2009, Malware and Ransomware - Cyber Security Informer

Ghost Ransomware a Persistent Global Threat to Critical Infrastructure

SecureWorld News

FEBRUARY 20, 2025

The FBI, CISA, and MS-ISAC have issued a joint cybersecurity advisory warning organizations about Ghost (Cring) ransomware, a sophisticated cyber threat that has been compromising critical infrastructure, businesses, and government entities worldwide.

Ransomware

Ransomware IoT Encryption Social Engineering

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Krebs on Security

JUNE 1, 2023

This post is a deep dive on “ Megatraffer ,” a veteran Russian hacker who has practically cornered the underground market for malware focused code-signing certificates since 2015. More recently, it appears Megatraffer has been working with ransomware groups to help improve the stealth of their malware. su from 2008.

Malware

Malware Cybercrime Software Accountability

Who’s Behind the GandCrab Ransomware?

Krebs on Security

JULY 8, 2019

The crooks behind an affiliate program that paid cybercriminals to install the destructive and wildly successful GandCrab ransomware strain announced on May 31, 2019 they were terminating the program after allegedly having earned more than $2 billion in extortion payouts from victims. Image: Malwarebytes. The GandCrab identity on Exploit[.]in

Ransomware

Ransomware Accountability Cybercrime Passwords

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

Canada Charges Its “Most Prolific Cybercriminal”

Krebs on Security

DECEMBER 8, 2021

A 31-year-old Canadian man has been arrested and charged with fraud in connection with numerous ransomware attacks against businesses, government agencies and private citizens throughout Canada and the United States. Federal Bureau of Investigation (FBI) contacted them regarding ransomware attacks that were based in Canada.

Cybercrime

Cybercrime Ransomware Accountability Advertising

Adventures in Contacting the Russian FSB

Krebs on Security

JUNE 7, 2021

In the process of doing so, I encountered a small snag: The FSB’s website said in order to communicate with them securely, I needed to download and install an encryption and virtual private networking (VPN) appliance that is flagged by at least 20 antivirus products as malware. The FSB headquarters at Lubyanka Square, Moscow.

Antivirus

Antivirus VPN Encryption Malware

MY TAKE: A primer on how ransomware arose to the become an enduring scourge

The Last Watchdog

AUGUST 15, 2019

Stunning as these two high-profile attacks were, they do not begin to convey the full scope of what a pervasive and destructive phenomenon ransomware has become – to individuals, to companies of all sizes and, lately, to poorly defended local agencies. Probing and plundering Ransomware is highly resilient and flexible.

Ransomware

Ransomware Internet Internet Hacking

The Link Between Ransomware and Cryptocurrency

eSecurity Planet

DECEMBER 21, 2021

There are few guarantees in the IT industry, but one certainty is that as the world steps into 2022, ransomware will continue to be a primary cyberthreat. The dangers from ransomware have risen sharply since WannaCry and NotPetya hit the scene in 2017, and this year has been no different. Cryptocurrency Fuels Ransomware.

Cryptocurrency

Cryptocurrency Ransomware Cybercrime Social Engineering

Ukrainian national faces up to 20 years in prison for his role in Zeus, IcedID malware schemes

Security Affairs

FEBRUARY 17, 2024

Ukrainian national Vyacheslav Igorevich Penchukov has pleaded guilty to his key roles in the Zeus and IcedID malware operations. Vyacheslav Igorevich Penchukov was a leader of two prolific malware groups that infected thousands of computers with malicious software.

Malware

Malware Cybercrime Banking Hacking

Lazarus APT continues to target cryptocurrency businesses with Mac malware

Security Affairs

MARCH 28, 2019

The activity of the Lazarus Group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks and experts that investigated on the crew consider it highly sophisticated. The group is considered responsible for the massive WannaCry ransomware attack, a string of SWIFT attacks in 2016, and the Sony Pictures hack.

Cryptocurrency

Cryptocurrency Malware Advertising Antivirus

Lazarus malware delivered to South Korean users via supply chain attacks

Security Affairs

NOVEMBER 16, 2020

The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems.

