SecureList

MARCH 25, 2025

Note that for mobile banking malware, we retrospectively revised the 2023 numbers to provide more accurate statistics. Note that for mobile banking malware, we retrospectively revised the 2023 numbers to provide more accurate statistics. Cryptocurrency phishing saw an 83.37% year-over-year increase in 2024, with 10.7

Phishing 72

Phishing Banking Scams Mobile 72

Digital Shadows

JANUARY 22, 2025

Phishing Remains Top Tactic, Fueled by Teams Abuse Figure 1: Top attack techniques in true-positive customer incidents for finance & insurance sector, H2 2024 vs H2 2023 Phishing dominated cyber attacks in H2 2024, accounting for over 90% of incidents across industries due to its simplicity and effectiveness.

Insurance 64

Insurance Phishing Social Engineering Engineering 64

Krebs on Security

FEBRUARY 28, 2024

Malicious hackers are targeting people in the cryptocurrency space in attacks that start with a link added to the target’s calendar at Calendly , a popular application for scheduling appointments and meetings. The attackers impersonate established cryptocurrency investors and ask to schedule a video conference call. capital).

Malware 332

Malware Cryptocurrency Software Phishing 332

Krebs on Security

NOVEMBER 5, 2024

At the end of 2023, malicious hackers learned that many large companies had uploaded huge volumes of sensitive customer data to Snowflake accounts that were protected with little more than a username and password (no multi-factor authentication required). Bloomberg first reported Moucka’s alleged ties to the Snowflake hacks on Monday.

Cybercrime 280

Cybercrime Mobile Media Hacking 280

SecureList

JULY 5, 2023

The higher the global popularity of cryptocurrencies and the more new ways of storing them, the wider the arsenal of tools used by malicious actors who are after digital money. This story covers two fundamentally different methods of email attacks on the two most popular ways of storing cryptocurrency: hot and cold wallets.

Scams 132

Scams Phishing Cryptocurrency Social Engineering 132

Krebs on Security

JANUARY 30, 2024

authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. stole at least $800,000 from at least five victims between August 2022 and March 2023. 9, 2024, U.S. technology companies during the summer of 2022.

Social Engineering 358

Social Engineering Mobile Passwords Cybercrime 358

Krebs on Security

AUGUST 25, 2023

Security consulting giant Kroll disclosed today that a SIM-swapping attack against one of its employees led to the theft of user information for multiple cryptocurrency platforms that are relying on Kroll services in their ongoing bankruptcy proceedings. ” A phishing message targeting FTX users that went out en masse today.

Mobile 235

Mobile Cyber Risk Data breaches Cryptocurrency 235

Krebs on Security

JULY 15, 2024

The Squarespace domain hijacks, which took place between July 9 and July 12, appear to have mostly targeted cryptocurrency businesses, including Celer Network , Compound Finance , Pendle Finance , and Unstoppable Domains. Squarespace has not responded to a request for comment, nor has it issued a statement about the attacks.

Accountability 332

Accountability Cryptocurrency Passwords DNS 332

SecureList

NOVEMBER 9, 2022

What cyberthreats for business will be the greatest in 2023? The ongoing geopolitical storm brings not only classical cyberthreats for business, but also unpredictable risks and ‘black swans’ The main problem for 2023 will be supply-chain stability and cybersecurity. Threat modeling approaches will be changed in 2023.

Cybersecurity 145

Cybersecurity Cyber Insurance Cybercrime IoT 145

SecureList

MARCH 3, 2025

Some time later, the user received a phishing link to download malware disguised as a shipment tracking app. The phishing link as seen in the chat with the fraudsters See translation Your order has shipped. The scammers employed phishing websites to spread malicious mods of the legitimate app NFCGate. 1 Trojan.AndroidOS.Triada.ga

Mobile 117

Mobile Malware Adware Banking 117

Bleeping Computer

JANUARY 1, 2024

In 2023, we saw numerous law enforcement operations targeting cybercrime operations, including cryptocurrency scams, phishing attacks, credential theft, malware development, and ransomware attacks. [.]

Cybercrime 92

Cybercrime Cryptocurrency Scams Phishing 92

Security Affairs

NOVEMBER 20, 2023

The DarkCasino APT group leveraged a recently disclosed WinRAR zero-day vulnerability tracked as CVE-2023-38831. Researchers at cybersecurity firm NSFOCUS analyzed DarkCasino attack pattern exploiting the WinRAR zero-day vulnerability tracked as CVE-2023-38831. ” reads the report published by NSFOCUS.

Phishing 145

Phishing Financial Services Cryptocurrency Technology 145

Malwarebytes

DECEMBER 20, 2022

If you’re a user of the Gemini cryptocurrency exchange, it’s time to be on your guard against phishing attacks. Gemini is now offering security advice and tips to guard against phishing attacks for anyone contained in the data. Breaches in cryptocurrency land are always a major issue.

