Accountability, Malware and Media - Cyber Security Informer

Booking.com Phishers May Leave You With Reservations

Krebs on Security

NOVEMBER 1, 2024

” “That said, the phishing attacks stem from partners’ machines being compromised with malware, which has enabled them to also gain access to the partners’ accounts and to send the messages that your reader has flagged,” they continued. A scan of social media networks showed this is not an uncommon scam.

Phishing

Phishing Accountability Artificial Intelligence Cybercrime

Sendgrid Under Siege from Hacked Accounts

Krebs on Security

AUGUST 28, 2020

Email service provider Sendgrid is grappling with an unusually large number of customer accounts whose passwords have been cracked, sold to spammers, and abused for sending phishing and email malware attacks. “And I just am not seeing anything this egregious in terms of viruses and spams from the other email service providers.”

Accountability

Accountability Hacking Authentication Marketing

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Krebs on Security

NOVEMBER 9, 2024

The Federal Bureau of Investigation (FBI) is urging police departments and governments worldwide to beef up security around their email systems, citing a recent increase in cybercriminal services that use hacked police email accounts to send unauthorized subpoenas and customer data requests to U.S.-based based technology companies.

Hacking

Hacking Accountability Government Social Engineering

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

News alert: SpyCloud study shows gaps in EDR, antivirus — 66% of malware infections missed

The Last Watchdog

APRIL 7, 2025

Despite advanced AI detection and telemetry analysis offered in todays EDR solutions, modern infostealer malware is designed to evade even the most sophisticated defenses, using tactics like polymorphic malware, memory-only execution, and exploitation of zero-day vulnerabilities or outdated software.

Antivirus

Antivirus Malware Cybercrime Identity Theft

Zoom attack tricks victims into allowing remote access to install malware and steal money

Malwarebytes

APRIL 24, 2025

ELUSIVE COMET targets its victims by luring them into a Zoom video call and then taking over their PC to install malware, infiltrate their accounts, and steal their assets. The group typically approaches victims with a supposed media opportunity to get them interested, and then sets up an introductory Zoom call.

Malware

Malware Media Accountability Cryptocurrency

FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang

Krebs on Security

JANUARY 31, 2025

The FBI and authorities in The Netherlands this week seized dozens of servers and domains for a hugely popular spam and malware dissemination service operating out of Pakistan. “Those payments would instead be redirected to a financial account the perpetrators controlled, resulting in significant losses to victims,” the DOJ wrote.

Phishing

Phishing Cybercrime Advertising Malware

“Can you try a game I made?” Fake game sites lead to information stealers

Malwarebytes

JANUARY 3, 2025

The archives are offered for download on various locations like Dropbox, Catbox, and often on the Discord content delivery network (CDN), by using compromised accounts which add extra credibility. One of the main interests for the stealers seem to be Discord credentials which can be used to expand the network of compromised accounts.

Scams

Scams Identity Theft Media Accountability

New FFDroider Malware Is Targeting Social Media Platform Users

Heimadal Security

APRIL 7, 2022

FFDroider, a recently discovered information stealer malware, steals credentials and cookies saved in web browsers in order to hijack targets’ Facebook, Instagram, and Twitter accounts. These verified accounts become […]. These verified accounts become […].

Media

Media Malware Cryptocurrency Accountability

Giving a Face to the Malware Proxy Service ‘Faceless’

Krebs on Security

APRIL 18, 2023

For the past seven years, a malware-based proxy service known as “ Faceless ” has sold anonymity to countless cybercriminals. The proxy lookup page inside the malware-based anonymity service Faceless. as a media sharing device on a local network that was somehow exposed to the Internet. Image: spur.us.

Malware

Malware Passwords Accountability Advertising

Crazy Evil gang runs over 10 highly specialized social media scams

Security Affairs

FEBRUARY 3, 2025

The Russian-speaking Crazy Evil group runs over 10 social media scams, tricking victims into installing StealC, AMOS, and Angel Drainer malware. Since 2021, the Crazy Evil gang has become a major cybercriminal group, using phishing, identity fraud, and malware to steal cryptocurrency.

