SecureList

FEBRUARY 16, 2021

In Q4 2020, Citrix ADC (application delivery controller) devices became one such tool, when perpetrators abused their DTLS interface. While the resource was down, cryptocurrency newbies were invited to download a copy of Bitcoin Core via a torrenting service. Overall, Q4 remained within the parameters of 2020 trends.

DDOS 145

DDOS Cryptocurrency Marketing Internet 145

Security Affairs

JANUARY 2, 2022

North Korea-linked threat actors are behind some of the largest cyberattacks against cryptocurrency exchanges. North Korea-linked APT groups are suspected to be behind some of the largest cyberattacks against cryptocurrency exchanges. billion (2 trillion won) worth of cryptocurrency from multiple exchanges during the past five years.

Cryptocurrency 142

Cryptocurrency Cybercrime Media Government 142

Krebs on Security

FEBRUARY 26, 2023

Web hosting giant GoDaddy made headlines this month when it disclosed that a multi-year breach allowed intruders to steal company source code, siphon customer and employee login credentials, and foist malware on customer websites. But we do know the March 2020 attack was precipitated by a spear-phishing attack against a GoDaddy employee.

Hacking 327

Hacking Social Engineering Phishing Scams 327

Security Affairs

SEPTEMBER 10, 2020

Slovak cryptocurrency exchange ETERBASE disclosed a security breach, hackers stole cryptocurrency funds worth $5.4 Slovak cryptocurrency exchange ETERBASE disclosed a security breach, the hackers stole Bitcoin, Ether, ALGO, Ripple, Tezos, and TRON assets worth $5.4 — ETERBASE (@ETERBASE) September 8, 2020.

Cryptocurrency 144

Cryptocurrency Data breaches Advertising Hacking 144

Security Affairs

JANUARY 25, 2021

Indian cryptocurrency exchange Buyucoin suffered a security incident, threat actors leaked sensitive data of 325K users. A new incident involving a cryptocurrency exchange made the headlines, the India-based cryptocurrency exchange suffered a security incident, threat actors leaked sensitive data of 325K users on the Dark Web.

Cryptocurrency 144

Cryptocurrency Hacking InfoSec Data breaches 144

SecureList

JANUARY 13, 2022

The group seems to work more like a unit within a larger formation of Lazarus attackers, with the ability to tap into its vast resources: be it malware implants, exploits, or infrastructure. Also, we have previously reported on cryptocurrency-focused BlueNoroff attacks. Malware infection.

Cryptocurrency 145

Cryptocurrency Malware Accountability Banking 145

Security Affairs

MAY 13, 2020

The United States Cyber Command (USCYBERCOM) has uploaded five new North Korean malware samples to VirusTotal. The United States Cyber Command (USCYBERCOM) has shared five new malware samples attributed to the North Korea-linked Lazarus APT , it has uploaded the malicious code to VirusTotal. ” reads the DHS CISA’s advisory.

Malware 143

Malware Advertising Government Cryptocurrency 143

Security Affairs

APRIL 3, 2021

Code repository hosting service GitHub launched an investigation in a series of attacks aimed at abusing its infrastructure to illicitly mine cryptocurrency. Such kind of attacks was reported at least since the end of 2020, when some software developers reported the malicious activity on their repositories. Pierluigi Paganini.

Cryptocurrency 143

Cryptocurrency Accountability Software Engineering 143

Security Affairs

MAY 2, 2021

The bold author of a new cryptocurrency stealer, dubbed WeSteal, is promising its customers a leading way to make money in 2021. WeSteal is a Python-based malware that uses regular expressions to search for strings related to wallet addresses that victims have copied to their clipboard. There is the name of the malware itself.

Cryptocurrency 116

Cryptocurrency Malware Advertising System Administration 116

Security Affairs

AUGUST 19, 2020

Researchers spotted a new sophisticated peer-to-peer (P2P) botnet, dubbed FritzFrog, that has been actively targeting SSH servers since January 2020. FritzFrog is a new sophisticated botnet that has been actively targeting SSH servers worldwide since January 2020. and Europe belonging to universities and a railway company.

Cryptocurrency 145

Cryptocurrency Malware Advertising Encryption 145

SecureList

AUGUST 23, 2021

billion USD in 2021, which is slightly less than the total revenue in 2020 but still significantly above the pre-pandemic figures. We examined malware and unwanted software disguised as popular PC and mobile games. We also looked in greater detail at some of the strains of malware being distributed and the dangers they pose for users.

Mobile 140

Mobile Adware Malware Phishing 140

Krebs on Security

APRIL 20, 2023

Researchers at ESET say this job offer from a phony HSBC recruiter on LinkedIn was North Korean malware masquerading as a PDF file. Mandiant found the compromised 3CX software would download malware that sought out new instructions by consulting encrypted icon files hosted on GitHub. Image: Mandiant.

