Security Affairs

FEBRUARY 24, 2023

Researchers warn of an evasive cryptojacking malware targeting macOS which spreads through pirated applications Jamf Threat Labs researchers reported that an evasive cryptojacking malware targeting macOS was spotted spreading under the guise of the Apple-developed video editing software, Final Cut Pro. ” concludes the report.

Cryptocurrency 98

Cryptocurrency Malware Software Passwords 98

Krebs on Security

MAY 13, 2024

This post examines the activities of Khoroshev’s many alter egos on the cybercrime forums, and tracks the career of a gifted malware author who has written and sold malicious code for the past 14 years. This user said they specialize in developing malware, creating computer worms, and crafting new ways to hijack Web browsers.

Ransomware 303

Ransomware Cybercrime Accountability Malware 303

Security Affairs

OCTOBER 20, 2021

A Cookie Theft malware was employed in phishing attacks against YouTube creators, Google’s Threat Analysis Group (TAG) warns. Financially motivated threat actors are using Cookie Theft malware in phishing attacks against YouTube creators since late 2019. The hackers used fake collaboration opportunities (i.e.

Accountability 144

Accountability Malware Phishing Social Engineering 144

Security Affairs

JANUARY 9, 2020

In the last 18 months, North Korea-linked Lazarus APT group has continued to target cryptocurrency exchanges evolving its TTPs. Kaspersky researchers have analyzed the attacks carried out by North Korea-linked Lazarus APT group in the past 18 months and confirmed their interest in banks and cryptocurrency exchanges.

Cryptocurrency 93

Cryptocurrency Malware Advertising Encryption 93

Security Affairs

FEBRUARY 24, 2020

Raccoon Malware is a recently discovered infostealer that can extract sensitive data from about 60 applications on a targeted system. Racoon malware , Legion, Mohazo, and Racealer, is an infostealer that recently appeared in the threat landscape that is advertised in hacking forums. ” reads the report published by CyberArk.

Cybercrime 129

Cybercrime Malware Cryptocurrency Advertising 129

SecureList

MARCH 1, 2021

The mobile malware Trojan-Ransom.AndroidOS.Agent.aq If you look at the dynamics of attacks on mobile users in 2020, you will see that the average monthly number of attacks decreased by 865,000 compared to 2019. Number of attacks on mobile users in 2019 and 2020 ( download ). apk , tousanticovid.apk , covidMappia_v1.0.3.apk

Mobile 145

Mobile Malware Adware Banking 145

Security Affairs

NOVEMBER 19, 2024

Ptitsyn and his conspirators used a ransomware-as-a-service (RaaS) model to distribute their malware to a network of affiliates. Affiliates paid fees to administrators like Ptitsyn for decryption keys, with payments routed via unique cryptocurrency wallets from 2021–2024.

Cybercrime 113

Cybercrime Ransomware Healthcare Education 113

Krebs on Security

APRIL 7, 2022

The DOJ said it did not seek to disinfect compromised devices; instead, it obtained court orders to remove the Cyclops Blink malware from its “command and control” servers — the hidden machines that allowed the attackers to orchestrate the activities of the botnet. energy facilities. ” HYDRA. . ” HYDRA.

Marketing 307

Marketing Energy and Utilities Malware Ransomware 307

eSecurity Planet

JULY 27, 2021

The LemonDuck malware that for the past couple of years has been known for its cryptocurrency mining and botnet capabilities is evolving into a much broader threat, moving into new areas of cyber attacks, targeting both Linux and Microsoft systems and expanding its geographical reach, according to security researchers with Microsoft.

Malware 144

Malware Risk Cryptocurrency Ransomware 144

Security Affairs

MARCH 1, 2023

Experts warn of a new wave of attacks against cryptocurrency entities, threat actors are using a RAT dubbed Parallax RAT for Infiltration. Researchers from cybersecurity firm Uptycs warns of attacks targeting cryptocurrency organizations with the Parallax remote access Trojan (RAT).

Cryptocurrency 98

Cryptocurrency Malware Phishing Hacking 98

Krebs on Security

NOVEMBER 5, 2024

WAIFU A careful study of Judische’s postings on Telegram and Discord since 2019 shows this user is more widely known under the nickname “ Waifu ,” a moniker that corresponds to one of the more accomplished “SIM swappers” in the English-language cybercrime community over the years. CRACKDOWN ON HARM GROUPS?

Cybercrime 280

Cybercrime Mobile Media Hacking 280

SecureList

JUNE 5, 2023

Satacom downloader, also known as LegionLoader, is a renowned malware family that emerged in 2019. It is known to use the technique of querying DNS servers to obtain the base64-encoded URL in order to receive the next stage of another malware family currently distributed by Satacom.

