Security Affairs

NOVEMBER 22, 2019

The Russian hacker who created and used Neverquest banking malware has finally been sentenced to 4 years in prison by a US District Court. The Russian hacker was suspected of being the author of the Neverquest malware , aka Vawtrak malware, and the person who administrated the control infrastructure. Pierluigi Paganini.

Banking 133

Banking Malware Advertising Passwords 133

Krebs on Security

JUNE 25, 2019

” What follows is a deep dive into the identity of that Chinese vendor, which appears to have a long and storied history of pushing the envelope on mobile malware. com — were implicated in propagating the Triada malware. com 2012-11-26 ALIBABA CLOUD COMPUTING (BEIJING) CO., “Yehuo” ( ? ? ) com , buydudu[.]com

Mobile 275

Mobile Technology Manufacturing Malware 275

SecureList

OCTOBER 15, 2024

SideWinder, aka T-APT-04 or RattleSnake, is one of the most prolific APT groups that began its activities in 2012 and was first publicly mentioned by us in 2018. The malware uses different strings to load libraries and functions required for execution. In particular, Avast and AVG solutions are of interest to the malware.

Malware 143

Malware Encryption Architecture Phishing 143

The Last Watchdog

FEBRUARY 3, 2020

Samide and other experts say what’s coming next is very likely to be a series of varied attacks as combatants on all sides leverage footholds gained from ongoing intelligence gathering and malware planting. It describes malware being iterated by hackers who’ve clearly been doing this for a long while.

Energy and Utilities 330

Energy and Utilities Malware Hacking Passwords 330

SecureList

NOVEMBER 29, 2024

According to the UK’s National Crime Agency (NCA), this individual also was behind the infamous Reveton ransomware Trojan spread in 2012 — 2014. Kaspersky solutions worldwide detected this type of malware on 297,485 unique user devices. This malware also possessed the capability to install a backdoor on compromised systems.

Mobile 106

Mobile Adware Ransomware Malware 106

Security Affairs

JULY 11, 2020

The Russian hacker Yevgeniy Nikulin found guilty for LinkedIn, Dropbox, and Formspring data breach back in 2012 and the sale of their users’ data. A jury found Russian hacker Yevgeniy Nikulin guilty for the hack of LinkedIn, Dropbox, and Formspring back in 2012 and for the sale of the stolen data on cybercrime black marketplaces.

Hacking 116

Hacking Cybercrime Data breaches Advertising 116

Krebs on Security

FEBRUARY 9, 2023

Initially a stealthy trojan horse program delivered via email and used to steal passwords, Trickbot evolved into “a highly modular malware suite that provides the Trickbot Group with the ability to conduct a variety of illegal cyber activities, including ransomware attacks,” the Treasury Department said. The Forbes.ru

Hacking 238

Hacking Cybercrime Ransomware Government 238

Security Affairs

FEBRUARY 21, 2024

Mustang Panda has been active since at least 2012, it targeted American and European entities such as government organizations, think tanks, NGOs , and even Catholic organizations at the Vatican. Upon opening the reports, the infection process starts leading to the deployment of malware on the victim’s system.

Malware 141

Malware Phishing Government Passwords 141

Malwarebytes

JANUARY 16, 2024

The university was notified by an undisclosed third party, who provided information to help the team find and identify the malware. Together, CWRU and the FBI were able to identify that an IP address with which the malware was communicating had also been used to access the alumni email account of a man called Phillip Durachinsky.

Malware 107

Malware Passwords Identity Theft Data collection 107

Security Affairs

SEPTEMBER 30, 2020

Russian national Yevgeniy Aleksandrovich Nikulin was sentenced to 88 months in prison for hacking LinkedIn, Dropbox, and Formspring in 2012. The Russian national Yevgeniy Aleksandrovich Nikulin was sentenced to 88 months in prison in the United States for hacking LinkedIn, Dropbox, and Formspring in 2012. Source: US Defense Watch.com.

Identity Theft 111

Identity Theft Cybercrime Advertising Hacking 111

Security Affairs

MAY 15, 2020

Data appears to come from past data breaches, the oldest one dates back as 2012 while the latest one dates April 2020. cyber #cybersecurity @BleepinComputer #malware pic.twitter.com/CtnppIyhxn — Cyble (@AuCyble) May 14, 2020. million April 2018 Netlog.com (Twoo.com) 57 million November 2012 Dubsmash.com Phone numbers 47.1

Data breaches 133

Data breaches Advertising Passwords Hacking 133

Krebs on Security

JUNE 25, 2019

” What follows is a deep dive into the identity of that Chinese vendor, which appears to have a long and storied history of pushing the envelope on mobile malware. com — were implicated in propagating the Triada malware. com 2012-11-26 ALIBABA CLOUD COMPUTING (BEIJING) CO., “Yehuo” ( ? ? ) com , buydudu[.]com

Mobile 186

Mobile Technology Manufacturing Software 186

Malwarebytes

OCTOBER 3, 2022

I have an embarrassing confession to make: I reuse passwords. I am not a heavy re-user, nothing crazy, I use a password manager to handle most of my credentials but I still reuse the odd password from time to time. It seems obvious and important therefore to tell users not to reuse passwords.

