Krebs on Security

APRIL 18, 2023

For the past seven years, a malware-based proxy service known as “ Faceless ” has sold anonymity to countless cybercriminals. For less than a dollar per day, Faceless customers can route their malicious traffic through tens of thousands of compromised systems advertised on the service. Image: spur.us.

Malware 281

Malware Passwords Accountability Advertising 281

Krebs on Security

NOVEMBER 13, 2019

In July 2016, KrebsOnSecurity published a story identifying a Toronto man as the author of the Orcus RAT , a software product that’s been marketed on underground forums and used in countless malware attacks since its creation in 2015. This week, Canadian authorities criminally charged him with orchestrating an international malware scheme.

Malware 219

Malware Advertising Marketing System Administration 219

Tech Republic Security

NOVEMBER 22, 2023

Atomic Stealer malware advertises itself through ClearFake browser updates disguised as Google's Chrome and Apple’s Safari.

Malware 200

Malware Advertising Cybersecurity 200

Krebs on Security

AUGUST 2, 2022

Compounding the problem, several remaining malware-based proxy services have chosen to block new registrations to avoid swamping their networks with a sudden influx of customers. com , a malware-based proxy network that has been in existence since at least 2010. Last week, a seven-year-old proxy service called 911[.]re Image: Spur.us.

Malware 304

Malware Cybercrime Internet Internet 304

Krebs on Security

JUNE 1, 2023

This post is a deep dive on “ Megatraffer ,” a veteran Russian hacker who has practically cornered the underground market for malware focused code-signing certificates since 2015. More recently, it appears Megatraffer has been working with ransomware groups to help improve the stealth of their malware. WHO IS MEGATRAFFER?

Malware 290

Malware Cybercrime Software Accountability 290

Krebs on Security

JUNE 21, 2023

If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or “crypt” your malware so that it appears benign to antivirus and security products. This story explores the history and identity behind Cryptor[.]biz WHO RUNS CRYPTOR[.]BIZ?

Malware 261

Malware Antivirus Cybercrime Hacking 261

Krebs on Security

APRIL 19, 2019

Marcus Hutchins, a 24-year-old blogger and malware researcher arrested in 2017 for allegedly authoring and selling malware designed to steal online banking credentials, has pleaded guilty to criminal charges of conspiracy and to making, selling or advertising illegal wiretapping devices.

Banking 212

Banking Malware Advertising Government 212

The Hacker News

FEBRUARY 21, 2024

Facebook advertisers in Vietnam are the target of a previously unknown information stealer dubbed VietCredCare at least since August 2022.

Advertising 126

Advertising Accountability Malware 126

Adam Levin

FEBRUARY 8, 2021

An Android app with over 10 million installations spread malware to its users in a recent update. A December 2020 update infected users with a Trojan-style malware that bombards users with unwanted advertising. may also allow a bad player to place invasive data tracking on your device as well as annoying advertising.

Mobile 303

Mobile Advertising Malware Risk 303

Schneier on Security

APRIL 2, 2021

News article : Most troublingly, Activision says that the “cheat” tool has been advertised multiple times on a popular cheating forum under the title “new COD hack.” ” (Gamers looking to flout the rules will typically go to such forums to find new ways to do so.)

Software 232

Software Malware Advertising Antivirus 232

Schneier on Security

FEBRUARY 16, 2021

Interesting story about a barcode scanner app that has been pushing malware on to Android phones. Users began noticing something weird going on with their phones: their default browsers kept getting hijacked and redirected to random advertisements, seemingly out of nowhere. The app is called Barcode Scanner.

Advertising 316

Advertising Malware 316

Krebs on Security

MAY 5, 2021

After a user logs in, the link prompts them to install a malicious but innocuously-named app that gives the attacker persistent, password-free access to any of the user’s emails and files, both of which are then plundered to launch malware and phishing scams against others. Image: Proofpoint.

Accountability 347

Accountability Advertising Passwords Phishing 347

Krebs on Security

JULY 25, 2023

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. ” According to Kilmer, AVrecon is the malware that gives SocksEscort its proxies.

