Malwarebytes

FEBRUARY 12, 2021

Threat actors involved in tech support scams have been running a browser locker campaign from November 2020 until February 2021 on the world’s largest adult platforms including PornHub. On May 21 2020, the threat actor registered the domain name sassysenssations[.]com com which belongs to a legitimate business.

Scams 100

Scams Advertising Spyware Mobile 100

SecureList

NOVEMBER 18, 2022

In late August 2020, we published an overview of DeathStalker and its activities, including the Janicab, Evilnum and PowerSing campaigns. Meanwhile, in August 2020, we also released a private report on VileRAT for our threat intelligence customers. The group delivers its malware using social engineering.

Malware 122

Malware Computers and Electronics Adware Cryptocurrency 122

Security Boulevard

AUGUST 6, 2024

In data analyzed in the 2020 paper Dark Matter: Uncovering the DarkComet RAT Ecosystem , Turkey is identified as the country with the highest number of DarkComet C2 deployments. Social Engineering: Attackers may use various social engineering techniques to convince victims to run the malware.

DNS 69

DNS Malware Social Engineering Software 69

SecureList

NOVEMBER 1, 2022

In June, we identified a previously unknown Android spyware app that targets Persian-speaking individuals. The spyware itself collects various data from the victims’ devices, such as call logs or lists of contacts. We discovered a previously unknown backdoor in active use since at least December 2020. Final thoughts.

Malware 145

Malware Ransomware Spyware Encryption 145

SecureList

NOVEMBER 22, 2022

In the scramble for cryptocurrency investment opportunities, we believe that cybercriminals will take advantage of fabricating and selling rogue devices with backdoors, followed by social engineering campaigns and other methods to steal victims’ financial assets. Mobile banking Trojans on the rise.

Cryptocurrency 106

Cryptocurrency Mobile Ransomware Banking 106

Hacker's King

OCTOBER 3, 2024

WhatsApp Pegasus Spyware Attack (2019) One of the most famous zero-day exploits happened on WhatsApp in 2019. Hackers discovered a vulnerability in WhatsApp’s call feature, allowing them to install spyware on phones without the user’s knowledge. Even if the user didn’t answer the call, spyware called Pegasus was installed.

Media 52

Media Spyware Accountability Marketing 52

ForAllSecure

APRIL 26, 2023

Common Types of Cyber Attacks Common techniques that criminal hackers use to penetrate systems include social engineering, password attacks, malware, and exploitation of software vulnerabilities. It uses psychological manipulation to trick users into making security mistakes or giving away sensitive information.”

Social Engineering 40

Social Engineering Passwords Engineering Software 40

Herjavec Group

AUGUST 26, 2021

1970-1995 — Kevin Mitnick — Beginning in 1970, Kevin Mitnick penetrates some of the most highly-guarded networks in the world, including Nokia and Motorola, using elaborate social engineering schemes, tricking insiders into handing over codes and passwords, and using the codes to access internal computer systems.

Cybercrime 135

Cybercrime Computers and Electronics Hacking Banking 135

SecureList

JULY 27, 2023

Following this, we released the first of a series of additional reports describing the final payload in the infection chain: a highly sophisticated spyware implant that we dubbed “TriangleDB” Operating in memory, this implant periodically communicates with the C2 (command and control) infrastructure to receive commands.

Malware 98

Malware Government Phishing Social Engineering 98

SecureList

NOVEMBER 14, 2023

The threat actor used news about the Russo-Ukrainian conflict to trick targets into opening harmful emails that exploited the vulnerabilities (CVE-2020-35730, CVE-2020-12641 and CVE-2021-44026). This politician became the target of a previously undiscovered “zero-day” attack aimed at infecting his phone with spyware.

Hacking 141

Hacking Energy and Utilities Media Malware 141

eSecurity Planet

FEBRUARY 16, 2021

Additional features of botnets include spam, ad and click fraud, and spyware. With over 600,000 devices, this botnet exposed just how vulnerable IoT devices could be and led to the IoT Cybersecurity Improvement Act of 2020. A strain of keylogger malware dubbed LokiBot notably increased in 2020. Phishing and Social Engineering.

Malware 105

Malware Adware Spyware Antivirus 105

SecureList

OCTOBER 26, 2021

ReconHellcat is a little-known threat actor that was spotted publicly in 2020. During 2020 and 2021, we detected a new ShadowPad loader module, dubbed ShadowShredder, used against critical infrastructure across multiple countries, including but not limited to India, China, Canada, Afghanistan and Ukraine.

Malware 145

Malware Government Surveillance Spyware 145

The Last Watchdog

FEBRUARY 28, 2021

Cybercriminals often leverage social engineering tactics like phishing and spear-phishing to propagate sophisticated malware. It is not unusual to have your system or network infected with malware, such as spyware, that often lingers secretly with no apparent symptoms. Don’t worry though. Common types. Ransomware. Ransomware.

Cyber threats 113

Cyber threats Computers and Electronics Adware Spyware 113

CyberSecurity Insiders

JANUARY 31, 2021

Cybercriminals often leverage social engineering tactics like phishing and spear-phishing to propagate sophisticated malware. It is not unusual to have your system or network infected with malware, such as spyware, that often lingers secretly with no apparent symptoms. Don’t worry though. Common Types of Malware. Ransomware.

Malware 107

Malware Computers and Electronics Adware Spyware 107

SecureList

NOVEMBER 10, 2021

In fact, time spent streaming increased by almost 75% in 2020. In 2021, demand for video streaming has remained strong, and the global video streaming market is still growing, albeit slower than in 2020, and is expected to continue growing for the next few years.

Phishing 126

Phishing Accountability Malware Adware 126

SecureList

NOVEMBER 17, 2021

In 2020, we predicted that governments would adopt a “name and shame” strategy to draw attention to the activities of hostile APT groups, a trend that has evolved even more in the last year. The Israeli Defense Forces (IDF) have claimed that threat actors have been using catfishing to lure Israeli soldiers into installing spyware.

Mobile 145

Mobile Surveillance Ransomware Government 145

SecureList

AUGUST 5, 2021

A look at the data by month shows that, having troughed in March (45.10%), the share of spam in global mail traffic rose slightly in April (45.29%), with further jumps in May (46.35%) and June (48.03%), which is comparable to Q4 2020. Source of spam by country. Russia (26.07%) is still in first place, its share having increased by 3.6

Phishing 134

Phishing Banking Scams Computers and Electronics 134

SecureList

FEBRUARY 16, 2023

Attackers actively used social engineering techniques in their emails, adding signatures with logos and information from specific organizations, creating a context appropriate to the company’s profile, and applying business language. In 2022, we saw an evolution of malicious emails masquerading as business correspondence.

Phishing 117

Phishing Scams Accountability Energy and Utilities 117

SecureList

FEBRUARY 9, 2022

Like in 2020, the most spam in 2021 came from Russia (24.77%), whose share rose by 3.5 compared to 2020. Spain (3.00%) and Brazil (2.41%) also swapped places, and the top ten was rounded out by the same two countries as 2020, Japan (2,36%) and Poland (1.66%). up on 2020. Source of spam by country or region.

Phishing 105

Phishing Scams Accountability Banking 105