Passwords 98

Passwords Password Management Accountability Internet 98

Krebs on Security

MAY 13, 2024

This post examines the activities of Khoroshev’s many alter egos on the cybercrime forums, and tracks the career of a gifted malware author who has written and sold malicious code for the past 14 years. used the password 225948. Dmitry Yuryevich Khoroshev. Image: treasury.gov. On May 7, the U.S. and admin@stairwell.ru

Ransomware 303

Ransomware Cybercrime Accountability Malware 303

Security Affairs

JUNE 21, 2020

The United States has deported the author of NeverQuest banking malware, the computer programmer Stanislav Vitaliyevich Lisov to Russia. . The Russian hacker was suspected of being the author of the Neverquest malware , aka Vawtrak malware, and the person who administrated the control infrastructure. Pierluigi Paganini.

Banking 131

Banking Malware Advertising Hacking 131

Krebs on Security

JANUARY 8, 2024

As detailed in my 2014 book, Spam Nation , Spamdot was home to crooks controlling some of the world’s nastiest botnets, global malware contagions that went by exotic names like Rustock , Cutwail , Mega-D , Festi , Waledac , and Grum. But the identity and whereabouts of Icamis have remained a mystery to this author until recently.

Cybercrime 269

Cybercrime Banking Computers and Electronics DDOS 269

The Last Watchdog

JUNE 21, 2020

The Archiveus Trojan from 2006 was the first one to use RSA cipher, but it was reminiscent of a proof of concept and used a static 30-digit decryption password that was shortly cracked. FBI spoofs 2012 – 2013. It surfaced in November 2012 and was making thousands of victims a day. None of these early threats went pro.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

SecureWorld News

MARCH 24, 2022

What was compromised: names, email addresses, and passwords. A majority of the passwords were protected by the weak SHA-1 hashing algorithm, which resulted in 99% of the credentials being posted by LeakSource.com in 2016. They then gained access to a customer service database and uploaded malware to capture sensitive information.

Data breaches 129

Data breaches Passwords Accountability Government 129

CyberSecurity Insiders

DECEMBER 23, 2021

The announcement was made as the said guy was found guilty of stealing over 100 million password credentials belonging to users related to LinkedIn, Dropbox and Automatic. As per the latest court briefing, Nikulin gained fraudulent access to LinkedIn database to get the admin password of LinkedIn Engineer Nick Berry.

Passwords 103

Passwords Engineering Malware Cybersecurity 103

Security Affairs

DECEMBER 29, 2023

On Christmas Eve, Resecurity’s HUNTER unit spotted the author of perspective password stealer Meduza has released a new version (2.2). Presently, Meduza password stealer supports Windows Server 2012/2016/2019/2022 and Windows 10/11.

Password Management 143

Password Management Cryptocurrency Passwords Authentication 143

Krebs on Security

JULY 18, 2022

re network uses at least two free VPN services to lure its users to install a malware-like software that achieves persistence on the user’s computer,” the researchers wrote. The website’s copyright suggests the ExE Bucks affiliate program dates back to 2012. 2022 closure of LuxSocks , another malware-based proxy network.

VPN 352

VPN Computers and Electronics Antivirus Software 352

CyberSecurity Insiders

FEBRUARY 13, 2022

A report published by Sentinel One states that a hacking group named “Modified Elephant” was seen carrying out such criminal activities since 2012 and has started the game of planting criminal evidence on devices of innocent online users. Then how to keep such cyber crimes at bay?

Surveillance 94

Surveillance Passwords Malware Hacking 94

Security Affairs

JANUARY 4, 2021

The US authorities also accuse Assange of having conspired with Army intelligence analyst Chelsea Manning to crack a password hash for an Army computer to access classified documents that were later published on the WikiLeaks website.

Government 142

Government Risk Passwords Hacking 142

Security Affairs

JUNE 24, 2019

US DHS CISA agency warns of increased cyber-activity from Iran aimed at spreading data-wiping malware through password spraying , credential stuffing , and spear-phishing. Want to know more about password spraying and how to stop it? The attacks are targeting U.S. link] [link] — Chris Krebs (@CISAKrebs) June 22, 2019. .

Backups 109

Backups Advertising Passwords Accountability 109

Security Affairs

FEBRUARY 26, 2019

The Russian hacker Stanislav Vitaliyevich Lisov pleads guilty to bank fraud after running a botnet that spread ‘NeverQuest’ malware for three years. The Russian hacker was suspected of being the author of the Neverquest malware , aka Vawtrak malware, and the person who administrated the control infrastructure.