Cryptocurrency 90

Cryptocurrency Phishing Scams Accountability 90

Krebs on Security

AUGUST 29, 2023

QakBot is most commonly delivered via email phishing lures disguised as something legitimate and time-sensitive, such as invoices or work orders. Qakbot/Qbot was once again the top malware loader observed in the wild in the first six months of 2023. Source: Reliaquest.com. ” The DOJ said it also recovered more than 6.5

Hacking 314

Hacking Malware Ransomware Government 314

Malwarebytes

FEBRUARY 19, 2025

Some info stealers dont even require an additional stepthey can take cryptocurrency directly from a victims online accounts. That means that, for instance, ransomware that works on a Windows laptop doesnt automatically work on a Mac laptop, and likewise, a phishing app developed for Android devices doesnt work on iPhones.

Malware 124

Malware Software Passwords Cryptocurrency 124

SecureList

FEBRUARY 16, 2023

Short-lived phishing sites often offered to see the premieres before the eagerly awaited movie or television show was scheduled to hit the screen. These sites referenced public figures and humanitarian groups, offering to accept cash in cryptocurrency, something that should have raised a red flag in itself.

Phishing 118

Phishing Scams Accountability Energy and Utilities 118

CyberSecurity Insiders

DECEMBER 18, 2022

A look ahead to 2023 we can expect to see changes in MFA, continued Hactivism from non-state actors, CISOs lean in on more proactive security and crypto-jackers will get more savvy. The hijacking of computer resources to mine cryptocurrencies is one of the fastest growing types of cyber-threats globally.

Cybersecurity 125

Cybersecurity CISO Insurance Ransomware 125

Krebs on Security

DECEMBER 29, 2022

I will also continue to post on LinkedIn about new stories in 2023. You just knew 2022 was going to be The Year of Crypto Grift when two of the world’s most popular antivirus makers — Norton and Avira — kicked things off by installing cryptocurrency mining programs on customer computers.

Cryptocurrency 295

Cryptocurrency Cybercrime Computers and Electronics Scams 295

SecureList

NOVEMBER 22, 2022

A look back on the year 2022 and what to expect in 2023. This report assesses how accurately we predicted the developments in the financial threats landscape in 2022 and ponder at what to expect in 2023. Cryptocurrency targeted attacks. Analysis of forecasts for 2022. Rise and consolidation of information stealers.

Cryptocurrency 107

Cryptocurrency Mobile Ransomware Banking 107

Security Affairs

MARCH 13, 2025

The group’s affiliates gain access to victims using phishing campaigns to steal credentials and exploiting unpatched software vulnerabilities. Notably, they target CVE-2024-1709 (ScreenConnect authentication bypass) and CVE-2023-48788 (Fortinet EMS SQL injection) to infiltrate systems.

Ransomware 68

Ransomware Encryption Cryptocurrency Insurance 68

SecureList

DECEMBER 1, 2023

Analysis of samples exploiting CVE-2023-23397 vulnerability On March 14, Microsoft reported a critical Elevation of Privilege (EoP) vulnerability (CVE-2023-23397) in the Outlook client. This feature bypass vulnerability (CVE-2023-29324) was itself patched in May. The end result is the DarkGate loader.

Malware 138

Malware Ransomware Encryption Energy and Utilities 138

Security Affairs

AUGUST 16, 2023

A phishing campaign employing QR codes targeted a leading energy company in the US, cybersecurity firm Cofense reported. “Beginning in May 2023, Cofense has observed a large phishing campaign utilizing QR codes targeting the Microsoft credentials of users from a wide array of industries.”

Phishing 98

Phishing Energy and Utilities Insurance Manufacturing 98

The Hacker News

JANUARY 15, 2024

The operators behind the now-defunct Inferno Drainer created more than 16,000 unique malicious domains over a span of one year between 2022 and 2023.

Cryptocurrency 109

Cryptocurrency Malware Phishing 109

Security Affairs

JANUARY 11, 2024

Last week, threat actors hacked the X account of cybersecurity firm Mandiant and used it to impersonate the Phantom crypto platform and share a cryptocurrency scam. Multiple threat actors have conducted campaigns since December 2023 that use the CLINKSINK drainer to steal funds and tokens from Solana (SOL) cryptocurrency users.

Accountability 134

Accountability Hacking Cryptocurrency Cybersecurity 134

Security Affairs

JANUARY 2, 2024

Palo Alto Networks’s Unit 42 first observed the malware in November 2023 reporting that it has been advertised on the hacking forum Hackforums since April 30, 2023. The attack spotted by the researchers used phishing messages posing as Abu Dhabi National Oil Company (ADNOC). net on 2023-04-30.