Scams

Scams Media Cryptocurrency Cybercrime

Credential-stealing malware disguises itself as Telegram, targets social media users

Malwarebytes

APRIL 11, 2022

A credential-stealing Windows-based malware, Spyware.FFDroider , is after social media credentials and cookies, according to researchers at ThreatLabz. The malware also plans to steal saved VPN/dial up credentials from the AppdataMicrosoftNetworkConnectionsPbkrasphone.pbk and Pbkrasphone.pbk phonebooks if present. Social media.

Media

Media Malware Spyware Accountability

International law enforcement operation dismantled RedLine and Meta infostealers

Security Affairs

OCTOBER 29, 2024

RedLine and META targeted millions of victims worldwide, according to Eurojust it was one of the largest malware platforms globally. Authorities discovered that over 1 200 servers in dozens of countries were running the malware. ESET released a free online scanner for Redline and META that can help users detect and remove malware.

Identity Theft

Identity Theft Passwords Malware Banking

Fake Booking.com phish uses fake CAPTCHAs to trick hotel staff into downloading malware

Malwarebytes

MARCH 26, 2025

Our free Digital Footprint scan searches the dark web, social media, and other online sources, to tell you where your data has been exposed. Monitor your accounts. Check your accounts periodically for unexpected changes and notifications of suspicious login attempts. Use a different password for every online account.

Phishing

Phishing Malware Passwords Password Management

Americans urged to use encrypted messaging after large, ongoing cyberattack

Malwarebytes

DECEMBER 5, 2024

Volt Typhoon made headlines earlier this year when the FBI removed their malware from hundreds of routers across the US. We don’t just report on threats – we help protect your social media Cybersecurity risks should never spread beyond a headline.

Encryption

Encryption Identity Theft Media Telecommunications

Iran and China-linked actors used ChatGPT for preparing attacks

Security Affairs

OCTOBER 11, 2024

“CyberAv3nger accounts also asked our models high-level questions about how to obfuscate malicious code, how to use various security tools often associated with post-compromise activity, and for information on both recently disclosed and older vulnerabilities from a range of products.” ” reads the OpenAI’s report.

Malware

Malware Social Engineering Engineering Hacking

EDR-as-a-Service makes the headlines in the cybercrime landscape

Security Affairs

APRIL 7, 2025

Cybercriminals exploit compromised accounts for EDR-as-a-Service (Emergency Data Requests – EDR), targeting major platforms According to a detailed analysis conducted by Meridian Group, an increasingly complex and structured phenomenon, commonly referred to as EDR-as-a-Service, is taking hold in the cybersecurity landscape.

Cybercrime

Cybercrime Social Engineering Accountability Government

New AI “agents” could hold people for ransom in 2025

Malwarebytes

FEBRUARY 4, 2025

And yet, if artificial intelligence achieves what is called an agentic model in 2025, novel and boundless attacks could be within reach, as AI tools take on the roles of agents that independently discover vulnerabilities, steal logins, and pry into accounts. You can find the full 2025 State of Malware report here.

Artificial Intelligence

Artificial Intelligence Small Business Malware Technology

How threat actors can use generative artificial intelligence?

Security Affairs

DECEMBER 1, 2024

Deepfakes are media content—such as videos, images, or audio—created using GAI to realistically manipulate faces, voices, or even entire events. For example, these campaigns leverage fake social media accounts to post questions and comments about divisive internal issues in the U.S.

Artificial Intelligence

Artificial Intelligence Phishing Media Cyber threats

News alert: SpyCloud operationalizes darknet data, pioneers shift to holistic identity threat protection

The Last Watchdog

FEBRUARY 4, 2025

Identity security vendors have focused narrowly on securing corporate accounts, leaving organizations vulnerable to cybercriminals exploiting the broader identity exposures of employees, consumers, and suppliers. A shift to an identity-centric perspective is needed, particularly as the scope of identity exposures continues to grow. .

Cybercrime

Cybercrime Accountability Phishing Malware

Marcus “MalwareTech” Hutchins Pleads Guilty to Writing, Selling Banking Malware

Krebs on Security

APRIL 19, 2019

Marcus Hutchins, a 24-year-old blogger and malware researcher arrested in 2017 for allegedly authoring and selling malware designed to steal online banking credentials, has pleaded guilty to criminal charges of conspiracy and to making, selling or advertising illegal wiretapping devices. It remains unclear when he will be sentenced.