Malware

Malware Software Cryptocurrency Financial Services

Dacls RAT, the first Lazarus malware that targets Linux devices

Security Affairs

DECEMBER 17, 2019

The activity of the Lazarus APT group (aka HIDDEN COBRA ) surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. The group is considered responsible for the massive WannaCry ransomware attack, a string of SWIFT attacks in 2016, and the Sony Pictures hack. Pierluigi Paganini.

Malware

Malware Advertising Encryption Hacking

3 Top Reasons America Is Under a 'Ransomware Siege'

SecureWorld News

JULY 28, 2021

crime-fighting agencies testified in front of Congress this week and the hearing had a chilling title: "America Under Cyber Siege: Preventing and Responding to Ransomware Attacks". Secret Service has observed a marked uptick in the frequency, sophistication, and destructiveness of ransomware attacks against the American people.".

Ransomware

Ransomware Cybercrime Cryptocurrency Healthcare

Artificial Intelligence meets real talk at IRISSCON 2024

BH Consulting

NOVEMBER 14, 2024

But a hallmark of the event since it was first held in 2009 is visiting speakers who aren’t afraid to challenge popular narratives. So far we haven’t seen criminals write malware entirely in AI. Mostly they’re using it for scripts and smaller tools… It is an assistant to the malware developer, not actually replacing them.”

Artificial Intelligence

Artificial Intelligence Ransomware Social Engineering Cybersecurity

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Security Affairs

AUGUST 6, 2023

In June a ransomware attack hit the Colorado Department of Higher Education (CDHE), now the organization disclosed a data breach. CDHE discovered the ransomware attack on June 19, 2023, it immediately launched an investigation into the security breach with the help of third-party specialists.

Education

Education Data breaches Ransomware Hacking

North Korea-linked APT group BeagleBoyz targets banks

Security Affairs

AUGUST 29, 2020

The BeagleBoyz APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems.

Banking

Banking Malware Advertising Hacking

The analysis of the code reuse revealed many links between North Korea malware

Security Affairs

AUGUST 10, 2018

Security researchers at Intezer and McAfee have conducted a joint investigation that allowed them to collect evidence that links malware families attributed to North Korean APT groups such as the notorious Lazarus Group and Group 123. Each node represents a malware family or a hacking tool (“ Brambul ,” “ Fallchill ,” etc.)

Malware

Malware Hacking Advertising Ransomware

Social Security Numbers leaked in ransomware attack on Ohio History Connection

Malwarebytes

AUGUST 29, 2023

The Ohio History Connection (OHC) has posted a breach notification in which it discloses that a ransomware attack successfully encrypted internal data servers. During the attack, the cybercriminals may have had access to names, addresses, and Social Security Numbers (SSNs) of current and former OHC employees (from 2009 to 2023).

Ransomware

Ransomware Data breaches Passwords Phishing

North Korea-linked Lazarus group targets cybersecurity experts with Trojanized IDA Pro

Security Affairs

NOVEMBER 15, 2021

IDA Pro is widely used by malware researchers to translate machine-executable code into assembly language source code for purpose of debugging and reverse engineering. . The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks.

Cybersecurity

Cybersecurity Engineering Software Malware

North Korea-linked Zinc group posed as Samsung recruiters to target security firms

Security Affairs

NOVEMBER 28, 2021

North Korea-linked APT group posed as Samsung recruiters is a spear-phishing campaign that targeted South Korean security companies that sell anti-malware solutions, Google TAG researchers reported. The activity of the Zinc APT group, aka Lazarus , surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks.

Malware

Malware Phishing Antivirus Hacking

North Korea-linked Lazarus APT targets the IT supply chain

Security Affairs

OCTOBER 27, 2021

The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems.

Malware

Malware System Administration Hacking Media

Ransomware in the UK: April 2022–March 2023

Malwarebytes

APRIL 12, 2023

This article is based on research by Marcelo Rivero, Malwarebytes' ransomware specialist, who monitors information published by ransomware gangs on their dark web sites. This provides the best overall picture of ransomware activity, but the true number of attacks is far higher.

