Krebs on Security

JUNE 21, 2023

If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or “crypt” your malware so that it appears benign to antivirus and security products. This story explores the history and identity behind Cryptor[.]biz WHO RUNS CRYPTOR[.]BIZ?

Malware 237

Malware Antivirus Cybercrime Hacking 237

The Hacker News

AUGUST 15, 2023

A "staggering" 120,000 computers infected by stealer malware have credentials associated with cybercrime forums, many of them belonging to malicious actors. The findings come from Hudson Rock, which analyzed data collected from computers compromised between 2018 to 2023.

Cybercrime 90

Cybercrime Data collection Malware Software 90

SecureList

JUNE 15, 2023

Money is the root of all evil, including cybercrime. Thus, it was inevitable that malware creators would one day begin not only to distribute malicious programs themselves, but also to sell them to less technically proficient attackers, thereby lowering the threshold for entering the cybercriminal community.

Malware 140

Malware Ransomware Cybercrime Hacking 140

Krebs on Security

MAY 18, 2020

Almost daily now there is news about flaws in commercial software that lead to computers getting hacked and seeded with malware. Here’s a look at one long-lived malware vulnerability testing service that is used and run by some of the Dark Web’s top cybercriminals. is cybercrime forum.

Malware 320

Malware Cybercrime Ransomware Marketing 320

SecureWorld News

AUGUST 16, 2023

Recent research conducted by Hudson Rock has shed light on the extensive compromise of computers and the exposure of hackers within cybercrime forums. Hudson Rock's research delved deep into the underbelly of the cyber world, focusing on the top 100 cybercrime forums.

Cybercrime 73

Cybercrime Passwords Data collection Data breaches 73

CyberSecurity Insiders

JANUARY 3, 2023

The use of “wiper” malware will proliferate, erasing data from government and critical infrastructure systems as well as mobile phones. Originally intended to help companies erase data from company devices – a security technology – wiper software has morphed into wiper malware.

Technology 135

Technology Cybercrime Artificial Intelligence Government 135

Security Affairs

FEBRUARY 17, 2024

Ukrainian national Vyacheslav Igorevich Penchukov has pleaded guilty to his key roles in the Zeus and IcedID malware operations. Vyacheslav Igorevich Penchukov was a leader of two prolific malware groups that infected thousands of computers with malicious software. Since May 2019, Penchukov had a prominent role in the Zeus operation.

Malware 130

Malware Cybercrime Banking Hacking 130

Security Affairs

SEPTEMBER 18, 2021

The group is suspected to have been running successful malware campaigns for more than five years. The attackers have used off-the-shelf malware since the beginning of their operations and have never developed their own malware. SecurityAffairs – hacking, malware). ” reads the analysis published by Cisco Talos.

Malware 124

Malware Phishing DNS Cybercrime 124

Security Affairs

JANUARY 30, 2019

According to the ENISA Threat Landscape Report 2018, 2018 has brought significant changes in the techniques, tactics, and procedures associated with cybercrime organizations and nation-state actors. Nation-state hacking reduced the use of complex malware and appears to go towards low profile social engineering attacks.

Cyber threats 108

Cyber threats IoT Social Engineering Advertising 108

Krebs on Security

DECEMBER 16, 2019

Justice Department this month offered a $5 million bounty for information leading to the arrest and conviction of a Russian man indicted for allegedly orchestrating a vast, international cybercrime network that called itself “ Evil Corp ” and stole roughly $100 million from businesses and consumers. According to the U.S.

Cybercrime 240

Cybercrime Banking Small Business Accountability 240

The Security Ledger

APRIL 24, 2019

billion to Internet-enabled theft, fraud and exploitation in 2018, with business e-mail compromise scams resulting in the highest of these financial losses, according to the FBI’s Internet Crime Complaint Center (IC3). The post FBI: Cybercrime Accounted for $2.7B in Losses in 2018 appeared first on The Security Ledger.

Cybercrime 40

Cybercrime Accountability Scams Internet 40

Threatpost

MAY 10, 2019

Nigerian scam groups launched even more attacks in 2018 - and used more complex types of malware to reach more victims.

Cybercrime 72

Cybercrime Scams Malware Manufacturing 72

Security Affairs

JULY 25, 2022

Operators behind the Amadey Bot malware use the SmokeLoader to distribute a new variant via software cracks and keygen sites. Amadey Bot is a data-stealing malware that was first spotted in 2018, it also allows operators to install additional payloads. Then the malware contacts the C2 and sends system information (i.e.

Software 132

Software Malware Cybercrime VPN 132

Malwarebytes

JUNE 8, 2021

Sometimes, it’s used even if an attack being discussed is a basic phish, or maybe some very generic malware. This isn’t a good thing when tackling malware developments. ” Have you ever stopped to consider “what, exactly, are we up against” when dealing with malware? However, TrickBot is a pretty formidable opponent.

