2014, Cryptocurrency and Passwords - Cyber Security Informer

Ukraine Nabs Suspect in 773M Password ?Megabreach?

Krebs on Security

MAY 19, 2020

In January 2019, dozens of media outlets raised the alarm about a new “megabreach” involving the release of some 773 million stolen usernames and passwords that was breathlessly labeled “the largest collection of stolen data in history.” By far the most important passwords are those protecting our email inbox(es).

Passwords

Passwords Accountability Hacking Password Management

An Interview With the Target & Home Depot Hacker

Krebs on Security

NOVEMBER 14, 2024

In December 2023, KrebsOnSecurity revealed the real-life identity of Rescator , the nickname used by a Russian cybercriminal who sold more than 100 million payment cards stolen from Target and Home Depot between 2013 and 2014. Golubov was arrested in Ukraine in 2005 as part of a joint investigation with multiple U.S. Vrublevsky Sr.

Retail

Retail Advertising Cryptocurrency Marketing

Hackers stole €1.2m worth of cryptocurrency from 2gether

Security Affairs

AUGUST 3, 2020

million worth of cryptocurrency from cryptocurrency investment accounts. . Hackers stole roughly €1.183 million worth of cryptocurrency from investment accounts of 2gether, 26.79% of overall funds stored by the accounts. Estrada urges users to change their passwords because they have been compromised in the attack. . .

Cryptocurrency

Cryptocurrency Accountability Hacking Advertising

Will cryptocurrency mining soon saturate AWS, Microsoft Azure and Google Cloud?

The Last Watchdog

JUNE 20, 2018

Cryptojacking, as defined by the Federal Trade Commission , is the use of JavaScript code to capture cryptocurrencies in users’ browsers without asking permission. LW: So cryptocurrency got discovered as the ideal payment vehicle for ransomware. In 2011, total cryptocurrency value was about $10 billion. It was insane.

Cryptocurrency

Cryptocurrency Ransomware Passwords Malware

CryptoCore hacker group stole over $200M from cryptocurrency exchanges

Security Affairs

JUNE 24, 2020

The CryptoCore hacker group that is believed to be operating out of Eastern Europe has stolen around $200 million from online cryptocurrency exchanges. Experts from ClearSky states that a hacker group tracked as CryptoCore, which is believed to be operating out of Eastern Europe, has stolen around $200 million from cryptocurrency exchanges.

Cryptocurrency

Cryptocurrency Phishing Accountability Passwords

Hackers target Docker servers to deploy the new Kinsing cryptocurrency miner

Security Affairs

APRIL 6, 2020

Cloud security firm Aqua Security uncovered a hacking campaign carried out during the past months, hackers are scanning the Internet for Docker servers running API ports exposed without a password. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. “The spre. Pierluigi Paganini.

Cryptocurrency

Cryptocurrency Malware Advertising VPN

Someone emptied a $1 billion BitCoin wallet ahead of Presidential Election

Security Affairs

NOVEMBER 4, 2020

Yesterday almost $1 billion worth of cryptocurrency contained in a password-protected BitCoin wallet was moved to another wallet. Someone has transferred almost $1 billion worth of cryptocurrency contained in a password-protected BitCoin wallet to another wallet.

Cryptocurrency

Cryptocurrency Passwords Advertising Hacking

Happy 13th Birthday, KrebsOnSecurity!

Krebs on Security

DECEMBER 29, 2022

You just knew 2022 was going to be The Year of Crypto Grift when two of the world’s most popular antivirus makers — Norton and Avira — kicked things off by installing cryptocurrency mining programs on customer computers. The now-defunct and always phony cryptocurrency trading platform xtb-market[.]com,

Cryptocurrency

Cryptocurrency Cybercrime Computers and Electronics Scams

Poloniex forces password reset following a data leak

Security Affairs

JANUARY 2, 2020

The Poloniex cryptocurrency exchange is forcing users to reset their passwords following a data leak. . Another bad news for the community of the virtual currencies communities, the Poloniex cryptocurrency exchange has forced its users to reset their passwords following a data leak. . This is a real email!

Passwords

Passwords Cryptocurrency Data breaches Advertising

Xwo Malware scans the Internet for Exposed Services, Default Passwords

Security Affairs

APRIL 5, 2019

Researchers at AT&T Alien Labs have spotted a malware called Xwo that is actively scanning the Internet for exposed web services and default passwords. Experts at AT&T Alien Labs discovered a new piece of malware called Xwo that is actively scanning the Internet for exposed web services and default passwords.