Malware 330

Malware Software Technology Accountability 330

Hot for Security

JUNE 17, 2021

At the time we warned users of the hardware cryptocurrency wallet to watch out for phishing scams that might attempt to steal users’ credentials. We believe this to be the contents of our e-commerce database from June 2020. We were informed about the dump of the content of a Ledger customer database on Raidforum.

Cryptocurrency 145

Cryptocurrency Data breaches Scams Phishing 145

Security Affairs

FEBRUARY 28, 2021

The New Zealand-based cryptocurrency exchange Cryptopia suffered a new cyber heist while it is in liquidation due to a 2019 security breach. In 2019, the New Zealand-based cryptocurrency exchange Cryptopia discloses a cyber attack that took place on January 14th. According to the local news site Stuff , a creditor, U.S.

Cryptocurrency 119

Cryptocurrency Hacking Cyber Attacks Accountability 119

The Hacker News

APRIL 19, 2021

A Mac malware campaign targeting Xcode developers has been retooled to add support for Apple's new M1 chips and expand its features to steal confidential information from cryptocurrency apps. The malware repackages payload

Malware 126

Malware Cryptocurrency 126

Security Affairs

AUGUST 27, 2020

Microsoft warned of a recently uncovered piece of malware, tracked as Anubis that was designed to steal information from infected systems. This week, Microsoft warned of a recently uncovered piece of malware, tracked as Anubis, that was distributed in the wild to steal information from infected systems. Pierluigi Paganini.

Malware 137

Malware Advertising Cryptocurrency Cybercrime 137

Security Affairs

MARCH 18, 2021

The FBI’s Internet Crime Complaint Center has released its annual report, the 2020 Internet Crime Report , which includes data from 791,790 complaints of suspected cybercrimes. Data that emerged from the report are worrisome, in 2020 the reported losses exceeded $4.2 ” reads 2020 Internet Crime Report. billion in losses.

Internet 121

Internet Internet Scams Identity Theft 121

Security Affairs

FEBRUARY 2, 2024

The Computer Emergency Response Team in Ukraine (CERT-UA) reported that a PurpleFox malware campaign had already infected at least 2,000 computers in the country. Experts defined DirtyMoe as a complex malware that has been designed as a modular system. ” reads the alert published by CERT-UA.

Malware 135

Malware Internet Internet DDOS 135

Heimadal Security

APRIL 5, 2021

Software developers have reported a series of malicious activities on their repositories, having the end purpose of mining cryptocurrency. The attacks have been happening since November 2020, the first report being made by a French software engineer.

Cryptocurrency 101

Cryptocurrency Engineering Software Malware 101

The Hacker News

FEBRUARY 16, 2022

The notorious TrickBot malware is targeting customers of 60 financial and technology companies, including cryptocurrency firms, primarily located in the U.S., TrickBot is a sophisticated and versatile malware with more than 20 modules that can be downloaded and executed on demand," Check Point researchers Aliaksandr

Malware 100

Malware Cryptocurrency Technology 100

Krebs on Security

SEPTEMBER 5, 2023

Since then, a steady trickle of six-figure cryptocurrency heists targeting security-conscious people throughout the tech industry has led some security experts to conclude that crooks likely have succeeded at cracking open some of the stolen LastPass vaults. “The victim profile remains the most striking thing,” Monahan wrote.

Cryptocurrency 362

Cryptocurrency Passwords Encryption Accountability 362

Security Affairs

APRIL 19, 2021

XCSSET, a Mac malware targeting Xcode developers, was now re-engineered and employed in a campaign aimed at Apple’s new M1 chips. Experts from Trend Micro have uncovered a Mac malware campaign targeting Xcode developers that employed a re-engineered version of the XCSSET malware to support Apple’s new M1 chips.

Malware 138

Malware Cryptocurrency Architecture Engineering 138

Security Affairs

MARCH 12, 2020

Cybercriminals continue to exploit the fear in the coronavirus outbreak to spread malware and steal sensitive data from victims. Experts from cybersecurity Reason reported cybercrimnals are using new coronavirus -themed attacks to deliver malware. To make sure the malware can persist and keep operating, it uses the “Task Scheduler”.”

Malware 144

Malware Advertising Passwords Cryptocurrency 144

The Hacker News

JANUARY 10, 2022

New research into the infrastructure behind an emerging DDoS botnet named Abcbot has uncovered links with a cryptocurrency-mining botnet attack that came to light in December 2020.

DDOS 138

DDOS Cryptocurrency Malware 138

Malwarebytes

APRIL 26, 2022

Rogue Google ads caused no end of misery for cryptocurrency enthusiasts, costing them roughly $4.31 This is an astonishing slice of cryptocurrency cash to lose for the sake of clicking on something in a search engine. Here’s a mockup: pic.twitter.com/aM9UAbSKtv — Google SearchLiaison (@searchliaison) January 13, 2020.

