The threat actors use a variety of distribution channels, including malvertising, spearphishing, and brand impersonation in online gaming, cryptocurrency, and software, to spread 50 malware payloads, including AMOS, Stealc, and Rhadamanthys.

Victims are lured into downloading malicious software by interacting with what they are tricked into believing are legitimate job opportunities or project collaborations.

On Windows, HijackLoader is used for delivering Stealc, a general-purpose lightweight info-stealer designed to collect data from browsers and crypto wallet apps, or Rhadamanthys, a more specialized stealer that targets a broad range of applications and data types.

When the target uses macOS, Marko Polo deploys Atomic ('AMOS'). This stealer launched in mid-2023, rented to cybercriminals for $1,000/month, allowing them to snatch various data stored in web browsers.

Transport for London, the city's public transportation agency, revealed today that its staff has limited access to systems and email due to measures implemented in response to a Sunday cyberattack.

"After an initial chat conversation, the attacker sent a ZIP file that contained COVERTCATCH malware disguised as a Python coding challenge," researchers Robert Wallace, Blas Kojusner, and Joseph Dobson said.

The malware functions as a launchpad to compromise the target's macOS system by downloading a second-stage payload that establishes persistence via Launch Agents and Launch Daemons.

American car rental giant Avis disclosed a data breach after attackers breached one of its business applications last month and stole customer personal information.

Tracked as CVE-2024-45195 and discovered by Rapid7 security researchers, this remote code execution flaw is caused by a forced browsing weakness that exposes restricted paths to unauthenticated direct request attacks.

The malvertising activity, observed in June 2024, is a departure from previously observed tactics wherein the malware has been propagated via traditional phishing emails, Unit 42 researchers Mark Lim and Tom Marsden said.

Definitions:

Malvertising - Internet advertising whose real intention is to deliver malware to the PC when the ad is clicked.

-wordnik

The U.S. Federal Trade Commission (FTC) has reported a massive increase in losses to Bitcoin ATM scams, nearly ten times the amount from 2020 and reaching over $110 million in 2023.

Bitcoin ATMs are typically located in convenience stores, gas stations, and other busy areas, but instead of dispensing cash like the traditional ATMs they resemble, they allow you to buy and sell cryptocurrency.