Internet

Internet Internet Passwords Malware

Two men arrested for stealing $550,000 in cryptocurrency with Sim Swapping

Security Affairs

NOVEMBER 15, 2019

On Thursday, US authorities arrested two crooks charging them with stealing $550,000 in cryptocurrency from at least 10 victims using SIM swapping. American law enforcement has declared war to sim swapping scammers and announced the arrest of two individuals for stealing $550,000 in Cryptocurrency. In May, the U.S. Pierluigi Paganini.

Cryptocurrency

Cryptocurrency Identity Theft Accountability Media

CVE-2019-11707 Firefox Zero-Day exploited to infect employees at cryptocurrency exchanges

Security Affairs

JUNE 20, 2019

Researchers discovered that recently patched Firefox zero-day (CVE-2019-11707) has been exploited to deliver Windows and Mac malware to cryptocurrency exchanges. According to Martin, other cryptocurrency organizations were hit by similar attacks. “ ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Cryptocurrency

Cryptocurrency Malware Advertising Hacking

New XBash malware combines features from ransomware, cryptocurrency miners, botnets, and worms

Security Affairs

SEPTEMBER 17, 2018

Palo Alto Network researchers discovered a new malware, tracked as XBash, that combines features from ransomware, cryptocurrency miners, botnets, and worms. The malicious code combines features from different families of malware such as ransomware, cryptocurrency miners, botnets, and worms. Pierluigi Paganini.

Cryptocurrency

Cryptocurrency Malware Ransomware Cybercrime

Group-IB and CryptoIns introduce the world’s first insurance against cyber threats for cryptocurrency exchanges

Security Affairs

NOVEMBER 6, 2018

Group-IB and Swiss insurance broker ASPIS that owns CryptoIns project, have developed the world’s first scoring model for assessing cryptocurrency exchanges. Based on the risk score, CryptoIns experts have calculated insurance rates for cryptocurrency exchange users who can now insure their accounts against cyber threats.

Insurance

Insurance Cryptocurrency Cyber threats Marketing

Cryptocurrency Platform Atlas Quantum hacked, 260k users impacted

Security Affairs

AUGUST 28, 2018

The Cryptocurrency Platform Atlas Quantum suffered a security breach, information belonging to more than 260,000 users was stolen by hackers. Hackers stole information related to over 260,000 users of the Cryptocurrency Platform Atlas Quantum. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Cryptocurrency

Cryptocurrency Hacking Data breaches Passwords

Attackers use a new CoronaVirus Ransomware to cover Kpot Infostealer infections

Security Affairs

MARCH 17, 2020

The website was distributing a file named WSHSetup.exe, it is the downloader for both the CoronaVirus Ransomware and the Kpot password-stealer. exe,’ which is the Kpot password-stealing Trojan. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. One of these files is, ‘file1.exe,’

Ransomware

Ransomware Advertising Cryptocurrency Passwords

Group-IB experts record a massive surge of user data leaks form cryptocurrency exchanges

Security Affairs

AUGUST 7, 2018

Group-IB researchers have investigated user data leaks from cryptocurrency exchanges and has analyzed the nature of these incidents. In 2017, when cryptocurrencies were gaining momentum, their record-breaking capitalization and a spike in Bitcoin’s exchange rate led to dozens of attacks on cryptocurrency services.

Cryptocurrency

Cryptocurrency Passwords Authentication Accountability

New MrbMiner malware infected thousands of MSSQL DBs

Security Affairs

SEPTEMBER 16, 2020

Hackers blasted in through the weak password of the SQL Server server. Tencent researchers observed the use of an account with the username “ Default ” and a password of “ @fg125kjnhn987.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Malware

Malware Advertising Cryptocurrency Accountability

Modular Cryptojacking malware uses worm abilities to spread

Security Affairs

MARCH 13, 2019

Security experts at 360 Total Security have discovered a new modular cryptocurrency malware that implements worm capabilities to spread. The Monero cryptocurrency miner uses a worm module (Systemctl.exe) dubbed PsMiner written in the Go language which includes exploit modules used to hack into vulnerable servers.

Malware

Malware Cryptocurrency Advertising Passwords

Prometei, a new modular crypto-mining botnet exploits Windows SMB

Security Affairs

JULY 22, 2020

move laterally across systems while covertly mining for cryptocurrency. . The botnet used a modified version of Mimikatz to steal credentials and any other passwords of the compromised network, then send them back to the C2 for reuse. This latest function is typically used to search for Bitcoin cryptocurrency wallets.

