Cybersecurity firm Kaspersky has linked the known threat actor DoNot Team to the use of a new .NET-based backdoor named Firebird, targeting victims in Pakistan and Afghanistan. The attack chains have also been configured to deliver a downloader, named CSVtyrei. The attackers are suspected to be of Indian origin, employing spear-phishing emails and rogue Android apps to spread malware.
FBI Deletes PlugX Malware from 4,250 Hacked Computers in Multi-Month Operation
The FBI has deleted PlugX malware from more than 4,250 infected computers as part of a US Department of Justice-approved multi-month operation. PlugX, controlled by
