Saturday April 26, 2025

Advisory ID: NCC-CSIRT-1811-056

Summary: Ukrainian cyber-experts have discovered a new attack that compromises victims’ VPN(Virtual Private Network) accounts to access and encrypt networked resources. The attack  uses Vidar Malware(Vidar Stealer) to steal Telegram session data, which in the absence of configured two-factor authentication and a passcode, allows unauthorized access to the victim's telegram account and corporate account/network.

Vulnerable Platform(s): IOS, Android, Linux, Mac and Windows Operating Systems

Read more: Somnia Ransomware using Vidar Malware(Vidar Stealer) to give unauthorized access to User Telegram...

Advisory ID: NCC-CSIRT-1114-054

Summary: Cybersecurity analysts at DCSO CyTec, discovered a new variant of StrelaStealer Malware. The malware has been aggressively collecting email account credentials from Outlook and Thunderbird, two popular email clients. 

Vulnerable Platform(s): Email

Read more: Outlook and Thunderbird Email Account Credentials Compromised by the New StrelaStealer Malware

Advisory ID: NCC-CSIRT-0222-0005

Summary: XENOMORPH, is a newly hatched malicious software that steals users banking App login credentials and has been found to target 56 financial institutions from Europe. It was named “Xenomorph” by researchers at "Threatfabric" because of the similarities in its code to that of the notorious banking Trojan "Alien", which has made researchers to believe that it is either the successor to “Alien” or that they both were created by the same Person. The main intent of this malware is to steal credentials, combined with the use of SMS and Notification interception to log-in and use potential 2-factor Authentication tokens.

Vulnerable Platform(s): All Android devices

Read more: Xenomorph Trojan Malware Targets Android Banking Applications

Advisory ID: ngCERT-2022-0066

Summary: New variants of the BRATA banking trojan have been discovered to be targeting global Android devices since November 2021 with advanced features, including the ability to wipe devices after stealing user data, tracking devices via GPS, and novel obfuscation techniques. The remote access trojan (RAT), which targets banks and financial institutions, is now being distributed through a downloader to avoid being detected by antivirus (AV) solutions.

Vulnerable Platform(s): Android Devices

Read more: New Variant of BRATA Banking Trojan Infecting Android Devices

Advisory ID: NCC-CSIRT-0122-000

Summary: Facebook for Android is vulnerable to a permission issue which gives privilege to anyone with physical access to the android device to accept friend requests without unlocking the phone. The products affected include Versions 329.0.0.29.120 of Android OS. To solve the vulnerability, users are recommended to disable the feature from their device’s lock screen notification settings. 

Vulnerable Platform(s): All Android 10 Versions 329.0.029.120

Read more: Facebook for Android Friend Acceptance Vulnerability

  1. Beware of Juice Jacking when charging mobile phones at public charging stations
  2. Wordpress Themes and Plugins Vulnerabilities
  3. Ransomware Attack Warning

Page 22 of 23