At a glance.
- Malicious packages found attached to NuGet.
- Russia will establish an autarkic substitute for VirusTotal.
- Commodity tools empower low-grade Russian cybercriminals.
- Malware mealkits, and other notes from the cyber underground.
- Cybersecurity workforce study.
- Full text of US Executive Order now available.
Malicious packages found attached to NuGet.
Researchers at ReversingLabs have discovered “several hundred malicious packages published to the NuGet package manager since the beginning of August.” The researchers note, “[T]hese packages employed an unusual code execution technique that is worth mentioning. Most of the malware published to the NuGet repository places malicious code inside the initialization and post installation PowerShell scripts. These packages use a different approach, with the malicious functionality placed inside the <packageID>.targets file in the ‘build’ directory.” ReversingLabs adds, “Based on our research, this is the first known example of malware published to the NuGet repository exploiting this inline tasks feature to execute malware.”
The NuGet security team has since removed the malicious packages.
Russia will establish an autarkic substitute for VirusTotal.
The Record reports, citing an account in Rosiskaya Gazeta, that Russia is in the process of establishing a free security package for Internet users. Called "Multiscanner," the project will be prototyped this year, further developed in 2024, and released in finished form during 2025. It will perform, Deputy Minister of Digital Development, Communications and Mass Communications Alexander Shoitov says, all the functions of VirusTotal, and then some. Replacement of VirusTotal, however, is a principal goal of the program: Russian authorities regard VirusTotal as a security risk. The Record explains, "Similarly to VirusTotal, the service would ultimately not only remotely check files and links using static analysis, but also conduct behavioral analysis on the suspected malware in virtual controlled sandbox environments."