Malware 231

Malware VPN Internet Internet 231

Bleeping Computer

JULY 15, 2024

Cybercriminals use Facebook business pages and advertisements to promote fake Windows themes that infect unsuspecting users with the SYS01 password-stealing malware. [.]

Malware 138

Malware Advertising Passwords 138

Krebs on Security

JANUARY 25, 2024

But cybercrooks are constantly figuring out ingenious ways to fly beneath Google’s anti-abuse radar, and new examples of bad ads leading to malware are still too common. My guess it’s still continuing because of the up-and-down [of the] domains hosting malware and then looking legitimate.” million advertiser accounts.

Software 307

Software Advertising Malware Accountability 307

Bleeping Computer

SEPTEMBER 28, 2023

Malicious advertisements are now being injected into Microsoft's AI-powered Bing Chat responses, promoting fake download sites that distribute malware.

Malware 133

Malware Advertising 133

Schneier on Security

JUNE 23, 2021

To evade detection, the malware makes use of the company’s so-called “invisible low stealth technology” and its Android product is advertised as having “low data and battery consumption” to prevent people from suspecting their phone or tablet has been infected.

Manufacturing 297

Manufacturing Spyware Surveillance Marketing 297

Krebs on Security

NOVEMBER 28, 2022

But that story omitted an important historical detail about Pushwoosh: In 2013, one of its developers admitted to authoring the Pincer Trojan , malware designed to surreptitiously intercept and forward text messages from Android mobile devices. ” wherein Shmakov acknowledged writing the malware as a freelance project.

Mobile 278

Mobile Malware Technology Government 278

Krebs on Security

NOVEMBER 17, 2020

This is evident by the apparent scale of the infrastructure behind a relatively new company based in Montenegro called PushWelcome , which advertises the ability for site owners to monetize traffic from their visitors. An ad from PushWelcome touting the money that websites can make for embedding their dodgy push notifications scripts.

Antivirus 357

Antivirus Advertising Internet Internet 357

Bleeping Computer

APRIL 5, 2024

Hackers are using Facebook advertisements and hijacked pages to promote fake Artificial Intelligence services, such as MidJourney, OpenAI's SORA and ChatGPT-5, and DALL-E, to infect unsuspecting users with password-stealing malware. [.]

Artificial Intelligence 129

Artificial Intelligence Malware Advertising Passwords 129

Krebs on Security

JUNE 22, 2022

” The DOJ’s statement doesn’t mention that RSOCKS has been in operation since 2014, when access to the web store for the botnet was first advertised on multiple Russian-language cybercrime forums. Even today, the RUSdot Mailer is advertised for sale at the top of the RUSdot community forum.

Advertising 309

Advertising Cybercrime System Administration Hacking 309

The Hacker News

MARCH 6, 2024

Threat actors have been leveraging fake websites advertising popular video conferencing software such as Google Meet, Skype, and Zoom to deliver a variety of malware targeting both Android and Windows users since December 2023.

Malware 142

Malware Advertising Software 142

Security Affairs

AUGUST 16, 2024

Russian cybercriminals are advertising a new macOS malware called Banshee Stealer with a monthly subscription price of $3,000. In August 2024, Russian crooks advertised a macOS malware called BANSHEE Stealer that can target both x86_64 and ARM64 architectures. ” concludes the report. ” concludes the report.

Malware 130

Malware Cryptocurrency Advertising Architecture 130

The Hacker News

OCTOBER 1, 2023

Cybersecurity experts have discovered yet another malware-as-a-service (MaaS) threat called BunnyLoader that's being advertised for sale on the cybercrime underground.

Cybercrime 142

Cybercrime Malware Advertising Cybersecurity 142

The Hacker News

NOVEMBER 17, 2023

Threat actors are leveraging manipulated search results and bogus Google ads that trick users who are looking to download legitimate software such as WinSCP into installing malware instead. The malicious advertisement directs the user to a compromised WordPress website gameeweb[.]com, com, which redirects the

Malware 138

Malware Advertising Software Cybersecurity 138

SecureList

JUNE 15, 2023

Thus, it was inevitable that malware creators would one day begin not only to distribute malicious programs themselves, but also to sell them to less technically proficient attackers, thereby lowering the threshold for entering the cybercriminal community. A MaaS operator is typically a team consisting of several people with distinct roles.