Ransomware

Ransomware Education Accountability Backups

Cyber Security Roundup for May 2021

Security Boulevard

MAY 3, 2021

The Ransomware Scourge. The Institute for Science and Technology ' Ransomware Task Force ' (RTF), which is a collaboration of more than 60 stakeholders, finally released its ransomware framework , which comprised of 48 strategies to tackle the ransomware problem.

Ransomware

Ransomware Passwords Scams Government

North Korea-linked Lazarus APT targets defense industry with ThreatNeedle backdoor

Security Affairs

FEBRUARY 25, 2021

“Once the malicious document is opened, the malware is dropped and proceeds to the next stage of the deployment process. The ThreatNeedle malware used in this campaign belongs to a malware family known as Manuscrypt, which belongs to the Lazarus group and has previously been seen attacking cryptocurrency businesses.”

Malware

Malware Cryptocurrency Password Management Encryption

North Korea-linked Lazarus APT uses a Mac variant of the Dacls RAT

Security Affairs

MAY 9, 2020

North Korea-linked Lazarus APT already used at least two macOS malware in previous attacks, now researchers from Malwarebytes have identified a new Mac variant of the Linux-based Dacls RAT. The activity of the Lazarus APT group (aka HIDDEN COBRA ) surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks.

Malware

Malware Advertising Encryption Hacking

Experts link attack on Chilean interbank network Redbanc NK Lazarus APT

Security Affairs

JANUARY 16, 2019

The activity of the Lazarus Group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks and experts that investigated on the crew consider it highly sophisticated. The group is considered responsible for the massive WannaCry ransomware attack, a string of SWIFT attacks in 2016, and the Sony Pictures hack.

Malware

Malware Banking Media Advertising

Symantec shared details of North Korean Lazarus’s FastCash Trojan used to hack banks

Security Affairs

NOVEMBER 10, 2018

Security experts from Symantec have discovered a malware, tracked as FastCash Trojan , that was used by the Lazarus APT Group , in a string of attacks against ATMs. The ATP group has been using this malware at least since 2016 to siphon millions of dollars from ATMs of small and midsize banks in Asia and Africa.

Banking

Banking Hacking Malware Advertising

FBI/DHS MAR report details HOPLIGHT Trojan used by Hidden Cobra APT

Security Affairs

APRIL 11, 2019

The activity of the Lazarus Group (aka BlueNoroff and Hidden Cobra ) surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks and experts that investigated on the crew consider it highly sophisticated. Seven of these files are proxy applications that mask traffic between the malware and the remote operators.

Malware

Malware Advertising Cryptocurrency Passwords

Microsoft: North Korea-linked Zinc APT targets security experts

Security Affairs

JANUARY 29, 2021

Microsoft Threat Intelligence Center (MSTIC) attributes this campaign with high confidence to ZINC, a DPRK-affiliated and state-sponsored group, based on observed tradecraft, infrastructure, malware patterns, and account affiliations.” Not all visitors to the site were infected. . ” concludes Microsoft.

Malware

Malware Antivirus Hacking Accountability

US and UK sanctioned seven Russian members of Trickbot gang

Security Affairs

FEBRUARY 9, 2023

The operation aimed at disrupting Russian cybercrime and ransomware. companies.” -based financial institutions that occurred in 2009 and 2010, predating his involvement in Dyre or the Trickbot Group. Valentin Karyagin has been involved in the development of ransomware and other malware projects. government and U.S.

Banking

Banking Ransomware Cybercrime Malware

North Korea-linked group Lazarus targets Latin American banks

Security Affairs

NOVEMBER 24, 2018

The activity of the Lazarus Group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks and experts that investigated on the crew consider it highly sophisticated. Recently, the group was involved in several attacks aimed at stealing millions from ATMs across Asia and Africa.

Banking

Banking Encryption Malware Advertising

North Korea-linked Lazarus APT used Windows Update client and GitHub in recent attacks

Security Affairs

JANUARY 27, 2022

North Korea-linked Lazarus APT group uses Windows Update client to deliver malware on Windows systems. The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. The use of Github as a C2 aims at evading detection.

