Novel Minecraft-targeting stealer tapped by reemergent LofyGang

Brazilian threat group LofyGang has resurfaced to compromise Minecraft players with the novel LofyStealer malware, also known as GrabBot, more than three years after its last attack campaign,The Hacker Newsreports.Intrusions commenced with the deployment of the Minecraft hack dubbed ‘Slinky’, which utilized the official game icon for legitimacy, to run a JavaScript loader that led to the injection of LofyStealer, according to findings from Brazilian cybersecurity firm ZenoX. LofyStealer then proceeds to harvest and exfiltrate passwords, tokens, cookies, cards, and International Bank Account Numbers across several web browsers, including Google Chrome, Mozilla Firefox, Brave, and Microsoft Edge.While LofyGang has previously leveraged the JavaScript supply chain as its initial attack vector, its latest campaign indicates a transition towards a malware-as-a-service model, said ZenoX researchers. Such findings follow a recentAcronis report detailing the use of fake game cheats on GitHub and Reddit to spread the Vidar 2.0 information-stealing malware.

Army turns to tech giants to map out AI cyber defenses

Corvus Energy Achieves DNV Cybersecurity Type Approval For Dolphin NxtGen | Ocean News & Technology

Cyber criminals release information aquired from Winona County network

PyTorch Lightning Compromised in PyPI Supply Chain Attack to Steal Credentials

Three Arrested for Hacking Over 610,000 Roblox Accounts