Security Affairs

JANUARY 7, 2021

Both exchanges are structured in a way that probably wouldn’t obligate them to comply with law enforcement requests and both were founded by Chinese nationals that moved their business to countries that are more friendly to cryptocurrency exchanges. A legal authority can request identity details for the individuals receiving the payments.”

Ransomware 145

Ransomware Cryptocurrency Antivirus Banking 145

eSecurity Planet

FEBRUARY 17, 2025

Simply put, they are antivirus solutions. In fact, it is one of the most popular antivirus solutions. Per 6sense, McAfee Cloud Security makes up 12.47% of the worldwide antivirus market share. 5 McAfee Total Protection is a set of five consumer security plans, including antivirus, web protection, and safety scores.

Antivirus 67

Antivirus Identity Theft VPN Spyware 67

Security Affairs

FEBRUARY 22, 2021

APOMacroSploit is a macro builder that was to create weaponized Excel documents used in multiple phishing attacks. Excel documents created with the APOMacroSploit builder are capable of bypassing antivirus software, Windows Antimalware Scan Interface (AMSI), and even Gmail and other email-based phishing detection.

Malware 143

Malware Antivirus Phishing Cryptocurrency 143

Krebs on Security

MARCH 22, 2022

But according to information obtained by KrebsOnSecurity, it is equally likely Vrublevsky was arrested thanks to his propensity for carefully documenting the links between Russia’s state security services and the cybercriminal underground. The latest document in the hacked archive is dated April 2021.

Banking 235

Banking Marketing DDOS Risk 235

Security Affairs

JUNE 17, 2021

Russian national Oleg Koshkin was convicted for operating a “crypting” service used to obfuscate the Kelihos bot from antivirus software. “According to court documents and evidence introduced at trial, Oleg Koshkin, 41, formerly of Estonia, operated the websites “Crypt4U.com,” “fud.bz” and others.”

Antivirus 111

Antivirus Malware Software Cryptocurrency 111

SecureList

DECEMBER 27, 2022

We have published technical details of how this notorious group steals cryptocurrency before. The group usually takes advantage of Word documents and uses shortcut files for the initial intrusion. Based on our telemetry, we observed that one victim in the UAE was attacked using a malicious Word document. Remote URL: [link].

Malware 145

Malware Banking Passwords Antivirus 145

SecureList

APRIL 23, 2025

LPEClient LPEClient is a tool known for victim profiling and payload delivery ( T1105 ) that has previously been observed in attacks on defense contractors and the cryptocurrency industry. We disclosed that this tool had been loaded by SIGNBT when we first documented SIGNBT malware. It was only loaded by the variant of ThreatNeedle.

Malware 144

Malware Software Encryption Internet 144

Security Affairs

APRIL 14, 2019

The crooks used malicious emails purporting to be legitimate from such entities as Western Union, Norton AntiVirus and the IRS to spread the malware. “According to testimony at trial and court documents, Nicolescu, Miclaus, and a co-conspirator who pleaded guilty, collectively operated a criminal conspiracy from Bucharest, Romania.”

Cryptocurrency 111

Cryptocurrency Identity Theft Advertising Accountability 111

Krebs on Security

MAY 13, 2024

A search at the breach-tracking service Constella Intelligence on the phone number in Tkaner’s registration records — 7.9521020220 — brings up multiple official Russian government documents listing the number’s owner as Dmitri Yurievich Khoroshev. Another domain registered to that phone number was stairwell[.]ru

Ransomware 299

Ransomware Cybercrime Accountability Malware 299

Digital Shadows

JUNE 7, 2021

It’s been a pretty big year so far for cryptocurrency. Cryptocurrencies’ current total market cap sits just above $1.7 The cryptocurrency exchange Coinbase recently launched an IPO, India has reversed a ban on cryptocurrencies, and ransomware groups continue to demand payment in anonymity-based cryptocurrency.

Cryptocurrency 52

Cryptocurrency Phishing Advertising Antivirus 52

CyberSecurity Insiders

JUNE 27, 2023

If you don’t have a backup, you may lose important files, personal photos, or sensitive documents forever. 2. Financial Loss: Attackers often demand payment in cryptocurrencies, making it difficult to trace and retrieve the funds. 2. Exercise Caution: Be mindful of the apps you download and the websites you visit.

Ransomware 107

Ransomware Antivirus Backups Encryption 107

Security Affairs

JULY 19, 2019

” Both macro builders allow crooks to easily create malicious Office documents that are usually involved in hacking campaigns as a first-stage loader for other malware. According to Flashpoint , Rubella is not particularly sophisticated, the builder is used to create Microsoft Word or Excel weaponized documents to use in spam email.