Cryptocurrency

Cryptocurrency Advertising Passwords Encryption

STOP ransomware encrypts files and steals victim’s data

Security Affairs

MARCH 11, 2019

Experts observed the STOP ransomware installing the Azorult password-stealing Trojan to steal account credentials, cryptocurrency wallets, and more. The STOP ransomware made the headlines because it is installing password-stealing Trojans on the victims’ machines. ” reads a blog post published by Bleepingcomputer.

Encryption

Encryption Ransomware Cryptocurrency Passwords

New strain of Clipsa malware launches brute-force attacks on WordPress sites

Security Affairs

AUGUST 8, 2019

Avast spotted a new strain of Clipsa malware that is used to mine and steal cryptocurrencies along with carrying out brute-force attacks on WordPress sites. Clipsa is a malware that is well known to cyber security community is able to steal cryptocurrency via clipoard hijacking and mine cryptocurrency after installing a miner. .

Malware

Malware Cryptocurrency Passwords Internet

Phone Company Insiders Helped Global Sim-Swapping Gang Steal Millions in Cryptocurrency

Security Boulevard

FEBRUARY 12, 2021

This allowed them to access many apps and ask for password resets, which often confirm the request is intended for the correct user by sending a "Two Factor Authentication" request in the form of an SMS message. Some crypto currency exchanges use an even stronger method, of requiring confirmation both by an SMS to the phone and by email.

Cryptocurrency

Cryptocurrency Accountability Scams Social Engineering

Crooks use weaponized coronavirus map to deliver malware

Security Affairs

MARCH 12, 2020

“Shai Alfasi, found and analyzed this malware that had weaponized coronavirus map applications in order to steal credentials such as user names, passwords, credit card numbers and other sensitive information that is stored in the users’ browser.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware

Malware Advertising Passwords Cryptocurrency

Raccoon Malware, a success case in the cybercrime ecosystem

Security Affairs

FEBRUARY 24, 2020

The malware is cheap compared to similar threats, it is able to steal sensitive data from about 60 applications, including (browsers, cryptocurrency wallets, email and FTP clients). And this goes beyond usernames and passwords to information that can get them immediate financial gain like credit card information and cryptocurrency wallets.”

Cybercrime

Cybercrime Malware Cryptocurrency Advertising

Experts reported the hack of several supercomputers across Europe

Security Affairs

MAY 17, 2020

Organizations managing supercomputers across Europe reported their systems have been compromised to deploy cryptocurrency miners. Crooks have compromised supercomputers across Europe to deploy cryptocurrency miners, incidents have been already reported in the UK, Germany, and Switzerland.

Hacking

Hacking Cryptocurrency Advertising Malware

Cryptojacking campaign uses Shodan to scan for Docker hosts to hack

Security Affairs

JUNE 1, 2019

As with all cryptocurrency miners, it uses the resources of the host system to mine cryptocurrency (Monero in this instance) without the owner’s knowledge.” “An interesting characteristic of the attack is that it uses a cryptocurrency miner that it is being built from scratch instead of an existing one.”

Hacking

Hacking Cryptocurrency Advertising Accountability

InnfiRAT Trojan steals funds from Bitcoin and Litecoin wallets

Security Affairs

SEPTEMBER 14, 2019

Researchers at Z s caler have spotted a new malware dubbed InnfiRAT that infects victims’ systems to steal cryptocurrency wallet data. . Researchers at Z s caler have discovered a new Trojan dubbed InnfiRAT that implements many standard Trojan capabilities along with the ability to steal cryptocurrency wallet data. .

Cryptocurrency

Cryptocurrency Malware Advertising Antivirus

FBI shuts down the Russian-based hacker platform DEER.IO

Security Affairs

MARCH 26, 2020

platform, an automated set-up wizard allowed the owner to upload the products and services offered through the shop and configure the payment process via cryptocurrency wallets. store used by hackers to offer for sale thousands of compromised accounts, including gamer accounts and PII files containing user names, passwords, U.S.

Cybercrime

Cybercrime Advertising Hacking Accountability

North Korea-linked Lazarus APT targets the COVID-19 research

Security Affairs

DECEMBER 25, 2020

The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. According to a report published by Kaspersky Lab in January 2020, in the two years the North Korea-linked APT group has continued to target cryptocurrency exchanges evolving its TTPs.

