Krebs on Security

NOVEMBER 9, 2024

The Federal Bureau of Investigation (FBI) is urging police departments and governments worldwide to beef up security around their email systems, citing a recent increase in cybercriminal services that use hacked police email accounts to send unauthorized subpoenas and customer data requests to U.S.-based based technology companies.

Hacking 278

Hacking Accountability Government Social Engineering 278

SecureList

MARCH 3, 2025

million attacks involving malware, adware or unwanted mobile software were prevented. Adware, the most common mobile threat, accounted for 35% of total detections. million malware, adware or unwanted software attacks targeting mobile devices. The SpyNote RAT was occasionally used as the malware dropper and NFC activator.

Mobile 117

Mobile Malware Adware Banking 117

Krebs on Security

NOVEMBER 1, 2024

” “That said, the phishing attacks stem from partners’ machines being compromised with malware, which has enabled them to also gain access to the partners’ accounts and to send the messages that your reader has flagged,” they continued. A scan of social media networks showed this is not an uncommon scam.

Phishing 260

Phishing Accountability Artificial Intelligence Cybercrime 260

Security Affairs

FEBRUARY 24, 2025

A botnet of 130,000+ devices is attacking Microsoft 365 accounts via password-spraying, bypassing MFA by exploiting basic authentication. SecurityScorecard researchers discovered a botnet of over 130,000 devices that is conducting password-spray attacks against Microsoft 365 (M365) accounts worldwide.

Passwords 118

Passwords Accountability Authentication Malware 118

Security Affairs

OCTOBER 30, 2024

The latest FakeCall malware version for Android intercepts outgoing bank calls, redirecting them to attackers to steal sensitive info and bank funds. Zimperium researchers spotted a new version of the FakeCall malware for Android that hijacks outgoing victims’ calls and redirects them to the attacker’s phone number.

Banking 129

Banking Malware Accountability Phishing 129

Krebs on Security

MARCH 14, 2025

A clever malware deployment scheme first spotted in targeted attacks last year has now gone mainstream. This particular scam usually starts with a website popup that looks something like this: This malware attack pretends to be a CAPTCHA intended to separate humans from bots.

Phishing 264

Phishing Malware Scams Passwords 264

eSecurity Planet

OCTOBER 22, 2024

These malware scams lure individuals with fake conference invitations designed to mimic legitimate meeting requests and exploit users’ trust. You are then guided to execute PowerShell code designed to “fix” the supposed problem, unwittingly allowing malware to infiltrate their systems.

Scams 124

Scams Malware Phishing Social Engineering 124

Schneier on Security

MAY 26, 2022

Brian Krebs has an interesting story of a smart ID card reader with a malware-infested Windows driver, and US government employees who inadvertently buy and use them.

Malware 312

Malware Government Accountability 312

The Last Watchdog

OCTOBER 10, 2024

SpyCloud Investigations is a powerful cybercrime and identity threat investigation solution used by analysts and investigators to discover and act on threats by navigating the world’s largest repository of recaptured breach, malware, and phishing data.

Risk 286

Risk Cybercrime Identity Theft Phishing 286

Krebs on Security

OCTOBER 31, 2022

A 26-year-old Ukrainian man is awaiting extradition from The Netherlands to the United States on charges that he acted as a core developer for Raccoon , a popular “malware-as-a-service” offering that helped paying customers steal passwords and financial data from millions of cybercrime victims. According to the U.S. Image: USDOJ.

Malware 339

Malware Identity Theft Cybercrime Accountability 339

Security Affairs

JANUARY 20, 2025

Researchers linked the threat actor DoNot Teamto a new Android malware that was employed in highly targeted cyber attacks. CYFIRMA researchers linked a recently discovered Android malware to the Indian APT group known as DoNot Team. The group persistently employs similar techniques in their Android malware.”

Malware 113

Malware Cyber Attacks Mobile Phishing 113

Malwarebytes

JANUARY 9, 2025

Small businesses and boutique organizations should use caution when leaning on browser-friendly artificial intelligence (AI) tools to generate ideas, content, and marketing copy, as a set of Google Chrome extensions were recently compromised to deliver info-stealing malware disguised as legitimate updates. million people.

Malware 124

Malware Small Business Artificial Intelligence VPN 124

Schneier on Security

DECEMBER 8, 2022

A bunch of Android OEM signing keys have been leaked or stolen, and they are actively being used to sign malware. The whole system of authentication rests on the assumption that signing keys are kept secret by the legitimate signers.