Malware 144

Malware Ransomware Cybercrime Hacking 144

Bleeping Computer

FEBRUARY 7, 2024

A new password-stealing malware named Ov3r_Stealer is spreading through fake job advertisements on Facebook, aiming to steal account credentials and cryptocurrency. [.]

Passwords 125

Passwords Malware Cryptocurrency Advertising 125

Krebs on Security

OCTOBER 8, 2020

Each day, millions of malware-laced emails are blasted out containing booby-trapped attachments. From there, the infected system will report home to a malware control server operated by the spammers who sent the missive. ” WHO IS DR. SAMUIL? The domain registration records for ruskod[.]net

Cybercrime 345

Cybercrime VPN Malware Ransomware 345

Penetration Testing

AUGUST 6, 2024

The hacker group APT28 recently launched a new campaign to distribute the HeadLace malware through a fake car sale advertisement. This tactic is... The post Fake Car Ads Conceal APT28’s HeadLace Malware Attack appeared first on Cybersecurity News.

Malware 112

Malware Advertising Cybersecurity 112

Security Affairs

AUGUST 23, 2024

Cado Security researchers have discovered a malware-as-a-service (MaaS) targeting macOS users dubbed Cthulhu Stealer. Once the user inputs their credentials, the malware stores them in a directory and uses Chainbreak to dump Keychain passwords. ” The malware can steal various types of information from a broad array of sources.

Malware 130

Malware Passwords Cryptocurrency Software 130

Krebs on Security

JANUARY 31, 2025

The FBI and authorities in The Netherlands this week seized dozens of servers and domains for a hugely popular spam and malware dissemination service operating out of Pakistan. ” Manipulaters advertisement for Office 365 Private Page with Antibot phishing kit sold via Heartsender.

Phishing 239

Phishing Cybercrime Advertising Malware 239

Security Affairs

AUGUST 28, 2024

million reward for information leading to the arrest of a Belarusian cybercriminal involved in the mass malware distribution. million reward for information leading to the arrest of Volodymyr Kadariya (38), a Belarusian national allegedly involved in a significant malware organization. The US Department of State offers a $2.5

Malware 131

Malware Computers and Electronics Cybercrime Internet 131

eSecurity Planet

OCTOBER 4, 2022

Malicious programs or malware are common and dangerous threats in the digital space for both individual users and organizations alike. German IT-Security Institute AV-TEST has recorded over 1 billion malicious programs as of this writing, with over 450,000 new instances of malware being recorded every day. Malvertising.

Malware 126

Malware Phishing Ransomware Mobile 126

Krebs on Security

APRIL 22, 2019

The owner of a Swedish company behind a popular remote administration tool (RAT) implicated in thousands of malware attacks shares the same name as a Swedish man who pleaded guilty in 2015 to co-creating the Blackshades RAT , a similar product that was used to infect more than half a million computers with malware, KrebsOnSecurity has learned.

Advertising 233

Advertising Antivirus Software Malware 233

Krebs on Security

JANUARY 24, 2023

Denis Emelyantsev , a 36-year-old Russian man accused of running a massive botnet called RSOCKS that stitched malware into millions of devices worldwide, pleaded guilty to two counts of computer crime violations in a California courtroom this week. At that time, RSOCKS was advertising more than 80,000 proxies. RSOCKS, circa 2016.

Cybercrime 264

Cybercrime Advertising IoT Malware 264

SecureList

FEBRUARY 27, 2023

Kaspersky mobile cyberthreat detection dynamics in 2020–2022 ( download ) Cybercriminals continued to use legitimate channels to spread malware. The spread of malware through Google Play continued as well. Harly malware programs were downloaded a total of 2.6 These secretly signed users up for paid services. percentage points.

Mobile 143

Mobile Malware Adware Banking 143

Bleeping Computer

OCTOBER 2, 2023

Security researchers discovered a new malware-as-a-service (MaaS) named 'BunnyLoader' advertised on multiple hacker forums as a fileless loader that can steal and replace the contents of the system clipboard. [.]

Malware 118

Malware Advertising 118