Remove 2011 Remove Malware Remove System Administration
article thumbnail

How Did Authorities Identify the Alleged Lockbit Boss?

Krebs on Security

This post examines the activities of Khoroshev’s many alter egos on the cybercrime forums, and tracks the career of a gifted malware author who has written and sold malicious code for the past 14 years. 2011 said he was a system administrator and C++ coder. Dmitry Yuryevich Khoroshev. Image: treasury.gov.

article thumbnail

Stolen Nvidia certificates used to sign malware—here’s what to do

Malwarebytes

Those certificates are now being used to sign malware. From there, any cybercriminal that wanted to could grab the certificates and use them to sign their malware. The two leaked Nvidia certificates have expired, being valid from 2011 to 2014 and 2015 to 2018. Mitigation. One of them just barely (by two days).

Malware 135
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Exclusive: Lighting the Exfiltration Infrastructure of a LockBit Affiliate (and more)

Security Affairs

Our investigation revealed that this remote endpoint is associated with criminal activities dating back to 2019, indicating that these hosts were likely under the control of the same technical administration. He is a former member of the ANeSeC CTF team, one of the firsts Italian cyber wargame teams born back in 2011.

Scams 145
article thumbnail

Updates from the MaaS: new threats delivered through NullMixer

Security Affairs

A technical analysis of NullMixer malware operation revealed Italy and France are the favorite European countries from the attackers’ perspective. Executive Summary Our insights into a recent NullMixer malware operation revealed Italy and France are the favorite European countries from the opportunistic attackers’ perspective.

Malware 98
article thumbnail

Dissecting the malicious arsenal of the Makop ransomware gang

Security Affairs

The tool is basically a search engine for local and network shared files inside a Windows environment: unlike the default Windows search, it is designed to locate files and folders by filename instantly, speeding up system information discovery. Its name is YDArk and it is an open-source tool available even on GitHub ( link ).