Svoboda Cybersecurity Brief May 11, 2025

May 11, 2025

New Noodlophile Infostealer Distributed via Fake AI Video Generators

Fake AI video generation tools like “Dream Machine” are distributing Noodlophile, a new infostealer malware, through Facebook ads. The malware uses a multi-stage infection chain involving a disguised executable (Video Dream MachineAI.mp4.exe) and leverages legitimate tools like certutil.exe for decoding payloads. Stolen data, including browser credentials and crypto wallets, is exfiltrated via Telegram bots, with optional deployment of XWorm RAT.
Impact: Credential theft, cryptocurrency wallet compromise, and potential remote system access.
Mitigation: Verify file extensions, disable auto-execution of downloaded files, and use updated AV tools.
Source: BleepingComputer

Google Settles with Texas for $1.375B Over Unauthorized Data Tracking

Google will pay $1.375 billion to Texas for unlawfully tracking user location and collecting biometric data (e.g., facial geometry) without consent. The settlement addresses allegations of bypassing privacy settings, including tracking users with Location History disabled. This follows similar settlements in other states, highlighting ongoing regulatory scrutiny of Google’s data practices.
Source: The Hacker News

Germany Shuts Down eXch Crypto Exchange for $1.9B Money Laundering

German authorities seized €34 million ($38.25M) in crypto and 8TB of data from eXch, a platform accused of laundering $1.9 billion in illicit funds, including proceeds from the Bybit hack. The exchange operated without AML checks, catering to criminal networks. Dutch investigators are pursuing linked individuals, emphasizing action against misuse, not privacy.
Source: The Hacker News

Share this brief: https://svo.bz/wBdN

If you want to support us, you can donate here: Donate