written in Go. This is the way.

Malicious Firefox Extensions Used to Hijack Gmail Accounts per Bleeping Computer

Chinese-based APT group TA413 targeted Tibetan organizations in a cyber espionage campaign that hijacked Gmail accounts to infect them with Scanbox malware to harvest data and log keystrokes. TA413 used phishing emails to redirect victims to a malicious Adobe Flash Player update site (wait isn’t that always a bad thing?) and victims would get tricked into loading the FriarFox browser extension to let attackers gain control.

Malicious browser extensions are more prevalent than we realize, and are being leveraged by state-sponsored attackers to gain control over dissidents. Think beyond that to how it can be leveraged against us. Good report by Proofpoint here.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s