Banking

Banking Malware Advertising Government

Phishing evolves beyond email to become latest Android app threat

Malwarebytes

FEBRUARY 11, 2025

In 2024, Malwarebytes detected more than 22,800 phishing apps on Android, according to the recent 2025 State of Malware report. With vigilance, safe behavior, and some extra support, you can avoid Android phishing apps and protect your accounts from cybercriminals. The lure that convinces people to download these apps varies.

Phishing

Phishing Passwords Mobile Authentication

8Base ransomware group hacked Croatia’s Port of Rijeka

Security Affairs

DECEMBER 7, 2024

The 8Base ransomware group attacked Croatia’s Port of Rijeka, stealing sensitive data, including contracts and accounting info. The ransomware gang claims to have stolen sensitive data including accounting info and contracts. The Port of Rijeka (Luka Rijeka d.d.),

Ransomware

Ransomware Hacking Accountability Cyber Attacks

BingoMod Android RAT steals money from victims’ bank accounts and wipes data

Security Affairs

JULY 31, 2024

BingoMod is a new Android malware that can wipe devices after stealing money from the victims’ bank accounts. Researchers at Cleafy discovered a new Android malware, called ‘BingoMod,’ that can wipe devices after successfully stealing money from the victims’ bank accounts.

Banking

Banking Accountability Malware Mobile

Ransomware Group Turns to Facebook Ads

Krebs on Security

NOVEMBER 10, 2020

Now, one crime group has started using hacked Facebook accounts to run ads publicly pressuring their ransomware victims into paying up. 3 that its computer systems had been sidelined by a malware attack. The Facebook ad blitz was paid for by Hodson Event Entertainment , an account tied to Chris Hodson , a deejay based in Chicago.

Ransomware

Ransomware Accountability Hacking Advertising

No need to RSVP: a closer look at the Tria stealer campaign

SecureList

JANUARY 30, 2025

Our investigation suggests that this campaign is likely operated by an Indonesian-speaking threat actor, as we found artifacts written in the Indonesian language, namely several unique strings embedded in the malware and the naming pattern of the Telegram bots that are used for hosting C2 servers. Contact me at ‘[link].

Accountability

Accountability Malware Banking Phishing

Patch Tuesday, April 2025 Edition

Krebs on Security

APRIL 8, 2025

Eleven of those flaws earned Microsoft’s most-dire “critical” rating, meaning malware or malcontents could exploit them with little to no interaction from Windows users. The zero-day flaw already seeing exploitation is CVE-2025-29824 , a local elevation of privilege bug in the Windows Common Log File System (CLFS) driver.

Software

Software Media Internet Internet

The 3 biggest cybersecurity threats to small businesses

Malwarebytes

MAY 1, 2025

Phishing In phishing scams, cybercriminals trick people and businesses into handing over sensitive information like credit card numbers or login details for vital online accounts. Lured in by similar color schemes, company logos, and familiar layouts, victims log in to their account by entering their username and password.

Small Business

Small Business Cybersecurity Passwords Scams

Who Wrote the ALPHV/BlackCat Ransomware Strain?

Krebs on Security

JANUARY 28, 2022

One concern about more malware shifting to Rust is that it is considered a much more secure programming language compared to C and C++, writes Catalin Cimpanu for The Record. ” YBCat mostly sold “installs,” offering paying customers to ability to load malware of their choice on thousands of hacked computers simultaneously.

Ransomware

Ransomware Accountability Cybercrime Malware

Hackers Exploit Zoom's Remote Control Feature in Cryptocurrency Heists

SecureWorld News

APRIL 22, 2025

Attack methodology: a step-by-step breakdown The Elusive Comet campaign begins with cybercriminals impersonating venture capitalists, media representatives, or business partners to lure cryptocurrency professionals into Zoom meetings.

Cryptocurrency

Cryptocurrency Social Engineering Cybercrime Engineering

Macs targeted by info stealers in new era of cyberthreats

Malwarebytes

FEBRUARY 19, 2025

These findings come from the 2025 State of Malware report. The threat of info stealers Info stealers are a type of malware that do exactly as they saythey steal information from peoples devices. But the variety of information that these pieces of malware can steal makes them particularly dangerous.

Malware

Malware Software Passwords Cryptocurrency

3CX Breach Was a Double Supply Chain Compromise

Krebs on Security

APRIL 20, 2023

Researchers at ESET say this job offer from a phony HSBC recruiter on LinkedIn was North Korean malware masquerading as a PDF file. Mandiant found the compromised 3CX software would download malware that sought out new instructions by consulting encrypted icon files hosted on GitHub. Image: Mandiant.

