Krebs on Security

DECEMBER 8, 2021

Darkode was taken down in 2015 as part of an FBI investigation sting operation , but screenshots of the community saved by this author show that DCReavers2 was already well known to the Darkode founders when his membership to the forum was accepted in May 2009. DCReavers2 was just the 22nd account to register on the Darkode cybercrime forum.

Cybercrime 330

Cybercrime Ransomware Accountability Advertising 330

The Hacker News

DECEMBER 1, 2021

A Russian national charged with providing bulletproof hosting services for cybercriminals, who used the platform to spread malware and attack U.S. organizations and financial institutions between 2009 to 2015, has received a 60-month prison sentence.

Malware 142

Malware 142

eSecurity Planet

MARCH 1, 2022

Symantec this week reported a highly sophisticated malware called “Backdoor.Daxin” that “appears to be used in a long-running espionage campaign against select governments and other critical infrastructure targets” and appears to be linked to China. The malware then sends information back to remote servers.

Malware 122

Malware Government Encryption Architecture 122

Security Boulevard

MAY 15, 2024

The operators behind the Ebury server-side malware botnet have been doing business since at least 2009 and, according to the threat researchers who have been tracking it for the last decade, are stronger and more active than ever. The malware has compromised at least 400,000 Linux servers over the past 15 years, with about 100,000.

Malware 121

Malware Cybersecurity Network Security 121

Security Affairs

FEBRUARY 22, 2025

This threat actor was involved in cyber espionage campaigns and sabotage activities to destroy data and disrupt systems.

Cryptocurrency 129

Cryptocurrency Hacking Banking Cybersecurity 129

Krebs on Security

JUNE 7, 2021

In the process of doing so, I encountered a small snag: The FSB’s website said in order to communicate with them securely, I needed to download and install an encryption and virtual private networking (VPN) appliance that is flagged by at least 20 antivirus products as malware. The FSB headquarters at Lubyanka Square, Moscow.

Antivirus 331

Antivirus VPN Encryption Malware 331

Security Affairs

MARCH 28, 2019

The activity of the Lazarus Group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks and experts that investigated on the crew consider it highly sophisticated. At the time, North Korea-linked Lazarus APT group leveraged for the first time on a MacOS variant of the Fallchill malware.

Cryptocurrency 111

Cryptocurrency Malware Advertising Antivirus 111

Security Affairs

FEBRUARY 17, 2024

Ukrainian national Vyacheslav Igorevich Penchukov has pleaded guilty to his key roles in the Zeus and IcedID malware operations. Vyacheslav Igorevich Penchukov was a leader of two prolific malware groups that infected thousands of computers with malicious software.

Malware 129

Malware Cybercrime Banking Hacking 129

SecureWorld News

FEBRUARY 20, 2025

Attackers exploit public-facing applications by targeting known vulnerabilities, including: Fortinet FortiOS (CVE-2018-13379) Adobe ColdFusion (CVE-2010-2861, CVE-2009-3960) Microsoft Exchange (CVE-2021-34473, CVE-2021-34523, CVE-2021-31207) Microsoft SharePoint (CVE-2019-0604) Once inside, Ghost actors deploy Cobalt Strike Beacon malware, steal credentials, (..)

Ransomware 110

Ransomware IoT Encryption Social Engineering 110

Krebs on Security

DECEMBER 16, 2019

The feds allege Aqua led an elite cybercrime ring with at least 16 others who used advanced, custom-made strains of malware known as “ JabberZeus ” and “ Bugat ” (a.k.a. “ Dridex “) to steal banking credentials from employees at hundreds of small- to mid-sized companies in the United States and Europe.

Cybercrime 274

Cybercrime Banking Small Business Accountability 274

Security Affairs

SEPTEMBER 22, 2018

Scan4you is a VirusTotal like online multi-engine antivirus scanning service that could be used by vxers to test evasion abilities of their malware against the major antiviruses. A second customer used Scan4you to contribute to the development of infamous Citadel malware that caused over $500 million in fraud-related losses.

Malware 111

Malware Antivirus Retail Advertising 111

Krebs on Security

JULY 20, 2021

A federal judge in Connecticut today handed down a sentence of time served to spam kingpin Peter “Severa” Levashov , a prolific purveyor of malicious and junk email, and the creator of malware strains that infected millions of Microsoft computers globally. In this paid ad from 2004, Severa lists prices to rent his spam botnet.

