Security Affairs

FEBRUARY 3, 2025

The Russian-speaking Crazy Evil group runs over 10 social media scams, tricking victims into installing StealC, AMOS, and Angel Drainer malware. Since 2021, the Crazy Evil gang has become a major cybercriminal group, using phishing, identity fraud, and malware to steal cryptocurrency. Victim losses range from $0.10

Scams 83

Scams Media Cryptocurrency Cybercrime 83

Security Affairs

MARCH 8, 2021

Experts warn of ongoing attacks targeting QNAP network-attached storage (NAS) devices to abuse them in cryptocurrency mining. Researchers at 360Netlab are warning of a cryptocurrency malware campaign targeting unpatched QNAP network-attached storage (NAS) devices. Unity is an XMRig cryptocurrency miner. and Quick.tar.gz.

Cryptocurrency 139

Cryptocurrency Firmware Malware Threat Detection 139

Krebs on Security

NOVEMBER 9, 2024

Matt Donahue is the former FBI agent who founded Kodex in 2021. Donahue said 60 technology companies are now routing all law enforcement data requests through Kodex, including an increasing number of financial institutions and cryptocurrency platforms. dot-gov emails get hacked.

Hacking 278

Hacking Accountability Government Social Engineering 278

Security Affairs

JANUARY 12, 2022

Experts warn of a new variant of the RedLine malware that is distributed via emails as fake COVID-19 Omicron stat counter app as a lure. The malicious code can also act as a first-stage malware. 2021-11-26 04:34:54 2021-11-26 10:05:15 149.154.167.91 2021-12-05 12:06:03 2021-12-05 13:19:35 149.154.167.91

Malware 145

Malware Manufacturing Cryptocurrency Cybercrime 145

Security Affairs

NOVEMBER 1, 2021

Operators behind the Squid Game cryptocurrency have exit scam making off with an estimated $2.1 Operators behind the Squid Game cryptocurrency have exit scam making off with an estimated $2.1 The following graph shows that the cryptocurrency peaked at a price of $2,861 before dropping to $0 around. ” reported GixModo.

Cryptocurrency 138

Cryptocurrency Scams Cybercrime Advertising 138

Security Affairs

MAY 2, 2021

The bold author of a new cryptocurrency stealer, dubbed WeSteal, is promising its customers a leading way to make money in 2021. WeSteal is a Python-based malware that uses regular expressions to search for strings related to wallet addresses that victims have copied to their clipboard. There is the name of the malware itself.

Cryptocurrency 115

Cryptocurrency Malware Advertising System Administration 115

Security Affairs

APRIL 3, 2021

Code repository hosting service GitHub launched an investigation in a series of attacks aimed at abusing its infrastructure to illicitly mine cryptocurrency. link] pic.twitter.com/zugl7mFK0K — Justin Perdok (@JustinPerdok) April 2, 2021. pic.twitter.com/5twTjuL2vK — Justin Perdok (@JustinPerdok) April 2, 2021.

Cryptocurrency 143

Cryptocurrency Accountability Software Engineering 143

SecureList

JANUARY 13, 2022

The group seems to work more like a unit within a larger formation of Lazarus attackers, with the ability to tap into its vast resources: be it malware implants, exploits, or infrastructure. Also, we have previously reported on cryptocurrency-focused BlueNoroff attacks. Malware infection.

Cryptocurrency 145

Cryptocurrency Malware Accountability Banking 145

Security Affairs

JANUARY 25, 2021

Indian cryptocurrency exchange Buyucoin suffered a security incident, threat actors leaked sensitive data of 325K users. A new incident involving a cryptocurrency exchange made the headlines, the India-based cryptocurrency exchange suffered a security incident, threat actors leaked sensitive data of 325K users on the Dark Web.

Cryptocurrency 144

Cryptocurrency Hacking InfoSec Data breaches 144

Security Affairs

JUNE 22, 2021

DirtyMoe is a Windows botnet that is rapidly growing, it passed from 10,000 infected systems in 2020 to more than 100,000 in the first half of 2021. Experts defined DirtyMoe as a complex malware that has been designed as a modular system. Experts defined DirtyMoe as a complex malware that has been designed as a modular system.

DNS 145

DNS Internet Internet Malware 145

SecureWorld News

AUGUST 8, 2022

Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC) released a joint Cybersecurity Advisory (CSA) providing details on the top malware strains of 2021. The top malware strains in 2021 included remote access Trojans (RATs), banking Trojans, information stealers, and ransomware.

Malware 98

Malware Banking Penetration Testing Healthcare 98

SecureList

MARCH 3, 2022

2021 is the second year we have spent living and working in the pandemic. By 2021 everyone got used to pandemic limitations – industrial organization employees and IT security professionals and threat actors. If we compare the numbers from 2020 and 2021, we see that 2021 looks more stable, particularly in H2. Ransomware.