Cryptocurrency 113

Cryptocurrency DNS Malware Encryption 113

Security Affairs

DECEMBER 20, 2024

The US Department of Justice sentenced the Ukrainian national Mark Sokolovsky (28) for his role in the distribution of the Raccoon Infostealer malware. The Raccoon stealer was first spotted in April 2019, it was designed to steal victims credit card data, email credentials, cryptocurrency wallets, and other sensitive data.

Cryptocurrency 61

Cryptocurrency Identity Theft Cybercrime Malware 61

SC Magazine

JANUARY 28, 2021

A piece of cryptojacking malware with a penchant for targeting the cloud has gotten some updates that makes it easier to spread and harder for organizations to detect when their cloud applications have been commandeered. First, it compresses the malware inside the binary code using, only extracting and executing during the binary process.

Malware 141

Malware Media Software Cryptocurrency 141

Security Affairs

JULY 16, 2020

Researchers spotted a new Android banking trojan dubbed BlackRock malware that steals credentials and credit card data from hundreds of apps. The BlackRock malware borrows the code from the Xerxes banking malware, which is a strain of the popular LokiBot Android trojan. Coinbase, BitPay, and Coinbase), and banks (i.e.

Malware 127

Malware Banking Mobile Advertising 127

Security Affairs

NOVEMBER 18, 2020

Experts from Cybereason Nocturnus uncovered an active campaign that targets users of a large e-commerce platform in Latin America with Chaes malware. Experts at Cybereason Nocturnus have uncovered an active campaign targeting the users of a large e-commerce platform in Latin America with malware tracked as Chaes.

Phishing 131

Phishing Malware Cryptocurrency Information Security 131

Security Affairs

AUGUST 28, 2020

A new variant of the infamous Lemon_Duck cryptomining malware has been updated to targets Linux devices. Security researchers from Sophos have spotted a new variant of the Lemon_Duck cryptomining malware that has been updated to compromise Linux machines via SSH brute force attacks. ” reads the post published by Sophos.

Malware 145

Malware Passwords Authentication Internet 145

Security Affairs

MARCH 14, 2025

The dual Russian-Israeli national was arrested in Israel in 2024 and faces charges related to his role in the ransomware operation The man is accused of being a LockBit ransomware developer from 2019 through at least February 2024. Panev received over $230,000 in laundered cryptocurrency from Khoroshev between 2022 and 2024.

Ransomware 63

Ransomware Cryptocurrency Small Business Malware 63

Malwarebytes

MAY 16, 2022

2021 saw a massive surge in detections of malware, adware, and Potentially Unwanted Programs (PUPs). Detections of malware on Windows business machines were 143% higher in 2021 than in 2020, and 65% higher on consumer machines. Windows malware detection totals 2019-2021.

Malware 96

Malware Adware Cryptocurrency Cybercrime 96

Krebs on Security

DECEMBER 8, 2021

Also known as “ Mariposa ,” ButterFly was a plug-and-play malware strain that allowed even the most novice of would-be cybercriminals to set up a global operation capable of harvesting data from thousands of infected PCs, and using the enslaved systems for crippling attacks on Web sites. ” The U.S.

Cybercrime 336

Cybercrime Ransomware Accountability Advertising 336

Krebs on Security

JUNE 15, 2021

Department of Justice (DOJ) last week announced the arrest of a 55-year-old Latvian woman who’s alleged to have worked as a programmer for Trickbot , a malware-as-a-service platform responsible for infecting millions of computers and seeding many of those systems with ransomware. 6 in Miami, Fla.

Cybercrime 356

Cybercrime Ransomware Passwords Banking 356

Security Affairs

DECEMBER 13, 2020

Researchers have discovered a botnet dubbed PgMiner that targets PostgreSQL databases running on Linux servers to install a cryptocurrency miner. Security researchers from Palo Alto Networks have discovered a new botnet, tracked as PgMiner, that targets PostgreSQL databases running on Linux servers to install a cryptocurrency miner.

Hacking 145

Hacking Cryptocurrency Passwords Authentication 145

Security Affairs

DECEMBER 21, 2024

The NetWalker ransomware group has been active since 2019, it was operating using the Ransomware-as-a-Service (RaaS) model. in cryptocurrency obtained from ransom payments. .” Romanian authorities arrested Daniel Hulea on July 11, 2023, in Cluj, and extradited him to the U.S. under the U.S.-Romania Romania extradition treaty.

Ransomware 106

Ransomware Healthcare Government Cryptocurrency 106

SecureList

MARCH 31, 2021

A few Brazilian malware families expanded their operations to other continents, targeting victims in Europe and Asia. Even though, in 2020, we have seen ever more sophisticated cyberattacks, the overall statistics look encouraging: the number of users hit by computer and mobile malware declines, so does financial phishing. Methodology.