Malware

Malware Hacking Phishing Ransomware

Hidden Cobra APT used the new ATM cash-out scheme FASTCash to hit banks worldwide

Security Affairs

OCTOBER 3, 2018

The activity of the Lazarus Group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks and experts that investigated on the crew consider it highly sophisticated. The malicious code was used for lateral movements aimed at deploying malware onto the payment switch application server.

Banking

Banking Retail Advertising Malware

US officials charge two Chinese men for laundering cryptocurrency for North Korea

Security Affairs

MARCH 3, 2020

.” The activity of the Lazarus APT group (aka HIDDEN COBRA ) surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. The group is considered responsible for the massive WannaCry ransomware attack, a string of SWIFT attacks in 2016, and the Sony Pictures hack.

Cryptocurrency

Cryptocurrency Banking Hacking Accountability

Financial cyberthreats in 2021

SecureList

FEBRUARY 23, 2022

SpyEye, developed in 2009 and described as a “bank Trojan with a form grabbing capability”, surged from the eighth most common banking malware tool with a 3.4% Emotet (9.3%), described by Europol as “the world’s most dangerous malware”, underwent a drop of five percentage points between 2020 and 2021.This

Banking

Banking Phishing Cryptocurrency Malware

What Are the Effects of a Cyberattack in a Recession?

CyberSecurity Insiders

SEPTEMBER 16, 2022

The last global recession occurred in 2009. If a ransomware attack hits a business and compromises its information, It will probably pay to keep afloat. The average ransomware payment was $570,000 in 2021. It also involves prioritizing backup servers, malware and antivirus software, and other just-in-case measures.

Cybercrime

Cybercrime Identity Theft Government Technology

Operation In(ter)reception targets Military and Aerospace employees in Europe and the Middle East

Security Affairs

JUNE 17, 2020

. “A collaborative investigation with two of the affected European companies allowed us to gain insight into the operation and uncover previously undocumented malware.” The activity of the Lazarus APT group (aka HIDDEN COBRA ) surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks.

Advertising

Advertising Malware Passwords Accountability

How To Protect Against A Phishing Attack And How To Counter Them

SiteLock

AUGUST 27, 2021

Protecting yourself from phishing and malware attacks is not only important, it’s a fundamental Internet survival skill, made even more essential if you have a web presence you depend on. The.shtml file contained an iframe that loaded PHP from a legitimate site registered in 2009. Gee, thanks, Kyle. Legitimate, but compromised.

Phishing

Phishing Antivirus Malware Firewall

The US Treasury placed sanctions on North Korea linked APT Groups

Security Affairs

SEPTEMBER 13, 2019

.” The activity of the Lazarus Group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks and experts that investigated on the crew consider it highly sophisticated. “According to industry and press reporting, by 2018, Bluenoroff had attempted to steal over $1.1

Cyber Attacks

Cyber Attacks Hacking Cryptocurrency Banking

North Korea-linked Lazarus APT hides malicious code within BMP image to avoid detection

Security Affairs

APRIL 20, 2021

The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems.

Phishing

Phishing Hacking Cryptocurrency Malware

Experts attribute NukeSped RAT to North Korea-Linked hackers

Security Affairs

OCTOBER 24, 2019

Experts at Fortinet analyzed NukeSped malware samples that share multiple similarities with malware associated with North Korea-linked APTs. Fortinet has analyzed the NukeSped RAT that is believed to be a malware in the arsenal of the Lazarus North-Korea linked APT group.

Malware

Malware Encryption Advertising Internet

Cyber CEO: The History Of Cybercrime, From 1834 To Present

Herjavec Group

AUGUST 26, 2021

After being released in 2003, he uses WiFi to commit attacks, program malware and steal credit card information. A federal grand jury indicts Albert Gonzalez and two Russian accomplices in 2009. 2009-2013 — Roman Seleznev — Roman Seleznev hacks into more than 500 businesses and 3,700 financial institutions in the U.S.,