Malware

Malware Software Technology Accountability

U.S. Govt. Apps Bundled Russian Code With Ties to Mobile Malware Developer

Krebs on Security

NOVEMBER 28, 2022

But that story omitted an important historical detail about Pushwoosh: In 2013, one of its developers admitted to authoring the Pincer Trojan , malware designed to surreptitiously intercept and forward text messages from Android mobile devices. But Reuters found that while Pushwoosh’s social media and U.S.

Mobile

Mobile Malware Technology Government

National Consumer Protection Week: Keeping your personal data safe in a digitally connected world

Webroot

MARCH 3, 2025

Common attacks to consumer protection Identity theft and fraud Some common types of identity theft and fraud include account takeover fraud , when criminals use stolen personal information such as account numbers, usernames, or passwords to hijack bank accounts, credit cards, and even email and social media accounts.

Consumer Protection

Consumer Protection Identity Theft Scams Social Engineering

WhatsApp disrupted a hacking campaign targeting journalists with Paragon spyware

Security Affairs

FEBRUARY 2, 2025

Meta announced the disruption of a malware campaign via WhatsApp that targeted journalists with the Paragon spyware. Meta announced that discovered and dismantled a malware campaign via WhatsApp that targeted journalists and civil society members with the Paragon spyware (aka Graphite).

Spyware

Spyware Hacking Surveillance Malware

Chinese threat actors use Quad7 botnet in password-spray attacks

Security Affairs

NOVEMBER 3, 2024

The operators maintain the botnet to launch distributed brute-force attacks on VPNs, Telnet, SSH, and Microsoft 365 accounts. Some of these clusters specifically target Axentra media servers, Ruckus wireless routers and Zyxel VPN appliances. These routers are used to relay brute-force attacks on Microsoft 365 accounts.

Passwords

Passwords Wireless VPN Accountability

News alert: SpyCloud study shows Darknet identity exploitation arising to become a primary cyber risk

The Last Watchdog

MARCH 19, 2025

Holistic Identity: The New Cyber Battleground Organizations have traditionally focused on securing individual account credentials, but SpyClouds research indicates that cybercriminals have expanded their tactics beyond conventional account takeover. ” Additional Report Findings: 17.3 ” Additional Report Findings: 17.3

Cyber Risk

Cyber Risk Risk Phishing Cybercrime

Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack

Krebs on Security

SEPTEMBER 17, 2020

The government alleges the men used malware-laced phishing emails and “supply chain” attacks to steal data from companies and their customers. ” Once inside of a target organization, the hackers stole source code, software code signing certificates, customer account data and other information they could use or resell.

Antivirus

Antivirus Hacking Software Government

DUCKTAIL operation targets Facebook’s Business and Ad accounts

Security Affairs

JULY 27, 2022

Researchers uncovered an ongoing operation, codenamed DUCKTAIL that targets Facebook Business and Ad Accounts. “Our investigation reveals that the threat actor has been actively developing and distributing malware linked to the DUCKTAIL operation since the latter half of 2021. . ” reads the report published by the experts.

Accountability

Accountability Malware Media Marketing

How to Avoid Being Scammed When Giving Charity

Joseph Steinberg

NOVEMBER 30, 2021

Initiate contact with a charity via its website/listed phone number/physical address/official social media accounts; never send payment details to anyone who initiates contact with you and claims to represent a charity. Also, keep in mind that image links could point to malware-spreading sites. Use credit cards for donations.

Scams

Scams Artificial Intelligence Media Cryptocurrency

Vietnamese Cybercriminals Targeting Facebook Business Accounts with Malvertising

The Hacker News

SEPTEMBER 4, 2023

Malicious actors associated with the Vietnamese cybercrime ecosystem are leveraging advertising-as-a-vector on social media platforms such as Meta-owned Facebook to distribute malware.

Accountability

Accountability Scams Cybercrime Advertising

How to secure your Twitter Account from Hacking

Hacker's King

JANUARY 1, 2025

In today's world, social media platforms like Twitter have become a huge part of our lives as we keep them updated about ourselves. We use Twitter, which can be defined as a famous social media platform and microblogging service that we use to share small messagestweetsto keep everyone updated. Be cautious with public Wi-Fi.