Cryptocurrency

Cryptocurrency Malware Hacking Phishing

Hacker will compensate victims with $1.1 million Bitcoin illegally earned

Security Affairs

AUGUST 24, 2019

. “He would then convert the profit made from selling financial details online into cryptocurrency , and store these in multiple accounts.” million in cryptocurrency stored in the wallets belonging to West, but the fluctuating value of Bitcoin and other digital currencies brought the seized funds down to £922, 978.14.

Cryptocurrency

Cryptocurrency Scams Cybercrime Phishing

Malware campaign uses multiple propagation methods, including EternalBlue

Security Affairs

APRIL 12, 2019

Hackers are using the EternalBlue exploit and leveraging advantage of Living off the Land ( LotL ) obfuscated PowerShell-based scripts to deliver malware and a Monero cryptocurrency. “The malware also uses the pass the hash method, wherein it authenticates itself to remote servers using the user’s hashed password.

Malware

Malware Cryptocurrency Passwords Advertising

Evolution of threat landscape for IoT devices – H1 2018

Security Affairs

SEPTEMBER 19, 2018

In the first half of 2018, researchers at Kaspersky Lab said that the most popular attack vector against IoT devices remains cracking Telnet passwords (75,40%), followed by cracking SSH passwords (11,59%). Top 10 countries from which Kaspersky traps were hit by Telnet password attacks is led by Brazil, China, and Japan.

IoT

IoT Passwords Malware Advertising

Bitcoin scammers phish for wallet recovery codes on Twitter

Malwarebytes

APRIL 28, 2021

We first observed the technique used on gamers back in 2014, and it eventually branched out into bank phishing. Trust Wallet is an app used to send, receive, and store Bitcoin along with other cryptocurrencies, including NFTs. No company worth bothering with will ever ask for your password so don’t give them out.

Phishing

Phishing Cryptocurrency Accountability Scams

Proposed government Coronavirus contact tracing app leaked data

Security Affairs

APRIL 20, 2020

” The app was found containing close to 200 users’ records, including full names, email addresses, and hashed user passwords. . Experts also made other reflections on the use of the blockchain of the corona app, that leverages the blockchain of Digibyte, a cryptocurrency that has value just like Bitcoin. .

Government

Government Data breaches Mobile Advertising

Vollgar botnet has managed to infect around 3k MSSQL DB servers daily

Security Affairs

APRIL 1, 2020

The botnet is used to launch brute-force attacks against MSSQL databases to take over servers and install Monero and Vollar cryptocurrency miners. These machines possibly store personal information such as usernames , passwords, credit card numbers, etc., Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Advertising

Advertising Telecommunications Passwords Malware

Security Affairs newsletter Round 260

Security Affairs

APRIL 19, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Scams

Scams Phishing Advertising Malware

XMR crypto miner switches from arm IoT devices to X86/I686 Intel servers

Security Affairs

SEPTEMBER 2, 2019

Akamai researcher Larry Cashdollar reported that a cryptocurrency miner that previously hit only Arm-powered IoT devices it now targeting Intel systems. cryptocurrency miner in either x86 32bit or 64bit format,” continues the expert. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT

IoT Cryptocurrency Malware Advertising

Masad Stealer Malware exfiltrates data via Telegram

Security Affairs

SEPTEMBER 29, 2019

Experts at Juniper Threat Labs have discovered a new piece of malware dubbed Masad Stealer that exfiltrate s cryptocurrency wallet files via Telegram. The malware could steals files, browser information, and cryptocurrency wallet data and send them to the botmasters using a Telegram. ” reads the analysis published by the experts.

Malware

Malware Cryptocurrency Advertising Marketing

Upcoming Ukraine elections in the crosshairs of hackers

Security Affairs

JANUARY 26, 2019

. “Serhiy Demedyuk told Reuters the attackers were using virus-infected greeting cards, shopping invitations, offers for software updates and other malicious “phishing” material intended to steal passwords and personal information.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Banking

Banking Advertising Phishing Cryptocurrency

Security Service of Ukraine arrested the popular hacker Sanix who sold billions of stolen credentials

Security Affairs

MAY 20, 2020

Early last year, it caught the attention of global cybersecurity experts by posting on one of the forums the sale of a database with 773 million e-mail addresses and 21 million unique passwords.” It has been estimated that the man amassed billions of unique username-password combinations. Pierluigi Paganini.