Cybercrime 110

Cybercrime Malware Banking Phishing 110

Security Affairs

JULY 13, 2024

Ukrainian national Vyacheslav Igorevich Penchukov was sentenced to prison for his role in Zeus and IcedID malware operations. DoJ sentenced the Ukrainian national Vyacheslav Igorevich Penchukov (37) to prison and ordered him to pay millions of dollars in restitution for his role in the Zeus and IcedID malware operations.

Cybercrime 128

Cybercrime Banking Malware Hacking 128

SecureList

OCTOBER 20, 2021

Having been in the field for so long, we have witnessed some major changes in the cybercrime world’s modus operandi. This report shares our insights into the Russian-speaking cybercrime world and the changes in how it operates that have happened in the past five years. Malware developers — no longer hiring.

Cybercrime 142

Cybercrime Banking Malware Ransomware 142

Security Affairs

SEPTEMBER 14, 2021

The network equipment maker MikroTik revealed that the routers were previously compromised in 2018. “As far as we have seen, these attacks use the same routers that were compromised in 2018, when MikroTik RouterOS had a vulnerability, that was quickly patched.” ” reads a post published by MikroTik in a forum post.

DDOS 116

DDOS Firewall Passwords Internet 116

Security Affairs

JULY 6, 2021

The alleged perpetrator, who turned out to be a citizen of Morocco, was arrested in May by the Moroccan police based on the data about his cybercrimes that was provided by Group-IB. Over the period from 2009 to 2018, the threat actor defaced over 130 web pages. Original post at [link]. Pierluigi Paganini.

Cybercrime 104

Cybercrime Phishing Banking Telecommunications 104

Security Affairs

NOVEMBER 3, 2022

It focused on deploying POS malware and launching targeted spear-phishing attacks against organizations worldwide. In the background, the malware disables Windows Defender, EDR, and antivirus tools before dropping the ransomware payload. ” Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Cybercrime 109

Cybercrime Ransomware Antivirus Malware 109

Security Affairs

OCTOBER 15, 2019

Chinese-speaking cybercrime gang Rocke that carried out several large-scale cryptomining campaigns, has now using news tactics to evade detection. Chinese-speaking cybercrime gang Rocke, that carried out several large-scale cryptomining campaigns in past , has now using news tactics to evade detection. Pierluigi Paganini.

Cybercrime 91

Cybercrime DNS Malware Advertising 91

Security Affairs

MAY 30, 2022

The researchers attribute the botnet to the cybercrime group Keksec which focuses on DDoS-based extortion. Experts pointed out that the malware is being actively developed. LFI CVE-2018-16763 Fuel CMS 1.4.1 LFI CVE-2018-16763 Fuel CMS 1.4.1 The botnet targets multiple architectures, including arm, bsd, x64, and x86.

Malware 145

Malware DDOS IoT Cybercrime 145

Security Affairs

JANUARY 18, 2019

First detailed in September 2018, the toolkit was observed delivering malware families ranging from ransomware to backdoors, but also fingerprinting the browser profile to identify targets of interest. Security researcher Kafeine identified that Fallout is now the second exploit kit to add CVE-2018-15982.”

Advertising 111

Advertising Ransomware Healthcare Malware 111

Security Affairs

JULY 29, 2019

According to experts at Sonicwall, scanning of random ports and the diffusion of encrypted malware are characterizing the threat landscape. In 2018, global malware volume recorded by SonicWall hit a record-breaking 10.52 ” In 2018 Sonicwall had logged more than 2.8 ” In 2018 Sonicwall had logged more than 2.8

IoT 110

IoT Encryption Malware Advertising 110

Security Affairs

FEBRUARY 23, 2022

The code of the recently-emerged Entropy ransomware has similarities with the one of the infamous Dridex malware. The recently-emerged Entropy ransomware has code similarities with the popular Dridex malware. The post Sophos linked Entropy ransomware to Dridex malware. ” reads a report published by Sophos. .

Ransomware 113

Ransomware Malware Cybercrime Banking 113

Security Affairs

NOVEMBER 9, 2022

Experts noticed that the Amadey malware is being used to deploy LockBit 3.0 Researchers from AhnLab Security Emergency Response Center (ASEC) reported that the Amadey malware is being used to deploy LockBit 3.0 Amadey Bot is a data-stealing malware that was first spotted in 2018, it also allows operators to install additional payloads.

Malware 98

Malware Ransomware Cybercrime Phishing 98

SiteLock

AUGUST 27, 2021

Malware has infected roughly a third of the world’s computers , costing companies across the globe trillions of dollars each year. Unfortunately, this rise in cybercrime shows no signs of slowing down. In 2018 alone, we saw thousands of data breaches expose more than 446 million records. A Brief History of Malware.

