VulnHub

Real-time Cybersecurity News

Malware campaign uses VirusTotal manipulation, legitimate news sites to gain reputation

SCM feed for Latest
Actively Exploited
Malware

Overview

A new malware campaign is manipulating VirusTotal, a widely used malware scanning service, to enhance the reputation of malicious software. This campaign primarily involves a clipboard hijacker, which can steal sensitive information from users' clipboards. To boost its visibility, the attackers are also using 'ghost networks' on social media, which artificially inflate engagement and spread awareness of their malicious tools. This approach not only makes the malware seem more legitimate but also complicates detection efforts. As a result, users who visit compromised sites or engage with these ghost networks may unknowingly expose their data to theft.

Key Takeaways

  • Active Exploitation: This vulnerability is being actively exploited by attackers. Immediate action is recommended.
  • Affected Systems: Clipboard hijacker malware, VirusTotal users, social media users
  • Action Required: Users should avoid clicking on suspicious links and ensure their antivirus software is up to date.
  • Timeline: Newly disclosed

Original Article Summary

The clipboard hijacker campaign also uses “ghost networks” on social media to boost engagement.

Impact

Clipboard hijacker malware, VirusTotal users, social media users

Exploitation Status

This vulnerability is confirmed to be actively exploited by attackers in real-world attacks. Organizations should prioritize patching or implementing workarounds immediately.

Timeline

Newly disclosed

Remediation

Users should avoid clicking on suspicious links and ensure their antivirus software is up to date. Regularly clearing the clipboard and being cautious with sensitive information can also help mitigate risks.

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Related Topics: This incident relates to Malware.

Read Original Article

Related Coverage

Texas govt data breach exposes over 3 million driver’s licenses

BleepingComputer

The Texas Parks and Wildlife Department (TPWD) has reported a significant data breach involving its license system vendor. This incident has compromised the personal information of over three million individuals, including details related to driver’s licenses. The breach raises concerns about identity theft and privacy for those affected, as their sensitive information may be exposed to malicious actors. The TPWD's announcement emphasizes the need for vigilance among residents, encouraging them to monitor their accounts for any signs of fraud. This incident highlights the ongoing risks associated with third-party vendors managing sensitive data, underscoring the importance of robust security measures in protecting personal information.

Jun 19, 2026

eFAQ Publishes Investigation Into Alleged Scam Activity and Coordinated Reputation Attacks

Hackread – Cybersecurity News, Data Breaches, AI and More

eFAQ has released an investigation into alleged scam activities linked to coordinated reputation attacks targeting various individuals and organizations. The report outlines how these scams operate, often involving misinformation and fraudulent communications designed to damage reputations and mislead potential victims. Those affected include both individuals and businesses that have been wrongly accused or misrepresented in online platforms, leading to significant reputational harm. This incident highlights the growing concern around online scams and the need for vigilance among users and companies alike. Understanding these tactics is crucial for protecting personal and organizational integrity in the digital landscape.

Jun 19, 2026

Every AI Agent Is an Identity. Most Organizations Don't Treat Them That Way

BleepingComputer

The article discusses the growing challenge organizations face with AI agents, which are increasingly being treated as identities within business systems. These AI agents can perform various tasks, such as accessing sensitive data, triggering workflows, and deploying code, often without sufficient oversight. This raises concerns about governance and security, as organizations may not have adequate measures in place to manage these AI entities. The piece emphasizes the need for companies to reevaluate their identity and access management strategies to address the unique risks posed by AI agents. As these technologies continue to evolve, ensuring proper governance is crucial to protect critical business systems from potential misuse or attacks.

Jun 19, 2026

Stressors, AI Forcing Changes to Cybersecurity Teams

darkreading

As cybersecurity threats increase and the use of AI becomes more prevalent, Chief Information Security Officers (CISOs) are reporting that their roles are becoming increasingly challenging. Despite these difficulties, many companies are still seeking cybersecurity expertise, often on a part-time basis. This trend highlights the ongoing demand for skilled professionals in the field, even as the landscape becomes more complex. The reliance on AI tools in cybersecurity is both a double-edged sword, offering advanced capabilities while also introducing new vulnerabilities. This situation emphasizes the need for companies to adapt their security teams to effectively manage these evolving challenges.

Jun 19, 2026

Microsoft: June 2026 Windows updates break Recycle Bin prompts

BleepingComputer

Microsoft has acknowledged a bug in the June 2026 Windows updates that disrupts the Recycle Bin's file deletion confirmation dialog. Users are reporting that incorrect filenames appear when they attempt to delete files, which can lead to confusion and potential mistakes while managing their data. This issue affects various versions of Windows, although specific versions have not been detailed. The bug is particularly concerning because it may hinder user confidence in the file deletion process, leading to accidental data loss. Microsoft has not yet provided a timeline for a fix, leaving users in a state of uncertainty regarding how to manage their files safely.

Jun 19, 2026

CryptoBandits Malware Doubles as a Backdoor, Abuses Tor

SecurityWeek

CryptoBandits is a new type of malware that combines data theft with remote code execution capabilities. It uses a local SOCKS5 proxy to route its traffic, which allows it to operate discreetly while abusing the Tor network for anonymity. This dual functionality poses significant risks, as it can both steal sensitive information and provide attackers with a backdoor into compromised systems. Users and organizations should be vigilant, as this malware can impact various systems and potentially lead to severe data breaches. The ongoing threat of CryptoBandits highlights the need for enhanced security measures in environments where sensitive data is handled.

Jun 19, 2026