Malware 139

Malware Passwords Cryptocurrency Hacking 139

SecureList

JUNE 7, 2023

IT threat evolution Q1 2023 IT threat evolution Q1 2023. Non-mobile statistics IT threat evolution Q1 2023. Quarterly figures According to Kaspersky Security Network, in Q1 2023: 4,948,522 mobile malware, adware and riskware attacks were blocked. million attacks in Q1 2023. and Trojan.AndroidOS.Adinstall.l.

Mobile 88

Mobile Adware Banking Malware 88

Krebs on Security

SEPTEMBER 13, 2024

A cyberattack that shut down two of the top casinos in Las Vegas last year quickly became one of the most riveting security stories of 2023: It was the first known case of native English-speaking hackers in the United States and Britain teaming up with ransomware gangs based in Russia. Image: Shutterstock.

Cybercrime 326

Cybercrime Accountability Mobile Hacking 326

SecureList

JUNE 7, 2023

Mobile statistics Targeted attacks BlueNoroff introduces new methods bypassing MotW At the close of 2022, we reported the recent activities of BlueNoroff , a financially motivated threat actor known for stealing cryptocurrency. However, in the recent campaign, the attackers used a Trojanized version of the Tor Browser to steal cryptocurrency.

DNS 105

DNS Malware Cryptocurrency Retail 105

Security Affairs

JANUARY 15, 2024

Threat actors exploit a recent Windows SmartScreen bypass flaw CVE-2023-36025 to deliver the Phemedrone info stealer. Trend Micro researchers uncovered a malware campaign exploiting the vulnerability CVE-2023-36025 (CVSS score 8.8) ” The malicious URL files exploiting CVE-2023-36025 reference Discord or other cloud services. .

Malware 137

Malware Cryptocurrency Media Phishing 137

SecureList

FEBRUARY 21, 2025

Angry Likho (referred to as Sticky Werewolf by some vendors) is an APT group we’ve been monitoring since 2023. Technical details Initial attack vector The initial attack vector used by Angry Likho consists of standardized spear-phishing emails with various attachments.

Phishing 84

Phishing Encryption Banking Malware 84

Security Affairs

SEPTEMBER 17, 2023

The North Korea-linked APT group Lazarus has stolen more than $240 million worth of cryptocurrency since June 2023, researchers warn. The group is also suspected to have recently stolen $31 million from the professional global cryptocurrency exchange CoinEx. ” states Elliptic.

Cryptocurrency 139

Cryptocurrency Social Engineering Hacking Engineering 139

SecureWorld News

AUGUST 29, 2023

An advisory from the company states that a "highly sophisticated" SIM swapping attack targeted one of Kroll's employees, resulting in unauthorized access to personal information related to bankruptcy claimants associated with cryptocurrency firms FTX, BlockFi, and Genesis.

Cryptocurrency 103

Cryptocurrency Phishing Social Engineering Accountability 103

Webroot

OCTOBER 31, 2024

The rise of AI-driven phishing and social engineering, increased targeting of critical infrastructure, and the emergence of more sophisticated fileless malware are all trends that have shaped the cybersecurity battlefield this year. Let’s take a look at what the payment numbers look like so far in 2024.

Malware 108

Malware Ransomware Passwords Healthcare 108

SecureList

AUGUST 30, 2023

IT threat evolution in Q2 2023 IT threat evolution in Q2 2023. Non-mobile statistics IT threat evolution in Q2 2023. While investigating an infection of a cryptocurrency company in Southeast Asia, we found Gopuram coexisting on target computers with AppleJeus , a backdoor attributed to the Lazarus.

Malware 98

Malware Spyware Government Cryptocurrency 98

Security Affairs

DECEMBER 15, 2023

GokuMarket, a cryptocurrency exchange, was recently acquired by Canada-based crypto exchange ByteX. GokuMarket’s exposed database was discovered in October 2023 and secured the next day after researchers sent a responsible disclosure note.

Passwords 130

Passwords Cryptocurrency Scams Mobile 130

Security Affairs

AUGUST 6, 2023

Reptile Rootkit employed in attacks against Linux systems in South Korea New PaperCut flaw in print management software exposes servers to RCE attacks A cyberattack impacted operations of multiple hospitals in several US states Married couple pleaded guilty to laundering billions in cryptocurrency stolen from Bitfinex in 2016 Malicious packages in (..)

Malware 98

Malware Cybercrime Cryptocurrency Social Engineering 98

Security Affairs

AUGUST 1, 2023

Researchers spotted a Python variant of the NodeStealer that was designed to take over Facebook business accounts and cryptocurrency wallets. Palo Alto Network Unit 42 discovered a previously unreported phishing campaign that distributed a Python variant of the NodeStealer. ” reads the analysis published by Palo Alto Networks.

Accountability 98

Accountability Cryptocurrency Malware Phishing 98