Malware 336

Malware Authentication Accountability 336

Krebs on Security

JANUARY 7, 2025

Besieged by scammers seeking to phish user accounts over the telephone, Apple and Google frequently caution that they will never reach out unbidden to users this way. The phishers also abused legitimate Google services to send Tony an email from google.com, and to send a Google account recovery prompt to all of his signed-in devices.

Phishing 337

Phishing Cryptocurrency Accountability Social Engineering 337

Security Affairs

FEBRUARY 13, 2025

Valve removed a game from Steam because it contained malware, the company also warned affected users to reformat their operating systems. Valve removed the game PirateFi from the Steam video game platform because it contained a Windows malicious code to steal browser cookies and hijack accounts. Lazzzy.gen.” Lazzzy.gen.”

Malware 108

Malware Antivirus Accountability Software 108

Krebs on Security

FEBRUARY 28, 2024

But clicking the meeting link provided by the scammers prompts the user to run a script that quietly installs malware on macOS systems. The profile also linked to Mr. Lee’s Twitter/X account , which features the same profile image. Sure, Doug said, here’s my Calendly profile, book a time and we’ll do it then.

Malware 326

Malware Cryptocurrency Software Phishing 326

Krebs on Security

NOVEMBER 16, 2022

The Disneyland Team’s Web interface, which allows them to interact with malware victims in real time to phish their login credentials using phony bank websites. ” A fake PNC website overlay or “web inject” displaying a message intended to temporarily prevent the user from accessing their account.

Malware 329

Malware Banking Phishing DDOS 329

Troy Hunt

APRIL 26, 2021

Earlier this year, the FBI in partnership with the Dutch National High Technical Crimes Unit (NHTCU), German Federal Criminal Police Office (BKA) and other international law enforcement agencies brought down what Europol rereferred to as the world's most dangerous malware: Emotet. Change your email account password.

Malware 357

Malware Passwords Banking Password Management 357

Webroot

OCTOBER 31, 2024

In our annual “Nastiest Malware” report, now in its sixth year, we’ve observed a steady increase in both the number and sophistication of malware attacks. Now let’s take a look at this year’s Nastiest Malware. It is the most successful and lucrative avenue for monetizing a breach of a victim.

Malware 104

Malware Ransomware Passwords Healthcare 104

SecureWorld News

MARCH 13, 2025

A recent report from Tenable highlights how DeepSeek R1, an open-source AI model, can generate rudimentary malware, including keyloggers and ransomware. While the AI-generated malware required manual debugging to function properly, its mere existence signals an urgent need for security teams to adapt their defenses.

Malware 104

Malware Cybersecurity Cyber threats Threat Detection 104

Penetration Testing

NOVEMBER 25, 2024

Vietnam has become a hotspot for malicious operations targeting Facebook Business accounts, with threat actors leveraging infostealers like VietCredCare and DuckTail.

Accountability 85

Accountability Malware Cybersecurity 85

Krebs on Security

AUGUST 2, 2022

Compounding the problem, several remaining malware-based proxy services have chosen to block new registrations to avoid swamping their networks with a sudden influx of customers. com , a malware-based proxy network that has been in existence since at least 2010. Last week, a seven-year-old proxy service called 911[.]re

Malware 315

Malware Cybercrime Internet Internet 315

Krebs on Security

APRIL 18, 2023

For the past seven years, a malware-based proxy service known as “ Faceless ” has sold anonymity to countless cybercriminals. The proxy lookup page inside the malware-based anonymity service Faceless. MrMurza also told the admin that his account number at the now-defunct virtual currency Liberty Reserve was U1018928.

Malware 292

Malware Passwords Accountability Advertising 292

Krebs on Security

JANUARY 31, 2025

The FBI and authorities in The Netherlands this week seized dozens of servers and domains for a hugely popular spam and malware dissemination service operating out of Pakistan. “Those payments would instead be redirected to a financial account the perpetrators controlled, resulting in significant losses to victims,” the DOJ wrote.