Malware 98

Malware Social Engineering Advertising Antivirus 98

The Last Watchdog

SEPTEMBER 28, 2022

According to a new study, phishing attacks rose 61 percent in 2022, with cryptocurrency fraud increasing 257 percent year-over-year. To prevent malicious scams, companies should do the following: •Install high-quality antivirus software and spam filters. Encrypt all sensitive information and documentation.

Phishing 124

Phishing Scams Cybercrime Passwords 124

Security Affairs

NOVEMBER 19, 2019

To bypass antivirus systems, hackers send out malicious emails in non-working hours with delayed activation. The first half of 2019 saw a 10-fold increase in the number of password-protected objects, such as documents and archive files, being used to deliver malware. More than 80% of all malicious files were disguised as .zip

Ransomware 98

Ransomware Antivirus Malware Banking 98

Centraleyes

NOVEMBER 7, 2024

But instead of legal documents, victims are met with a decoy and a hidden malware file. Rhadamanthys packs advanced features, including optical character recognition (OCR) that can read text from images and PDFs, suggesting an interest in swiping credentials—especially cryptocurrency wallets.

Phishing 52

Phishing Antivirus Malware Cryptocurrency 52

Security Affairs

MARCH 29, 2023

The experts were not able to determine the amount of Monero cryptocurrencies stolen by the threat actors due to the privacy features supported by the cryptocurrency scheme. “A mistake likely made by all victims of this malware was to download and run Tor Browser from a third-party resource. .

Malware 98

Malware Passwords Cryptocurrency Antivirus 98

Malwarebytes

JULY 30, 2021

It’s one of a few documented bot families that targets Linux systems as well as Windows devices. Trojan.LemonDuck uses several methods for the initial infection and to propagate across networks: Malspam: the email typically contains two files: a Word document exploiting CVE-2017-8570 and a zip archive with a malicious JavaScript.

Malware 116

Malware Penetration Testing Passwords Antivirus 116

Security Affairs

MARCH 13, 2021

The malware also allows attackers to capture screenshots and exfiltrate stolen documents to the attackers’ server. This behavior allows the malicious code to replace cryptocurrency addresses, and steal credentials for online services (amoCRM, Apple ID, Google, Paypal, SIPMarket, and Yandex) and payment card information from the Apple Store.

Malware 118

Malware Adware Architecture Antivirus 118

Security Affairs

JULY 30, 2018

The messages used employment-related subjects such as “About a role” and “Job Application,” while the malicious attached documents used file names in the format of “firstname.surname_resume.doc”. Also there is a rule “If there is data from cryptocurrency wallets” or “for all” [+] Stealer can now use system proxies.

Spyware 72

Spyware Cryptocurrency Passwords Malware 72

SecureWorld News

AUGUST 8, 2022

It has been sold on underground hacker forums for stealing browser data, user credentials, and cryptocurrency information. LokiBot LokiBot is a Trojan malware for stealing sensitive information, including user credentials, cryptocurrency wallets, and other credentials. AZORult's developers are constantly updating its capabilities.

Malware 98

Malware Banking Penetration Testing Healthcare 98

Security Affairs

AUGUST 27, 2020

Most of us already know the importance of using antivirus , anti-malware, and VPNs to secure our computers, phones, and other devices against potential attacks. After selecting a sample of 50,000 open printers and creating a custom printing script, we managed to print out PDF documents on 27,944 unprotected devices. Not so much.

Hacking 145

Hacking IoT Firmware Internet 145

SecureList

DECEMBER 14, 2020

Detecting an exploit or trojan that explicitly runs on a device is not a problem for an antivirus solution. For example, when a phishing email document is opened in Microsoft Office, all actions will be performed by the office application. Fin7 document with DDE execution. Legitimate software can hide risks. gov/fonts.txt')).

Technology 89

Technology Malware Antivirus Software 89

Security Affairs

AUGUST 19, 2019

You are asked in the email to confirm some company details or review a document by clicking on a specific link which further requires you to log in with your official account. Another successful strategy for preventing phishing is to secure your device using anti-malware, antivirus, VPN and other security softwares.

Phishing 111

Phishing Accountability Authentication Passwords 111

SecureList

NOVEMBER 18, 2022

All of them were ordinary people using our free antivirus solution, seemingly unconnected with any organization of interest to a sophisticated attacker of this kind. Later that year, we documented the PowerPepper campaign. When the fetched document is opened, it connects to the second C2 server.