Cryptocurrency 129

Cryptocurrency Phishing Engineering Mobile 129

Security Affairs

DECEMBER 31, 2021

The Have I Been Pwned data breach notification service now includes credentials for 441K accounts that were stolen by RedLine malware. The Have I Been Pwned data breach notification service now allows victims of the RedLine malware to check if their credentials have been stolen. The malicious code can also act as a first-stage malware.

Accountability 145

Accountability Malware Data breaches Passwords 145

Security Affairs

NOVEMBER 19, 2024

Evgenii Ptitsyn and others allegedly ran an international hacking scheme since November 2020, deploying Phobos ransomware to extort victims. Ptitsyn and his conspirators used a ransomware-as-a-service (RaaS) model to distribute their malware to a network of affiliates.

Cybercrime 114

Cybercrime Ransomware Healthcare Education 114

Penetration Testing

FEBRUARY 15, 2024

Spynote is a Remote Access Trojan that originated in 2020. Since then, it has developed to be one of the most widespread families of malware for Android, with many samples, integration of other RATs... The post SpyNote RAT Evolves: Targets Your Cryptocurrency Wallet appeared first on Penetration Testing.

Cryptocurrency 88

Cryptocurrency Penetration Testing Malware 88

Security Affairs

AUGUST 28, 2020

A new variant of the infamous Lemon_Duck cryptomining malware has been updated to targets Linux devices. Security researchers from Sophos have spotted a new variant of the Lemon_Duck cryptomining malware that has been updated to compromise Linux machines via SSH brute force attacks. ” reads the post published by Sophos.

Malware 145

Malware Passwords Authentication Internet 145

Krebs on Security

APRIL 7, 2022

The DOJ said it did not seek to disinfect compromised devices; instead, it obtained court orders to remove the Cyclops Blink malware from its “command and control” servers — the hidden machines that allowed the attackers to orchestrate the activities of the botnet. billion euros in 2020 alone. energy facilities.

Marketing 304

Marketing Energy and Utilities Malware Ransomware 304

Security Affairs

APRIL 4, 2023

Threat actors behind the 3CX supply chain attack have targeted a limited number of cryptocurrency companies with a second-state implant. The products from multiple cybersecurity vendors started detecting the popular software as malware suggesting that the company has suffered a supply chain attack. The wirexpro[.]com

Cryptocurrency 98

Cryptocurrency Malware Software Manufacturing 98

Krebs on Security

MAY 22, 2023

Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms. The messages said recipients had earned an investment credit at a cryptocurrency trading platform called moonxtrade[.]com. In May 2020, Zipper told another Lolzteam member that quot[.]pw

Scams 303

Scams DDOS Cryptocurrency Accountability 303

Security Affairs

DECEMBER 20, 2024

The US Department of Justice sentenced the Ukrainian national Mark Sokolovsky (28) for his role in the distribution of the Raccoon Infostealer malware. In October 2020, the US Justice Department charged Sokolovsky with computer fraud for allegedly infecting millions of computers with the Raccoon Infostealer. in restitution.”

Cryptocurrency 62

Cryptocurrency Cybercrime Identity Theft Malware 62

Krebs on Security

JUNE 15, 2021

Department of Justice (DOJ) last week announced the arrest of a 55-year-old Latvian woman who’s alleged to have worked as a programmer for Trickbot , a malware-as-a-service platform responsible for infecting millions of computers and seeding many of those systems with ransomware. 6 in Miami, Fla.

Cybercrime 355

Cybercrime Ransomware Passwords Banking 355

SecureList

FEBRUARY 23, 2022

SpyEye, developed in 2009 and described as a “bank Trojan with a form grabbing capability”, surged from the eighth most common banking malware tool with a 3.4% share in 2020 to the second most common in 2021 with 12.2%. The mass change in cybercriminals’ objectives and methods seen in 2020 continued in 2021.

Banking 140

Banking Phishing Cryptocurrency Malware 140

Security Affairs

JULY 16, 2020

Researchers spotted a new Android banking trojan dubbed BlackRock malware that steals credentials and credit card data from hundreds of apps. The BlackRock malware borrows the code from the Xerxes banking malware, which is a strain of the popular LokiBot Android trojan. Coinbase, BitPay, and Coinbase), and banks (i.e.

Malware 129

Malware Banking Mobile Advertising 129

Security Affairs

NOVEMBER 18, 2020

Experts from Cybereason Nocturnus uncovered an active campaign that targets users of a large e-commerce platform in Latin America with Chaes malware. Experts at Cybereason Nocturnus have uncovered an active campaign targeting the users of a large e-commerce platform in Latin America with malware tracked as Chaes.

Phishing 133

Phishing Malware Cryptocurrency Information Security 133