Accountability

Accountability Hacking Passwords Scams

Security Affairs newsletter Round 493 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

OCTOBER 13, 2024

The Mexican Drug Cartels Want You Casio: Notice of Partial Service Outage and Information Leak Caused by Ransomware Attack He founded a “startup” to access sanctioned Russian websites: the cyber police of Khmelnytskyi region exposed the hacker Hacked ‘AI Girlfriend’ Data Shows Prompts Describing Child Sexual Abuse Malware Over 300,000!

Data breaches

Data breaches Cryptocurrency Cybercrime Artificial Intelligence

IT threat evolution in Q3 2024. Non-mobile statistics

SecureList

NOVEMBER 29, 2024

The third quarter’s most prolific ransomware gang was RansomHub, which accounted for 17.75% of all victims. Kaspersky solutions worldwide detected this type of malware on 297,485 unique user devices. This malware also possessed the capability to install a backdoor on compromised systems. 2 Tajikistan 1.63 4 Ethiopia 1.30

Mobile

Mobile Adware Ransomware Malware

10 Behaviors That Will Reduce Your Risk Online

Daniel Miessler

MAY 14, 2020

Good passwords are long, random, and unique to each account, which means it’s impossible for a human to manage them on their own. Pick either 1Password or LastPass , go through all your accounts, and for each one…reset the password to something created by (and stored in) your password manager. Automatic Logins Using Lastpass.

Risk

Risk Passwords Password Management Accountability

Booking.com Phishers May Leave You With Reservations

Sendgrid Under Siege from Hacked Accounts

Webinars

Trending Sources

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Webinars

News alert: SpyCloud study shows gaps in EDR, antivirus — 66% of malware infections missed

Zoom attack tricks victims into allowing remote access to install malware and steal money

FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang

“Can you try a game I made?” Fake game sites lead to information stealers

New FFDroider Malware Is Targeting Social Media Platform Users

Giving a Face to the Malware Proxy Service ‘Faceless’

Crazy Evil gang runs over 10 highly specialized social media scams

Credential-stealing malware disguises itself as Telegram, targets social media users

International law enforcement operation dismantled RedLine and Meta infostealers

Fake Booking.com phish uses fake CAPTCHAs to trick hotel staff into downloading malware

Americans urged to use encrypted messaging after large, ongoing cyberattack

Iran and China-linked actors used ChatGPT for preparing attacks

EDR-as-a-Service makes the headlines in the cybercrime landscape

New AI “agents” could hold people for ransom in 2025

How threat actors can use generative artificial intelligence?

News alert: SpyCloud operationalizes darknet data, pioneers shift to holistic identity threat protection

Marcus “MalwareTech” Hutchins Pleads Guilty to Writing, Selling Banking Malware

Phishing evolves beyond email to become latest Android app threat

8Base ransomware group hacked Croatia’s Port of Rijeka

BingoMod Android RAT steals money from victims’ bank accounts and wipes data

Ransomware Group Turns to Facebook Ads

No need to RSVP: a closer look at the Tria stealer campaign

Patch Tuesday, April 2025 Edition

The 3 biggest cybersecurity threats to small businesses

Who Wrote the ALPHV/BlackCat Ransomware Strain?

Hackers Exploit Zoom's Remote Control Feature in Cryptocurrency Heists

Macs targeted by info stealers in new era of cyberthreats

3CX Breach Was a Double Supply Chain Compromise

U.S. Govt. Apps Bundled Russian Code With Ties to Mobile Malware Developer

National Consumer Protection Week: Keeping your personal data safe in a digitally connected world

WhatsApp disrupted a hacking campaign targeting journalists with Paragon spyware

Chinese threat actors use Quad7 botnet in password-spray attacks

News alert: SpyCloud study shows Darknet identity exploitation arising to become a primary cyber risk

Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack

DUCKTAIL operation targets Facebook’s Business and Ad accounts

How to Avoid Being Scammed When Giving Charity

Vietnamese Cybercriminals Targeting Facebook Business Accounts with Malvertising

How to secure your Twitter Account from Hacking

Security Affairs newsletter Round 493 by Pierluigi Paganini – INTERNATIONAL EDITION

IT threat evolution in Q3 2024. Non-mobile statistics

10 Behaviors That Will Reduce Your Risk Online

Stay Connected