Cybercrime

Cybercrime Computers and Electronics Hacking Banking

Top 20 Cybersecurity Companies You Need to Know in 2025

eSecurity Planet

MARCH 21, 2025

Bitdefender: Best for endpoint security and ransomware protection 3 No current available value 4.7 Bitdefenders consumer and business products consistently earn top rankings in independent security tests, reflecting exceptional malware detection and overall protection. Fortinet: Best for Network Security Perimeter Protection 15 $74.33

Cybersecurity

Cybersecurity Firewall Marketing Encryption

IRISSCON 2022 roundup: a new hope

BH Consulting

NOVEMBER 15, 2022

He analysed ten years of ransomware and found the problem, in terms of volume and frequency, was in 2014. “So So something good is already happening… We’ve already survived peak ransomware in the historical view,” he said. Ransomware: don’t pay later. Don’t use your insurance policy as your ransomware response.

Social Engineering

Social Engineering Insurance Ransomware CISO

Top Cybersecurity Companies for 2021

eSecurity Planet

AUGUST 13, 2021

Between high-profile ransomware attacks and mergers, it is a time of high stakes and great change for the industry. But constant breaches of organizations large and small, and a trail of victims to ransomware and phishing opened a massive opportunity. Founded: 2009. Learn more about Cisco. Visit website. Founded: 1984.

Cybersecurity

Cybersecurity Firewall Marketing Encryption

Ghost Ransomware a Persistent Global Threat to Critical Infrastructure

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Webinars

Trending Sources

Who’s Behind the GandCrab Ransomware?

Webinars

Canada Charges Its “Most Prolific Cybercriminal”

Adventures in Contacting the Russian FSB

MY TAKE: A primer on how ransomware arose to the become an enduring scourge

The Link Between Ransomware and Cryptocurrency

Ukrainian national faces up to 20 years in prison for his role in Zeus, IcedID malware schemes

Lazarus APT continues to target cryptocurrency businesses with Mac malware

Lazarus malware delivered to South Korean users via supply chain attacks

Dacls RAT, the first Lazarus malware that targets Linux devices

3 Top Reasons America Is Under a 'Ransomware Siege'

Artificial Intelligence meets real talk at IRISSCON 2024

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

North Korea-linked APT group BeagleBoyz targets banks

The analysis of the code reuse revealed many links between North Korea malware

Social Security Numbers leaked in ransomware attack on Ohio History Connection

North Korea-linked Lazarus group targets cybersecurity experts with Trojanized IDA Pro

North Korea-linked Zinc group posed as Samsung recruiters to target security firms

North Korea-linked Lazarus APT targets the IT supply chain

Ransomware in the UK: April 2022–March 2023

Cyber Security Roundup for May 2021

North Korea-linked Lazarus APT targets defense industry with ThreatNeedle backdoor

North Korea-linked Lazarus APT uses a Mac variant of the Dacls RAT

Experts link attack on Chilean interbank network Redbanc NK Lazarus APT

Symantec shared details of North Korean Lazarus’s FastCash Trojan used to hack banks

FBI/DHS MAR report details HOPLIGHT Trojan used by Hidden Cobra APT

Microsoft: North Korea-linked Zinc APT targets security experts

US and UK sanctioned seven Russian members of Trickbot gang

North Korea-linked group Lazarus targets Latin American banks

North Korea-linked Lazarus APT used Windows Update client and GitHub in recent attacks

Hidden Cobra APT used the new ATM cash-out scheme FASTCash to hit banks worldwide

US officials charge two Chinese men for laundering cryptocurrency for North Korea

Financial cyberthreats in 2021

What Are the Effects of a Cyberattack in a Recession?

Operation In(ter)reception targets Military and Aerospace employees in Europe and the Middle East

How To Protect Against A Phishing Attack And How To Counter Them

The US Treasury placed sanctions on North Korea linked APT Groups

North Korea-linked Lazarus APT hides malicious code within BMP image to avoid detection

Experts attribute NukeSped RAT to North Korea-Linked hackers

Cyber CEO: The History Of Cybercrime, From 1834 To Present

Top 20 Cybersecurity Companies You Need to Know in 2025

IRISSCON 2022 roundup: a new hope

Top Cybersecurity Companies for 2021

Stay Connected