Malware 98

Malware Small Business Computers and Electronics Adware 98

Security Affairs

MARCH 28, 2019

The recently patched vulnerability affecting the popular archiver utility WinRAR has been exploited to deliver new malware to targeted users. The vulnerability, tracked as CVE-2018-20250, was discovered by experts at Check Point in February, it could allow an attacker to gain control of the target system. Pierluigi Paganini.

Education 108

Education Malware Advertising Hacking 108

Security Affairs

DECEMBER 13, 2021

The TinyNuke malware is back and now was used in attacks aimed at French users working in manufacturing, technology, construction, and business services. Proofpoint researchers uncovered a campaign exclusively targeting French entities and organizations with operations in France with the banking malware TinyNuke. Pierluigi Paganini.

Banking 124

Banking Malware Manufacturing Business Services 124

Security Affairs

JANUARY 22, 2023

Roaming Mantis threat actors were observed using a new variant of their mobile malware Wroba to hijack DNS settings of Wi-Fi routers. Researchers from Kaspersky observed Roaming Mantis threat actors using an updated variant of their mobile malware Wroba to compromise Wi-Fi routers and hijack DNS settings. Agent.eq (a.k.a

DNS 98

DNS Mobile Malware Hacking 98

Security Affairs

SEPTEMBER 1, 2018

Security experts from Netscout’s ASERT uncovered a new campaign carried out by the Cobalt cybercrime group. The attacks were detected on August 13, 2018, experts revealed that the hackers targeted also the NS Bank in Russia and Carpatica/Patria in Romania. A weaponized Word document and a binary with a.jpg extension.

Cybercrime 77

Cybercrime Banking Phishing Advertising 77

Security Affairs

MARCH 22, 2019

The financially-motivated hacking group FIN7 is back and used a new piece of malware in a recent hacking campaign. Security experts at Flashpoint revealed that the financially-motivated cybercrime group FIN7 (aka Anunak and Carbanak ) used new malware in a recent hacking campaign. ” continues the analysis.

Malware 109

Malware Identity Theft Cybercrime Hacking 109

Security Affairs

DECEMBER 30, 2019

The United Nations on Friday have approved a Russian-sponsored and China-backed resolution to create a new convention on cybercrime. The United Nations on Friday has approved a Russian-sponsored and China-backed resolution to create a new convention on cybercrime. It will only serve to stifle global efforts to combat cybercrime.”

Cybercrime 93

Cybercrime Surveillance Spyware Government 93

Security Affairs

MARCH 19, 2019

Security experts at Group-IB presented at Money2020 Asia the results of an interesting analysis of hi-tech crime landscape in Asia in 2018. The number of leaked cards increased in 2018 by 56%. The total underground market value of Singaporean banks’ cards compromised in 2018 is estimated at nearly $640 000.

Banking 108

Banking Government Passwords Marketing 108

Security Affairs

AUGUST 1, 2020

A 30-year-old Moldovan man pleaded guilty this week for creating the FastPOS malware that infected PoS systems worldwide. The Moldovan citizen Valerian Chiochiu (30), aka Onassis, pleaded guilty on Friday for creating the infamous FastPOS Point-of-Sale (POS) malware. and infraud.ws. Pierluigi Paganini.

Malware 114

Malware Advertising Cybercrime Hacking 114

SecureList

OCTOBER 6, 2022

During the pandemic, lockdowns forced people to stay at home and do their shopping online, which was mirrored in point-of-sale (PoS) and ATM malware activity, as certain regions saw malicious transactions drop significantly. Perpetrators continue to spread already-existing, widely used malware to attack PoS terminals and ATMs.

Malware 128

Malware Banking Software Cybercrime 128

Security Affairs

APRIL 8, 2019

Bahrain, 08.04.2019 – Group-IB, an international company that specializes in preventing cyberattacks , and NGN International, a global system integrator, analyzed cybersecurity landscape in Gulf countries in 2018. According to Group-IB’s annual Hi-Tech Crime Trends 2018 report, on average, from June 2017 to August 2018, the details of 1.8

Artificial Intelligence 97

Artificial Intelligence Government Banking Advertising 97

Security Affairs

MAY 30, 2024

ThreatFabric observed threat actors using two publicly available exploits (CVE-2018-4233, CVE-2018-4404) to deliver macOS implants. The experts noticed that a portion of the CVE-2018-4404 exploit is likely borrowed from the Metasploit framework. The flaw resides in WebKit and impacts macOS version 10.13.3

Spyware 137

Spyware Malware Surveillance Mobile 137