The Hacker News

APRIL 28, 2023

Threat actors are advertising a new information stealer for the Apple macOS operating system called Atomic macOS Stealer (or AMOS) on Telegram for $1,000 per month, joining the likes of MacStealer.

Passwords 106

Passwords Malware Advertising 106

eSecurity Planet

NOVEMBER 29, 2022

Group-IB cybersecurity researchers recently identified several Russian-speaking cybercrime groups offering infostealing malware-as-a-service (MaaS), resulting in the theft of more than 50 million passwords thus far. Eight of the groups use Raccoon malware, 23 use Redline, and three use custom stealers. Aurora Malware.

Passwords 127

Passwords Cybercrime Malware Marketing 127

Security Affairs

JULY 15, 2022

Dragos researchers uncovered a small-scale campaign targeting industrial engineers and operators with Sality malware. During a routine vulnerability assessment, Dragos researchers discovered a campaign targeting industrial engineers and operators with Sality malware. “Dragos only tested the DirectLogic-targeting malware.

Passwords 128

Passwords Software Firmware Malware 128

Krebs on Security

OCTOBER 31, 2022

A 26-year-old Ukrainian man is awaiting extradition from The Netherlands to the United States on charges that he acted as a core developer for Raccoon , a popular “malware-as-a-service” offering that helped paying customers steal passwords and financial data from millions of cybercrime victims. The Raccoon v.

Malware 321

Malware Identity Theft Cybercrime Accountability 321

Krebs on Security

JUNE 1, 2023

This post is a deep dive on “ Megatraffer ,” a veteran Russian hacker who has practically cornered the underground market for malware focused code-signing certificates since 2015. More recently, it appears Megatraffer has been working with ransomware groups to help improve the stealth of their malware. WHO IS MEGATRAFFER?

Malware 273

Malware Cybercrime Software Accountability 273

Krebs on Security

JUNE 21, 2023

If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or “crypt” your malware so that it appears benign to antivirus and security products. This story explores the history and identity behind Cryptor[.]biz WHO RUNS CRYPTOR[.]BIZ?

Malware 242

Malware Antivirus Cybercrime Hacking 242

Krebs on Security

SEPTEMBER 1, 2021

Over the past 15 years, a cybercrime anonymity service known as VIP72 has enabled countless fraudsters to mask their true location online by routing their traffic through millions of malware-infected systems. Between 2003 and 2006, Corpse focused on selling and supporting his Haxdoor malware.

Malware 308

Malware Cybercrime Internet Internet 308

CSO Magazine

MAY 19, 2023

Cybercrime gang Lemon Group has managed to get malware known as Guerrilla preinstalled on about 8.9 The Guerilla malware can load additional payloads, intercept one-time passwords (OTPs) from SMS texts, set up a reverse proxy from the infected device, and infiltrate WhatsApp sessions.

Malware 119

Malware Cybercrime Advertising Mobile 119

Krebs on Security

JULY 25, 2023

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. ” According to Kilmer, AVrecon is the malware that gives SocksEscort its proxies.

Malware 210

Malware VPN Internet Internet 210

Security Affairs

APRIL 5, 2019

Researchers at AT&T Alien Labs have spotted a malware called Xwo that is actively scanning the Internet for exposed web services and default passwords. Experts at AT&T Alien Labs discovered a new piece of malware called Xwo that is actively scanning the Internet for exposed web services and default passwords.

Internet 109

Internet Internet Passwords Malware 109

Security Affairs

APRIL 16, 2020

Linksys has reset passwords for all its customers’ after learning on ongoing DNS hijacking attacks aimed at delivering malware. Crooks continue to launch Coronavirus-themed attacks , in the last weeks, experts observed hackers hijacking D-Link and Linksys routers to redirect users to COVID19-themed sites spreading malware.

Passwords 143

Passwords DNS Malware Advertising 143

Security Affairs

MARCH 27, 2023

A new MacStealer macOS malware allows operators to steal iCloud Keychain data and passwords from infected systems. Uptycs researchers team discovered a new macOS information stealer, called MacStealer, which allows operators to steal iCloud Keychain data and passwords from infected systems.

Cybercrime 98

Cybercrime Malware Passwords Advertising 98

eSecurity Planet

OCTOBER 24, 2023

Malware attacks pose a significant risk to both individuals and businesses, infiltrating computer systems, compromising sensitive data and disrupting operations, leading to financial and data loss — and even extortion. Here are 15 important controls and best practices for preventing malware.

