Czech Mobile Users Targeted in Phishing Campaign; Vermin Attacks, North Korean MoonPeak Trojan, and PG_MEM Malware Detected

A new phishing campaign has emerged in the Czech Republic, specifically targeting mobile users through Progressive Web Applications (PWAs) to steal banking credentials. This scheme has been highlighted by cybersecurity experts and is part of a broader trend of phishing attacks exploiting mobile technology. In a related development, the Ukrainian cybersecurity agency CERT-UA has issued a warning regarding new phishing attacks linked to the pro-Russia group Vermin, which employs Power of Work (PoW) images to spread malware such as SPECTR and FIRMACHAGENT, targeting devices in Ukraine. Additionally, a North Korean hacking group known as UAT-5394 is actively deploying a new remote access trojan named MoonPeak, designed to work with specific command and control servers, reflecting a tailored approach to evade detection. Furthermore, a new malware identified as PG_MEM is targeting PostgreSQL databases with weak passwords, allowing attackers to mine cryptocurrency, deploy additional malware, and potentially take control of affected servers. These incidents underscore the increasing sophistication of cyber threats in Eastern Europe and beyond.