Antivirus 343

Antivirus Cybercrime Identity Theft Scams 343

Security Affairs

NOVEMBER 16, 2020

The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems.

Malware 108

Malware Software Cryptocurrency Financial Services 108

Security Affairs

DECEMBER 17, 2019

The activity of the Lazarus APT group (aka HIDDEN COBRA ) surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. Dacls is the first malware linked to the Lazarus group that targets Linux systems. com ‘ was involved in past campaigns of the Lazarus APT. Pierluigi Paganini.

Malware 106

Malware Advertising Encryption Hacking 106

The Hacker News

OCTOBER 21, 2021

for offering "bulletproof hosting" services to cybercriminals, who used the technical infrastructure to distribute malware and attack financial institutions across the country between 2009 to 2015. Two Eastern European nationals have been sentenced in the U.S.

Malware 104

Malware 104

Security Affairs

APRIL 5, 2019

A few days ago, the researchers of ZLab Yoroi-Cybaze dissected another attack wave of the infamous Ursnif malware, also known as Gozi ISFB , an offspring of the original Gozi which source code was leaked in 2014. Ursnif/Gozi is active from over a decade and was one of the most active malware listed in 2017 and 2018.

Banking 109

Banking Malware Cryptocurrency Advertising 109

Security Affairs

AUGUST 10, 2018

Security researchers at Intezer and McAfee have conducted a joint investigation that allowed them to collect evidence that links malware families attributed to North Korean APT groups such as the notorious Lazarus Group and Group 123. Each node represents a malware family or a hacking tool (“ Brambul ,” “ Fallchill ,” etc.)

Malware 69

Malware Hacking Advertising Ransomware 69

Malwarebytes

DECEMBER 5, 2022

It's been active since 2009 and is responsible for many high profile attacks. Now, researchers at Volexity have analyzed a new campaign that is likely targeting cryptocurrency users and organizations with a variant of the AppleJeus malware by using malicious Microsoft Office documents. Lazarus Group. Second wave. Be careful.

Cryptocurrency 94

Cryptocurrency Malware Scams Cybercrime 94

Krebs on Security

JANUARY 8, 2024

As detailed in my 2014 book, Spam Nation , Spamdot was home to crooks controlling some of the world’s nastiest botnets, global malware contagions that went by exotic names like Rustock , Cutwail , Mega-D , Festi , Waledac , and Grum. ” Likewise, the bulletproof domain service icamis[.]ws ws was registered to an Andrew Artz.

Cybercrime 261

Cybercrime Banking Computers and Electronics DDOS 261

Krebs on Security

JULY 8, 2019

But GandCrab far eclipsed the success of competing ransomware affiliate programs largely because its authors worked assiduously to update the malware so that it could evade antivirus and other security defenses. It remains unclear how many individuals were active in the core GandCrab malware development team. of GandCrab. of GandCrab.

Ransomware 277

Ransomware Accountability Cybercrime Passwords 277

Security Affairs

JULY 13, 2024

Ukrainian national Vyacheslav Igorevich Penchukov was sentenced to prison for his role in Zeus and IcedID malware operations. DoJ sentenced the Ukrainian national Vyacheslav Igorevich Penchukov (37) to prison and ordered him to pay millions of dollars in restitution for his role in the Zeus and IcedID malware operations.

Cybercrime 127

Cybercrime Banking Malware Hacking 127

The Last Watchdog

FEBRUARY 7, 2023

Related: Deploying human sensors Additionally, with tools like ChatGPT, almost anyone can create new malware and become a threat actor. Founded in 2009, Vade supplies AI-based cybersecurity technologies that help companies defend many types of email-borne attacks.

Small Business 222

Small Business Technology Cyber Attacks Cybersecurity 222

Security Affairs

DECEMBER 25, 2020

The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems.

Cryptocurrency 142

Cryptocurrency Malware Hacking Phishing 142

Security Affairs

AUGUST 29, 2020

The BeagleBoyz APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems.