Malware 122

Malware Antivirus Software Passwords 122

Webroot

OCTOBER 4, 2024

The most common form of cyberattack is malware , a type of software that’s used to break into your computer system. Last year alone, there were more than 6 billion malware attacks detected worldwide. Some of the many forms of malware include: Ransomware : Prevents you from accessing your files, devices or network unless you pay money.

Malware 79

Malware Backups Adware Ransomware 79

Security Affairs

AUGUST 10, 2023

Zscaler ThreatLabz researchers discovered a new information stealer malware, called Statc Stealer, that can steal a broad range of info from Windows devices. The malware can steal sensitive information from various web browsers, including login data, cookies, web data, and preferences. ” concludes the report.

Malware 98

Malware Encryption Advertising Cryptocurrency 98

Krebs on Security

NOVEMBER 13, 2019

In July 2016, KrebsOnSecurity published a story identifying a Toronto man as the author of the Orcus RAT , a software product that’s been marketed on underground forums and used in countless malware attacks since its creation in 2015. This week, Canadian authorities criminally charged him with orchestrating an international malware scheme.

Malware 208

Malware Advertising Marketing System Administration 208

Krebs on Security

AUGUST 2, 2022

Compounding the problem, several remaining malware-based proxy services have chosen to block new registrations to avoid swamping their networks with a sudden influx of customers. com , a malware-based proxy network that has been in existence since at least 2010. Last week, a seven-year-old proxy service called 911[.]re Image: Spur.us.

Malware 288

Malware Cybercrime Internet Internet 288

The Hacker News

SEPTEMBER 16, 2022

Gamers looking for cheats on YouTube are being targeted with links to malicious password-protected archive files designed to install the RedLine Stealer malware and crypto miners on compromised machines.

Malware 96

Malware Advertising Passwords Hacking 96

Malwarebytes

MARCH 5, 2024

We’re going to let you in on a little cybersecurity secret… There’s malware on Mac computers. This mass adoption was good for Microsoft and its revenue, but it also drew and maintained the interests of cybercriminals, who would develop malware that could impact the highest number of victims. There pretty much always has been.

Malware 138

Malware Adware Ransomware Social Engineering 138

Security Affairs

APRIL 1, 2020

Researchers spotted a campaign using Excel files to spread LimeRAT malware using the 8-year-old and well-known VelvetSweatshop bug. Researchers at the Mimecast Threat Center spotted a new campaign using Excel files to spread LimeRAT malware using the 8-year-old VelvetSweatshop bug. ” reads the analysis published by the experts.

Malware 114

Malware Passwords Encryption Advertising 114

Security Affairs

JULY 13, 2020

Malware authors are implementing the capability to check if their malicious code is running in the Any.Run malware analysis service. Vxers are implementing the capability to check if their malware is running in the Any.Run interactive online malware sandbox to prevent them from being analyzed by experts. ’ and exit.

Malware 124

Malware Advertising Passwords Hacking 124

Krebs on Security

MAY 5, 2021

After a user logs in, the link prompts them to install a malicious but innocuously-named app that gives the attacker persistent, password-free access to any of the user’s emails and files, both of which are then plundered to launch malware and phishing scams against others. Image: Proofpoint.

Accountability 349

Accountability Advertising Passwords Phishing 349

Security Affairs

SEPTEMBER 16, 2020

A threat actor is launching brute-force attacks on MSSQL servers in the attempt to access them to install a new crypto-mining malware dubbed MrbMiner. A group of hackers is launching brute-force attacks on MSSQL servers with the intent to compromise them and install crypto-mining malware dubbed MrbMiner. Mining process.”

Malware 144

Malware Advertising Cryptocurrency Accountability 144

Security Affairs

JULY 31, 2023

Threat actors behind the campaign aimed at building a botnet to use for a range of criminal activities from password spraying to digital advertising fraud. The AVrecon malware was written in C to ensure portability and designed to target ARM-embedded devices. The popular investigator Brian Krebs and Spur.us “ SocksEscort[.]com

Malware 98

Malware Small Business Advertising Passwords 98

Security Affairs

MARCH 12, 2020

Cybercriminals continue to exploit the fear in the coronavirus outbreak to spread malware and steal sensitive data from victims. Experts from cybersecurity Reason reported cybercrimnals are using new coronavirus -themed attacks to deliver malware. To make sure the malware can persist and keep operating, it uses the “Task Scheduler”.”