Banking 144

Banking Phishing Malware Mobile 144

SecureList

FEBRUARY 23, 2022

SpyEye, developed in 2009 and described as a “bank Trojan with a form grabbing capability”, surged from the eighth most common banking malware tool with a 3.4% Emotet (9.3%), described by Europol as “the world’s most dangerous malware”, underwent a drop of five percentage points between 2020 and 2021.This

Banking 140

Banking Phishing Cryptocurrency Malware 140

Security Affairs

AUGUST 18, 2020

Ukrainian authorities arrested the members of a cybercrime gang who ran 20 cryptocurrency exchanges involved in money laundering. Police in Ukraine announced the arrest of the members of a cybercrime gang composed of three individuals who ran 20 cryptocurrency exchanges used in money laundering activities.

Cryptocurrency 140

Cryptocurrency Computers and Electronics Cybercrime Digital transformation 140

Security Affairs

APRIL 1, 2020

Racoon malware (aka Legion, Mohazo, and Racealer) is an info-stealer that recently appeared in the threat landscape that is advertised in hacking forums. The malware is cheap compared to similar threats, it is able to steal sensitive data from about 60 applications, including (browsers, cryptocurrency wallets, email and FTP clients).

Malware 127

Malware Cryptocurrency Advertising Hacking 127

Krebs on Security

DECEMBER 29, 2022

You just knew 2022 was going to be The Year of Crypto Grift when two of the world’s most popular antivirus makers — Norton and Avira — kicked things off by installing cryptocurrency mining programs on customer computers.

Cryptocurrency 295

Cryptocurrency Cybercrime Computers and Electronics Scams 295

Security Affairs

FEBRUARY 2, 2021

ESET experts uncovered a previously undocumented piece of malware that had been observed targeting high-performance computing clusters (HPC). ESET analyzed a new piece of malware, dubbed Kobalos, that was employed in attacks against high-performance computing clusters (HPC). ” reads the analysis published by ESET.

Malware 111

Malware Internet Internet Cryptocurrency 111

The Last Watchdog

MAY 8, 2019

And earlier this year, three popular “ selfie beauty apps ”– Pro Selfie Beauty Camera, Selfie Beauty Camera Pro and Pretty Beauty Camera 2019 – accessible in Google Play Store were revealed to actually be tools to spread adware and spyware. We automatically classify and categorize every strain of malware. Currently we have almost 6.5

Adware 176

Adware Spyware Mobile Banking 176

Security Boulevard

AUGUST 2, 2022

Current threat actor activity is incentivized by a broad attack surface represented through high volumes of users and systems, and high potential profits represented through the variety of cryptocurrency offerings. It is easy to detect and block things like malicious cryptocurrency apps or crypto-phishing websites.

Cryptocurrency 98

Cryptocurrency Ransomware Government Risk 98

Security Affairs

FEBRUARY 8, 2020

Hackers have infected with a piece of malware some IoT devices running Windows 7 designed by three of the world’s largest manufacturers. Security experts from TrapX reported that some IoT devices running Windows 7 have been infected with a piece of malware, is it a supply chain attack? ” reads the report p ublished by TrapX.”First,

Manufacturing 145

Manufacturing IoT Malware Cryptocurrency 145

Penetration Testing

JANUARY 11, 2024

A Linux-based malware family, DreamBus has been quietly evolving, honing its capabilities to exploit vulnerabilities in business applications. DreamBus, initially identified in early 2019, has... The post DreamBus: The Linux-Based Malware Targeting Business Applications appeared first on Penetration Testing.

Malware 95

Malware Penetration Testing Cryptocurrency 95

Security Affairs

JUNE 15, 2020

Black Kingdom ransomware operators are targeting organizations using unpatched Pulse Secure VPN software to deploy their malware. The CVE-2019-11510 flaw in Pulse Connect Secure is a critical arbitrary file read vulnerability. The vulnerability was addressed in April 2019, but many organizations delayed updating their servers.

VPN 138

VPN Ransomware Advertising Encryption 138

Security Affairs

AUGUST 30, 2020

The US DoJ has filed a civil forfeiture complaint with the intent to seize control over 280 Bitcoin and Ethereum accounts that are believed to be holding funds which are the proceeds of hacking campaigns conducted by North Korea-linked APT groups against two cryptocurrency exchanges. In the second attack, threat actors stole $2.5

Cryptocurrency 125

Cryptocurrency Hacking Advertising Accountability 125

Security Affairs

APRIL 5, 2019

A few days ago, the researchers of ZLab Yoroi-Cybaze dissected another attack wave of the infamous Ursnif malware, also known as Gozi ISFB , an offspring of the original Gozi which source code was leaked in 2014. Ursnif/Gozi is active from over a decade and was one of the most active malware listed in 2017 and 2018.

Banking 109

Banking Malware Cryptocurrency Advertising 109

Security Affairs

JULY 6, 2020

In the past, the APT targeted banks and cryptocurrency exchanges , according to the experts the overall operations allowed the group to earn $2 billion. Sansec believes that North Korean state sponsored actors have engaged in large scale digital skimming activity since at least May 2019.” ” concludes the researchers.

Retail 135

Retail Advertising Malware Hacking 135