Cybercrime

Cybercrime Passwords Advertising Hacking

Beapy Cryptojacking campaign leverages EternalBlue exploit to spread

Security Affairs

APRIL 26, 2019

Security experts at Symantec have uncovered a new cryptojacking campaign tracked as Beapy that leverages the NSA’s DoublePulsar backdoor and the EternalBlue exploit to spread a cryptocurrency malware on enterprise networks in Asia. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. “ Beapy ( W32.Beapy

Cryptocurrency

Cryptocurrency Malware Advertising Phishing

5 Ways to Protect Yourself from IP Address Hacking

Security Affairs

AUGUST 20, 2019

Use Strong Passwords. Most people are comfortable with the default password of their internet connecting device and assume it to be secure. In reality, default passwords are the easiest to decode and are more vulnerable to theft than the customized ones. It is recommended to keep changing your device password every now and then.

Hacking

Hacking VPN Internet Internet

A flaw in MySQL could allow rogue servers to steal files from clients

Security Affairs

JANUARY 21, 2019

The attackers coul d exploit the flaw to steal cryptocurrency wallets and SSH keys , According to the researchers Willem de Groot , the cybercrime gang known as Magecart exploited the flaw to inject into shopping sites software skimmer in the October 2018 attacks. . Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Passwords

Passwords Advertising Cryptocurrency Cybercrime

Ukraine Nabs Suspect in 773M Password ?Megabreach?

An Interview With the Target & Home Depot Hacker

Trending Sources

Hackers stole €1.2m worth of cryptocurrency from 2gether

Will cryptocurrency mining soon saturate AWS, Microsoft Azure and Google Cloud?

CryptoCore hacker group stole over $200M from cryptocurrency exchanges

Hackers target Docker servers to deploy the new Kinsing cryptocurrency miner

Someone emptied a $1 billion BitCoin wallet ahead of Presidential Election

Happy 13th Birthday, KrebsOnSecurity!

Poloniex forces password reset following a data leak

Xwo Malware scans the Internet for Exposed Services, Default Passwords

Two men arrested for stealing $550,000 in cryptocurrency with Sim Swapping

CVE-2019-11707 Firefox Zero-Day exploited to infect employees at cryptocurrency exchanges

New XBash malware combines features from ransomware, cryptocurrency miners, botnets, and worms

Group-IB and CryptoIns introduce the world’s first insurance against cyber threats for cryptocurrency exchanges

Cryptocurrency Platform Atlas Quantum hacked, 260k users impacted

Attackers use a new CoronaVirus Ransomware to cover Kpot Infostealer infections

Group-IB experts record a massive surge of user data leaks form cryptocurrency exchanges

New MrbMiner malware infected thousands of MSSQL DBs

Modular Cryptojacking malware uses worm abilities to spread

Prometei, a new modular crypto-mining botnet exploits Windows SMB

STOP ransomware encrypts files and steals victim’s data

New strain of Clipsa malware launches brute-force attacks on WordPress sites

Phone Company Insiders Helped Global Sim-Swapping Gang Steal Millions in Cryptocurrency

Crooks use weaponized coronavirus map to deliver malware

Raccoon Malware, a success case in the cybercrime ecosystem

Experts reported the hack of several supercomputers across Europe

Cryptojacking campaign uses Shodan to scan for Docker hosts to hack

InnfiRAT Trojan steals funds from Bitcoin and Litecoin wallets

FBI shuts down the Russian-based hacker platform DEER.IO

North Korea-linked Lazarus APT targets the COVID-19 research

Hacker will compensate victims with $1.1 million Bitcoin illegally earned

Malware campaign uses multiple propagation methods, including EternalBlue

Evolution of threat landscape for IoT devices – H1 2018

Bitcoin scammers phish for wallet recovery codes on Twitter

Proposed government Coronavirus contact tracing app leaked data

Vollgar botnet has managed to infect around 3k MSSQL DB servers daily

Security Affairs newsletter Round 260

XMR crypto miner switches from arm IoT devices to X86/I686 Intel servers

Masad Stealer Malware exfiltrates data via Telegram

Upcoming Ukraine elections in the crosshairs of hackers

Security Service of Ukraine arrested the popular hacker Sanix who sold billions of stolen credentials

Beapy Cryptojacking campaign leverages EternalBlue exploit to spread

5 Ways to Protect Yourself from IP Address Hacking

A flaw in MySQL could allow rogue servers to steal files from clients

Stay Connected