Spyware 130

Spyware Ransomware Cryptocurrency Phishing 130

CyberSecurity Insiders

DECEMBER 28, 2021

All those using cryptocurrency wallets, you better be aware of this crypto scam that is being spread through Telegram. Information is out that some hackers in the name of ‘Smokes Night’ are stealing cryptocurrency from the users’ wallets by spreading Echelon Malware on Telegram.

Malware 130

Malware Cryptocurrency Scams Mobile 130

Security Affairs

DECEMBER 31, 2021

The Have I Been Pwned data breach notification service now includes credentials for 441K accounts that were stolen by RedLine malware. The Have I Been Pwned data breach notification service now allows victims of the RedLine malware to check if their credentials have been stolen. The malicious code can also act as a first-stage malware.

Accountability 145

Accountability Malware Data breaches Passwords 145

Security Affairs

JANUARY 3, 2022

Which are the cyber attacks of 2021 that had the major impact on organizations worldwide in terms of financial losses and disruption of the operations? Microsoft confirmed the attacks against the Exchange servers that aimed at stealing emails and install malware to gain persistence in the target networks.

Cyber Attacks 140

Cyber Attacks Ransomware Hacking Insurance 140

Security Affairs

APRIL 19, 2021

XCSSET, a Mac malware targeting Xcode developers, was now re-engineered and employed in a campaign aimed at Apple’s new M1 chips. Experts from Trend Micro have uncovered a Mac malware campaign targeting Xcode developers that employed a re-engineered version of the XCSSET malware to support Apple’s new M1 chips.

Malware 137

Malware Cryptocurrency Architecture Engineering 137

CyberSecurity Insiders

AUGUST 18, 2021

SonicWall Cyber Threat report has confirmed that the year 2021 witnessed a record number of ransomware attacks in just 6 months, taking the number to 304.3 Coming to the ransomware spread statistics, SonicWall observed that June 2021 alone witnessed over 78.4 The post Year 2021 witnesses over 304.7 million ransomware attacks.

Ransomware 133

Ransomware Cryptocurrency Cyber threats Threat Reports 133

Security Affairs

OCTOBER 4, 2024

perfctl malware targets misconfigured Linux servers to deploy cryptocurrency miners and proxyjacking software in an ongoing campaign. Aqua Nautilus researchers shed light on a Linux malware, dubbed perfctl malware, that over the past 3-4 years targeted misconfigured Linux servers. ” reads the report.

Malware 134

Malware Cryptocurrency Encryption Software 134

SecureList

SEPTEMBER 9, 2021

The H1 2021 ICS threat report at a glance. During the first half of 2021 (H1 2021), the percentage of attacked ICS computers was 8% , which was 0.4 Top 15 countries and territories with the largest percentages of ICS computers on which malicious objects were blocked in H1 2021 ( download ). percentage points (p.p.)

Spyware 136

Spyware Media Internet Internet 136

Security Affairs

SEPTEMBER 3, 2021

USCYBERCOM is urging organizations to patch a critical CVE-2021-26084 flaw in Atlassian Confluence Server and Data Center, ahead of the Labor Day weekend. . US Cyber Command (USCYBERCOM) has issued an alert to warn US organizations to address Atlassian Confluence CVE-2021-26084 vulnerability immediately, ahead of the Labor Day weekend.

Authentication 133

Authentication Cryptocurrency Hacking Government 133

Security Affairs

SEPTEMBER 7, 2022

A new Linux malware dubbed Shikitega leverages a multi-stage infection chain to target endpoints and IoT devices. Researchers from AT&T Alien Labs discovered a new piece of stealthy Linux malware, dubbed Shikitega, that targets endpoints and IoT devices. ” reads the analysis published by AT&T Alien Labs.

Malware 136

Malware IoT Cryptocurrency Engineering 136

Security Affairs

SEPTEMBER 30, 2021

Threat actors are actively exploiting the recently disclosed CVE-2021-26084 RCE vulnerability in Atlassian Confluence deployments. At the end of August, Atlassian released security patches to address the critical CVE-2021-26084 flaw that affects the Confluence enterprise collaboration product. ActionRequired patch immediately!

Cryptocurrency 114

Cryptocurrency Authentication Malware Marketing 114

SecureList

AUGUST 23, 2021

billion USD in 2021, which is slightly less than the total revenue in 2020 but still significantly above the pre-pandemic figures. billion to $120 billion of the revenue in 2021, which is more than half of the estimated gaming industry value. billion in the first half of 2021. billion in the first half of 2021.

Mobile 139

Mobile Adware Malware Phishing 139

CyberSecurity Insiders

MARCH 10, 2022

But here’s a news piece that gives details of a ransomware group that paid $6 million in salaries last year and even tried to develop its cryptocurrency. Please note that the above-stated details were divulged by a malware analysis company VX-Underground after analyzing a leaked chat from a Ukrainian researcher working on a Russian project.