Malware 122

Malware Computers and Electronics Adware Cryptocurrency 122

SecureList

OCTOBER 25, 2023

Introduction It’s just another cryptocurrency miner… Nobody would even suspect the mining malware was merely a mask, masquerading behind an intricate modular framework that supports both Linux and Windows. During that time, it had effectively evaded analysis and had previously been misclassified as a cryptocurrency miner.

Malware 145

Malware DNS Encryption Ransomware 145

eSecurity Planet

FEBRUARY 16, 2021

For access to the decryption key, the victim must make prompt payment, often in cryptocurrency shielding the attacker’s identity. Attackers can fool even sophisticated users into clicking on an invoice they are expecting, or a photograph that is ostensibly from someone they know, or a document that appears to have come from their boss.

Ransomware 97

Ransomware Backups Software Encryption 97

SecureList

DECEMBER 1, 2023

The attackers use the reverse shell to deploy a Bash stealer that collects data such as system information, browsing history, saved passwords, cryptocurrency wallet files and credentials for cloud services (AWS, Google Cloud, Oracle Cloud Infrastructure, Azure). An Excel document was attached to the message.

Malware 138

Malware Ransomware Encryption Energy and Utilities 138

Security Boulevard

MARCH 31, 2022

RedLine is a malware service available for purchase on underground forums that specifically targets the theft of sensitive information: passwords, credit cards, execution environment data, computer name, installed software, and more recently, cryptocurrency wallets and related files.

Cybersecurity 98

Cybersecurity Social Engineering Passwords Malware 98

SecureList

SEPTEMBER 6, 2022

Once executed on the attacked system, RedLine Stealer collects system information, including device user names, the operating system type, and information about the hardware, installed browsers, and antivirus solutions. Once a miner file is launched on an affected computer, it starts using the machine’s energy to mine cryptocurrency.

Mobile 133

Mobile Passwords Software Accountability 133

Elie

MAY 30, 2018

Adversarial inputs include malicious documents designed to evade antivirus, and emails attempting to evade spam filters. A very recent example of such behavior is the rise of abusing cloud services such as Google Cloud to mine cryptocurrencies in response to the surge of bitcoin price late 2017. Data poisoning attacks.

Accountability 107

Accountability Artificial Intelligence Engineering Retail 107

Digital Shadows

NOVEMBER 26, 2024

Attackers exploiting cloud accounts pose significant risks, targeting virtual machines (VMs) for activities like cryptocurrency mining, leading to unexpected costs for organizations. Additionally, securing internal documents with encrypted storage and using safe file-sharing platforms is crucial, especially when sharing externally.

Cyber Attacks 59

Cyber Attacks Phishing Ransomware Cyber Insurance 59

Elie

MAY 30, 2018

Adversarial inputs include malicious documents designed to evade antivirus, and emails attempting to evade spam filters. A very recent example of such behavior is the rise of abusing cloud services such as Google Cloud to mine cryptocurrencies in response to the surge of bitcoin price late 2017. Data poisoning attacks.

Accountability 91

Accountability Artificial Intelligence Engineering Retail 91

Digital Shadows

OCTOBER 29, 2024

To complicate detection, they clear system logs, disable antivirus software using Windows Management Instrumentation (WMI), and shut down endpoint detection and response (EDR) systems with proprietary tools. Today, many hacktivist groups are moving from defacing websites and leaking documents to more lucrative tactics like ransomware.

Ransomware 88

Ransomware Encryption Technology Malware 88

Spinone

JANUARY 28, 2020

We recommend using the Kaspersky free removal tool in case your antivirus program can’t detect or delete a screen locker. The payment is always in Bitcoin or another digital cryptocurrency that is hard/impossible to track. It suits Windows users. This is why this type of ransomware is considered a high-risk type.

Ransomware 52

Ransomware Backups Encryption Malware 52

SecureList

MAY 31, 2021

For now, we can tentatively assume that the growth in cryptocurrency prices, in particular bitcoin, has attracted the attention of cybercriminals and returned miners to their toolkit. Number of unique users attacked by miners, Q1 2021 ( download ).

Mobile 115

Mobile Adware Ransomware Malware 115

eSecurity Planet

DECEMBER 7, 2023

ECC is used for email encryption, cryptocurrency digital signatures, and internet communication protocols. Better antivirus (AV), endpoint detection and response (EDR), and extended detection and response (XDR) solutions can detect and block some attacks.

Encryption 113

Encryption Passwords IoT Firewall 113

Spinone

JANUARY 22, 2020

When the user opens this document, they see a gibberish they can’t read. How Locky works When activated, the malware loads in the system and encrypts documents as hash.locky files and encrypts network files if the user has access to them. Payment is conducted in Dash cryptocurrency which is highly focused on privacy.

Ransomware 64

Ransomware Encryption Backups Phishing 64