Banking 103

Banking Malware Advertising Accountability 103

Security Affairs

AUGUST 21, 2019

The APT41 has been active since at least 2012, it was involved in both state-sponsored espionage campaigns and financially-motivated attacks since 2014. Unlike other China-based actors, the group used custom malware in cyber espionage operations, experts observed 46 different malware families and tools in APT41 campaigns.

Malware 109

Malware Telecommunications Advertising Healthcare 109

Security Affairs

MARCH 27, 2023

Earth Preta, also known as “RedDelta” or “Bronze President,” has been active since at least 2012, it targeted American and European entities such as government organizations, think tanks, NGOs , and even Catholic organizations at the Vatican. The link points to a password-protected archive, the document also includes the password.

Malware 98

Malware Phishing Passwords Government 98

SecureList

MAY 6, 2024

A significant share of scam, phishing and malware attacks is about money. PC malware The number of users affected by financial malware for PCs dropped by 11% from 2022. Ramnit and Zbot were the prevalent malware families, together targeting over 50% of affected users. Money is what always attracts cybercriminals.

Phishing 135

Phishing Banking Mobile Scams 135

SecureWorld News

DECEMBER 29, 2020

What was compromised: names, email addresses, and passwords. A majority of the passwords were protected by the weak SHA-1 hashing algorithm, which resulted in 99% of the credentials being posted by LeakSource.com in 2016. They then gained access to a customer service database and uploaded malware to capture sensitive information.

Data breaches 98

Data breaches Passwords Accountability Government 98

Security Affairs

APRIL 6, 2023

Google experts are tracking ARCHIPELAGO since 2012 and have observed the group targeting individuals with expertise in North Korea policy issues. The fake browser window displays a URL and a login prompt designed to trick recipients into providing their password to a legitimate login page.

Phishing 98

Phishing Media Passwords Malware 98

Malwarebytes

FEBRUARY 3, 2021

Modern browsers include synchronization features (like Google Chrome’s Sync ) so that all your browsers, on all your devices, share the same tabs, passwords, plugins, and other features. Browser syncing was introduced in 2012 by Chrome with the goal of letting you continue at home where you left off at work, and vice versa.

Risk 127

Risk Passwords Adware Accountability 127

Security Affairs

JUNE 20, 2019

Researchers discovered that recently patched Firefox zero-day (CVE-2019-11707) has been exploited to deliver Windows and Mac malware to cryptocurrency exchanges. The popular malware researcher Vitali Kremez published an interesting analysis of macOS and Windows malware delivered through the exploitation of the CVE-2019-11707 flaw.

Cryptocurrency 105

Cryptocurrency Malware Advertising Hacking 105

Security Affairs

APRIL 28, 2021

Legitimate software abused by threat actors are: • ARO 2012 Tutorial 8.0.12.0 • VirusScan On-Demand Scan Task Properties (McAfee, Inc.) • Sandboxie COM Services (BITS) 3.55.06 (SANDBOXIE L.T.D) • Outlook Item Finder 11.0.5510 (Microsoft Corporation) • Mobile Popup Application 16.00 (Quick Heal Technologies (P) Ltd.). .”

Backups 104

Backups Malware Mobile Passwords 104

Security Affairs

MARCH 5, 2019

APT40 leverages phishing messages using weaponized documents that are able to trigger vulnerabilities within days of their disclosure, Some of the flaws exploited in past attacks are CVE-2012-0158 , CVE-2017-0199 , CVE-2017-8759 , and CVE-2017-11882 ). . The attackers also use TCP ports 80 and 443 to masquerade malicious network traffic.

Advertising 108

Advertising Technology Government Phishing 108

CyberSecurity Insiders

AUGUST 24, 2022

And security researchers from ESET have discovered that the malware was uploaded to the VirusTotal operated system in Brazil and was targeted by a social engineering attack. North Korea’s Lazarus Group has reportedly designed new ransomware that is being targeted at M1 processors popularly running on Macs and Intel systems.

Ransomware 107

Ransomware Digital transformation Encryption Social Engineering 107

SecureList

NOVEMBER 1, 2022

Since the malware in this incident was compiled on April 15, 2021, and compilation dates are the same for all known samples, this incident is likely to be the first involving Maui ransomware. This report included technical details of malware used in the campaign, such as Ecipekac, SodaMaster, P8RAT, FYAnti and QuasarRAT.

Malware 145

Malware Ransomware Spyware Encryption 145

Security Affairs

JUNE 23, 2022

China-linked APT group Tropic Trooper has been spotted previously undocumented malware written in Nim language. SMS Bomber allows a user to flood the victim’s phone number with a very long list of pre-baked HTTP requests asking for one-time codes, verification messages, password recoveries and the like.

Hacking 123

Hacking Wireless Encryption Passwords 123