Malware 144

Malware Advertising Passwords Cryptocurrency 144

Security Affairs

AUGUST 12, 2020

The experts first discovered the malware in June 2018, but it has been available since 2014, when they observed threat actors spreading it via a Microsoft Word document containing an auto-executable malicious VBA Macro. Recent samples of the malware include specific code to collect app configuration data and credentials from several apps.

Passwords 144

Passwords Spyware VPN Malware 144

Malwarebytes

JANUARY 30, 2023

We have recently written about malvertising campaigns that leverage Google paid advertisements to try and trick people into downloading malware instead of the software they were looking for. This malware then stole login credentials from the affected system. The first one leads to the legitimate domain 1password[.]com,

Password Management 63

Password Management Passwords Phishing Advertising 63

Security Affairs

SEPTEMBER 10, 2020

ESET researchers discovered a new piece of malware dubbed CDRThief targets a specific Voice over IP system to steal call data records (CDR). The VoIP platform Linknat VOS2009 and VOS3000 targeted by the malware is used by two China-produced softswitches (software switches). ” reads the analysis published by ESET.

Malware 143

Malware Encryption Advertising Passwords 143

Security Affairs

SEPTEMBER 22, 2020

US Cybersecurity and Infrastructure Security Agency (CISA) is warning of a notable increase in the use of LokiBot malware by threat actors since July 2020. The Agency’s EINSTEIN Intrusion Detection System has detected persistent malicious activity associated with the LokiBot malware. Enforce a strong password policy.

Malware 88

Malware Passwords Advertising Antivirus 88

Identity IQ

APRIL 29, 2021

What is Malware? . Malware is an umbrella term used to describe any malicious software designed to harm, exploit, or extract sensitive data from a system, device, or network. Stolen data can include anything from your payment details to your medical records, passwords, and more. Why do Cybercriminals Use Malware?

Malware 98

Malware Adware Spyware Advertising 98

Security Affairs

SEPTEMBER 27, 2021

Researchers spotted a new malware, dubbed BloodyStealer, that could allow stealing accounts for multiple gaming platforms. stealing a wide range of sensitive information, including cookies, passwords, bank cards, as well as sessions from various applications. ” reads the analysis published by Kaspersky.

Malware 98

Malware Banking Passwords Advertising 98

Security Affairs

FEBRUARY 14, 2020

The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) released reports on North Korea-linked HIDDEN COBRA malware. Each report includes a detailed “malware descriptions, suggested response actions, and recommended mitigation techniques.” the extension matches the file header).

Malware 140

Malware Passwords Advertising Antivirus 140

Bleeping Computer

JANUARY 24, 2023

A threat actor tracked as DEV-0569 uses Google Ads in widespread, ongoing advertising campaigns to distribute malware, steal victims' passwords, and ultimately breach networks for ransomware attacks. [.]

Ransomware 135

Ransomware Advertising Passwords Malware 135

Security Affairs

JUNE 21, 2020

Shlayer Mac malware is back, the Mac threat is now spreading through new black SEO operations. Researchers spotted a new version of the Shlayer Mac malware that is spreading via poisoned Google search results. The malware can be used to download other malicious payloads, including malware or adware. up to 10.14.3.

Engineering 145

Engineering Malware Adware Antivirus 145

Security Affairs

AUGUST 11, 2020

A severe vulnerability impacting TeamViewer for Windows, tracked as CVE 2020-13699, could be exploited by remote attackers to steal the system password. TeamViewer has recently addressed a high-risk vulnerability ( CVE 2020-13699 ), that could be exploited by remote attackers to steal system password and potentially compromise it.

Passwords 145

Passwords Authentication Advertising Software 145

Security Affairs

MARCH 13, 2020

. “We recently discovered a new strain of Android malware. “Malware could steal cookie files of any website from other apps in the same way and achieve similar results.” bood, it launches a local server and executes the command that the passed by the Cookiethief malware. SecurityAffairs – malware, Android).

Accountability 144

Accountability Malware Advertising Media 144

Security Affairs

AUGUST 4, 2020

China-linked hackers carried out cyber espionage campaigns targeting governments, corporations, and think tanks with TAIDOOR malware. “CISA encourages users and administrators to review Malware Analysis Report MAR-10292089-1.v1 “CISA encourages users and administrators to review Malware Analysis Report MAR-10292089-1.v1

Malware 128

Malware Government Passwords Advertising 128