Phishing 251

Phishing Cybercrime Advertising Malware 251

Krebs on Security

JUNE 1, 2023

This post is a deep dive on “ Megatraffer ,” a veteran Russian hacker who has practically cornered the underground market for malware focused code-signing certificates since 2015. More recently, it appears Megatraffer has been working with ransomware groups to help improve the stealth of their malware. account on Carder[.]su

Malware 301

Malware Cybercrime Software Accountability 301

Krebs on Security

JUNE 21, 2023

If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or “crypt” your malware so that it appears benign to antivirus and security products. This story explores the history and identity behind Cryptor[.]biz WHO RUNS CRYPTOR[.]BIZ?

Malware 271

Malware Antivirus Cybercrime Hacking 271

Security Affairs

MARCH 30, 2025

Cybersecurity and Infrastructure Security Agency (CISA) warns of RESURGE malware, targeting a vulnerability in Ivanti Connect Secure (ICS) appliances. Cybersecurity and Infrastructure Security Agency (CISA) published a Malware Analysis Report (MAR) on a new malware called RESURGE.

Malware 69

Malware Authentication Cybersecurity Encryption 69

Krebs on Security

MAY 17, 2022

The consensus seems to be that the ZIP file currently harbors a malware threat known as Ramnit , a fairly common but dangerous trojan horse that spreads by appending itself to other files. He said Saicoo did not address his concern that the driver package on its website was bundled with malware. Image: Virustotal.com.

Malware 355

Malware Government Internet Internet 355

Malwarebytes

MARCH 26, 2025

Monitor your accounts. Check your accounts periodically for unexpected changes and notifications of suspicious login attempts. Use a different password for every online account. Choose a strong password that you dont use for anything else. Better yet, let a password manager choose one for you.

Phishing 112

Phishing Malware Passwords Password Management 112

Security Affairs

OCTOBER 29, 2024

RedLine and META targeted millions of victims worldwide, according to Eurojust it was one of the largest malware platforms globally. Authorities discovered that over 1 200 servers in dozens of countries were running the malware. ESET released a free online scanner for Redline and META that can help users detect and remove malware.

Identity Theft 123

Identity Theft Passwords Malware Banking 123

Malwarebytes

JANUARY 3, 2025

The archives are offered for download on various locations like Dropbox, Catbox, and often on the Discord content delivery network (CDN), by using compromised accounts which add extra credibility. One of the main interests for the stealers seem to be Discord credentials which can be used to expand the network of compromised accounts.

Scams 141

Scams Identity Theft Media Accountability 141

eSecurity Planet

MARCH 14, 2025

A recent phishing campaign has raised alarms among cybersecurity professionals after it impersonated Booking.com to deliver a suite of credential-stealing malware. Heres what comes next: These emails lure victims with urgent requests, from resolving guest review issues to verifying account information.

Phishing 66

Phishing Malware Social Engineering Authentication 66

Schneier on Security

OCTOBER 30, 2024

Typically, I create the public and private keypair on my laptop and upload the public key to Amazon, which bakes my public key into the server’s administrator account. My laptop and that remove server are thus entangled, in that the only way to log into the server is using the key on my laptop.

Accountability 173

Accountability Risk Malware Hacking 173

Schneier on Security

MAY 20, 2021

Using these sneaky methods, trojan operators will implant the malware onto a target device, where it will install a sophisticated backdoor that “contains more than 100 commands and allows the attackers to steal online banking account credentials,” the researchers write. Research report.

Banking 363

Banking Malware Accountability 363

Security Affairs

NOVEMBER 5, 2024

The ToxicPanda Android malware has infected over 1,500 devices, enabling attackers to perform fraudulent banking transactions. Cleafy researchers spotted a new Android banking malware, dubbed ToxicPanda, which already infected over 1,500 Android devices. ” reads the report published by Cleafy. ” continues the report.

Banking 119

Banking Malware Accountability Authentication 119

Krebs on Security

FEBRUARY 4, 2025

The FBI joined authorities across Europe last week in seizing domain names for Cracked and Nulled , English-language cybercrime forums with millions of users that trafficked in stolen data, hacking tools and malware. The email address used for those accounts was f.grimpe@gmail.com. lol and nulled[.]it.

eCommerce 202

eCommerce Cybercrime Accountability Passwords 202

Troy Hunt

FEBRUARY 25, 2025

By doing dumb stuff like this: “Around October I downloaded a pirated version of Adobe AE and after that a trojan got into my pc” pic.twitter.com/igEzOayCu6 — Troy Hunt (@troyhunt) August 5, 2024 So now this guy has malware running on his PC which is siphoning up all his credentials as they're entered into websites.

Passwords 343

Passwords Accountability VPN Malware 343