Banking 143

Banking Malware Advertising Hacking 143

Security Affairs

OCTOBER 21, 2021

The United States Department of Justice sentenced two individuals that were providing bulletproof hosting to various malware operations. The two individuals, Aleksandr Skorodumov (33) of Lithuania, and Pavel Stassi (30) of Estonia, administrated the bulletproof hosting service between 2009 and 2015.

System Administration 123

System Administration Malware Accountability Marketing 123

Security Affairs

JUNE 18, 2020

Researchers uncovered an ongoing campaign delivering the Qbot malware to steal credentials from customers of dozens of US financial institutions. Security researchers at F5 Labs have spotted ongoing attacks using Qbot malware payloads to steal credentials from customers of dozens of US financial institutions. Pierluigi Paganini.

Banking 138

Banking Malware Advertising Financial Services 138

Security Affairs

NOVEMBER 28, 2021

North Korea-linked APT group posed as Samsung recruiters is a spear-phishing campaign that targeted South Korean security companies that sell anti-malware solutions, Google TAG researchers reported. The activity of the Zinc APT group, aka Lazarus , surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks.

Malware 143

Malware Phishing Antivirus Hacking 143

Schneier on Security

APRIL 11, 2024

He has been in charge of XZ Utils since he wrote it in 2009. Many open-source libraries, like XZ Utils, are maintained by volunteers. In the case of XZ Utils, it’s one person, named Lasse Collin. And, at least in 2022, he’s had some “ longterm mental health issues. ” (To be clear, he is not to blame in this story. This is a systems problem.)

Software 359

Software Engineering Internet Internet 359

Krebs on Security

MARCH 22, 2022

When I first began writing about Vrublevsky in 2009 as a reporter for The Washington Post , ChronoPay and its sister firm Red & Partners (RNP) were earning millions setting up payment infrastructure for fake antivirus peddlers and spammers pimping male enhancement drugs.

Banking 231

Banking Marketing DDOS Risk 231

Security Affairs

OCTOBER 27, 2021

The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems.

Malware 125

Malware System Administration Hacking Media 125

Security Affairs

NOVEMBER 15, 2021

IDA Pro is widely used by malware researchers to translate machine-executable code into assembly language source code for purpose of debugging and reverse engineering. . The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. Win64/NukeSped.JS : devguardmap[.]org

Cybersecurity 121

Cybersecurity Engineering Software Malware 121

Security Affairs

JANUARY 16, 2019

The activity of the Lazarus Group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks and experts that investigated on the crew consider it highly sophisticated. Last year, researchers revealed that code reuse links most North Korean malware to Lazarus. ” reported Flashpoint.

Malware 105

Malware Banking Media Advertising 105

Security Affairs

FEBRUARY 25, 2021

“Once the malicious document is opened, the malware is dropped and proceeds to the next stage of the deployment process. The ThreatNeedle malware used in this campaign belongs to a malware family known as Manuscrypt, which belongs to the Lazarus group and has previously been seen attacking cryptocurrency businesses.”

Malware 130

Malware Cryptocurrency Password Management Encryption 130

Security Boulevard

SEPTEMBER 16, 2024

Folks, Do you remember the international embassies web malware exploitation spree using client-side exploits that took place back in 2009 with the Russian Business Network the hosting provider of choice for these campaigns? xyz hxxp://aaepgp[.]com com hxxp://brightstonepharma[.]com com hxxp://ksfcradio[.]com com hxxp://ksfcnews[.]com

Malware 59

Malware Accountability 59

Krebs on Security

SEPTEMBER 25, 2024

This entity claims to have been around since 2009, but the domain itself is less than two years old, and there is no contact information associated with the site. host — recently compromised their computer with information-stealing malware.

Scams 305

Scams DNS Consumer Protection Data collection 305

CyberSecurity Insiders

MAY 6, 2021

Report released by the firm says that the discovered flaw is actually an amalgamation of 5 different flaws that are present on the Dell BIOS Utility Driver called DBUtil and has been in place since 2009.

DDOS 113

DDOS Phishing Malware Cybersecurity 113

Security Affairs

MAY 9, 2020

North Korea-linked Lazarus APT already used at least two macOS malware in previous attacks, now researchers from Malwarebytes have identified a new Mac variant of the Linux-based Dacls RAT. The activity of the Lazarus APT group (aka HIDDEN COBRA ) surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks.

Malware 126

Malware Advertising Encryption Hacking 126