Cryptocurrency 119

Cryptocurrency Ransomware Banking Hacking 119

Security Affairs

FEBRUARY 2, 2024

The Computer Emergency Response Team in Ukraine (CERT-UA) reported that a PurpleFox malware campaign had already infected at least 2,000 computers in the country. Experts defined DirtyMoe as a complex malware that has been designed as a modular system. ” reads the alert published by CERT-UA.

Malware 135

Malware Internet Internet DDOS 135

Security Boulevard

MAY 11, 2022

With more people looking to cash in on hype surrounding the cryptocurrency market than ever before and an increasing digital workforce which may lack awareness of network security set-ups, cybercriminal activity remains rampant. The post Which phishing scams are trending in 2022? appeared first on Security Boulevard.

Scams 145

Scams Phishing Cryptocurrency Marketing 145

The Hacker News

JANUARY 10, 2022

New research into the infrastructure behind an emerging DDoS botnet named Abcbot has uncovered links with a cryptocurrency-mining botnet attack that came to light in December 2020.

DDOS 140

DDOS Cryptocurrency Malware 140

Security Affairs

DECEMBER 17, 2021

Experts at Check Point Research have monitored the resurgence of the Phorpiex botnet, an old threat that was involved in sextortion spam campaigns , crypto-jacking, cryptocurrency clipping (substituting the original wallet address saved in the clipboard with the attacker’s wallet address during a transaction) and ransomware attacks in the past.

Cryptocurrency 126

Cryptocurrency Cybercrime Malware Hacking 126

Security Affairs

APRIL 3, 2025

” Kidflix, launched in 2021, rapidly became a major CSAM platform, generating huge profits. Unlike other platforms, Kidflix allowed streaming and used cryptocurrency-based payments. Users made payments using cryptocurrencies, which were subsequently converted into tokens. The investigation is ongoing.”

Cryptocurrency 98

Cryptocurrency Cybercrime Hacking Information Security 98

Security Affairs

JANUARY 28, 2021

Researchers at the Italian CERT warns of new Android malware dubbed Oscorp that abuses accessibility services for malicious purposes. Researchers from security firm AddressIntel spotted a new Android malware dubbed Oscorp , its name comes from the title of the login page of its command-and-control server. Stealing cryptocurrency.

Malware 130

Malware Phishing InfoSec Cryptocurrency 130

Krebs on Security

FEBRUARY 26, 2023

Web hosting giant GoDaddy made headlines this month when it disclosed that a multi-year breach allowed intruders to steal company source code, siphon customer and employee login credentials, and foist malware on customer websites. What else do we know about the cause of these incidents?

Hacking 324

Hacking Social Engineering Phishing Scams 324

Heimadal Security

FEBRUARY 2, 2023

Since September 2021, over a thousand vulnerable Redis servers online have been infected by a stealthy malware dubbed “HeadCrab”, designed to build a botnet that mines Monero cryptocurrency.

Malware 105

Malware Cryptocurrency Cybersecurity 105

Threatpost

APRIL 30, 2021

The developer of the WeSteal cryptocurrency stealer can’t be bothered with fancy talk: they say flat-out that it’s “the leading way to make money in 2021”.

Cryptocurrency 104

Cryptocurrency Malware Hacking 104

Bleeping Computer

FEBRUARY 1, 2023

New stealthy malware designed to hunt down vulnerable Redis servers online has infected over a thousand of them since September 2021 to build a botnet that mines for Monero cryptocurrency. [.]

Malware 102

Malware Cryptocurrency 102

Security Affairs

NOVEMBER 19, 2021

North Korea-linked TA406 APT group has intensified its attacks in 2021, particularly credential harvesting campaigns. A report published by Proofpoint revealed that the North Korea-linked TA406 APT group ( Kimsuky , Thallium , and Konni , Black Banshee, Velvet Chollima) has intensified its operations in 2021. ” reads the report.

Cryptocurrency 102

Cryptocurrency Malware Government Education 102

Security Affairs

NOVEMBER 19, 2024

Ptitsyn and his conspirators used a ransomware-as-a-service (RaaS) model to distribute their malware to a network of affiliates. Affiliates paid fees to administrators like Ptitsyn for decryption keys, with payments routed via unique cryptocurrency wallets from 2021–2024.

Cybercrime 114

Cybercrime Ransomware Healthcare Education 114

SecureList

MARCH 31, 2022

For the Lazarus threat actor, financial gain is one of the prime motivations, with a particular emphasis on the cryptocurrency business. We recently discovered a Trojanized DeFi application that was compiled in November 2021. This malware is a full-featured backdoor containing sufficient capabilities to control the compromised victim.

Malware 145

Malware Encryption Cryptocurrency Architecture 145