HackMag – Page 10 – Tech magazine for cybersecurity specialists

18,000 script kiddies have been infected with backdoor via XWorm RAT builder

📟 News

Date: 25/01/2025

Author: HackMag

According to CloudSEK analysts, malefactors attack novice hackers using a fake malware builder. Script kiddies’ systems become infected with a backdoor that steals data and subsequently seizes control over their computers.

Read full article →

Your guide to NTLM relay: Hijacking NTLM authentication to deliver a relay attack

Date: 24/01/2025

Author: DrieVlad

Why NTLM authentication is still present in many infrastructures? The correct answer is: because Windows cannot exist without it. But NTLM authentication is marred by a number of problems that can be exploited by attackers. One of such problems is its vulnerability to relay attacks. This article discusses authentication hijacking techniques enabling you to deliver a relay attack.

Read full article →

Hundreds of websites impersonating Reddit and WeTransfer spread Lumma Stealer

📟 News

Date: 24/01/2025

Author: HackMag

Sekoia researcher crep1x discovered that hackers are currently using some 1,000 pages impersonating Reddit and WeTransfer. Victims visiting these sites are tricked into downloading the Lumma Stealer malware.

Read full article →

Fake Telegram CAPTCHA forces users to run malicious PowerShell scripts

📟 News

Date: 23/01/2025

Author: HackMag

Hackers used the news of Ross Ulbricht pardoning to lure users to a rogue Telegram channel where they are tricked into running malicious PowerShell code.

Read full article →

Hand-made cheat: Looking through walls and aiming automatically in a 3D shooter

Date: 22/01/2025

Author: neeko

Today you will learn how to write a cheat for an online shooter. This cheat will implement such hacks as extrasensory perception (ESP) and aimbot. ESP displays player information above their heads (e.g. player’s health, name, or current weapon); while aimbot automatically aims your weapons at other players.

Read full article →

Fake Homebrew Infects macOS and Linux Machines with infostealer

📟 News

Date: 22/01/2025

Author: HackMag

Attackers use Google ads to disguise themselves as the Homebrew website and distribute malware targeting Mac and Linux systems and stealing logon credentials, browser data, and cryptocurrency wallets.

Read full article →

Flaying three-headed sheep. How to dump Kerberos tickets in C++

Date: 21/01/2025

Author: MichelleVermishelle

Kerberos offers plenty of user authentication features. Its main ‘bricks’ are tickets; in the course of penetration testing, the attacker dumps such tickets from the LSASS process memory at least once. Today, I will explain how this operation can be performed without sophisticated hacker tools.

Read full article →