Schneier on Security

MAY 14, 2020

The first of the new malware variants, COPPERHEDGE , is described as a Remote Access Tool (RAT) "used by advanced persistent threat (APT) cyber actors in the targeting of cryptocurrency exchanges and related entities." It's interesting to see the US government take a more aggressive stance on foreign malware.

Government 273

Government Malware Antivirus Cryptocurrency 273

Security Affairs

JANUARY 10, 2025

The malware authors claimed it can steal a broad range of data from compromised systems, including browser data, cryptocurrency wallets, and around 100 browser extensions. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Banshee Stealer)

Malware 119

Malware Advertising Antivirus Cybercrime 119

Security Affairs

DECEMBER 22, 2024

Panev received over $230,000 in laundered cryptocurrency from Khoroshev between 2022 and 2024. He developed the code to disable antivirus software, deploy malware, and print ransom notes to all printers connected to a victim network.

Ransomware 118

Ransomware Small Business Antivirus Malware 118

Security Affairs

APRIL 24, 2024

A malware campaign has been exploiting the updating mechanism of the eScan antivirus to distribute backdoors and cryptocurrency miners. Avast researchers discovered and analyzed a malware campaign that exploited the update mechanism of the eScan antivirus to distribute backdoors and crypto miners.

Antivirus 130

Antivirus Malware DNS Cryptocurrency 130

Krebs on Security

FEBRUARY 28, 2024

Malicious hackers are targeting people in the cryptocurrency space in attacks that start with a link added to the target’s calendar at Calendly , a popular application for scheduling appointments and meetings. The attackers impersonate established cryptocurrency investors and ask to schedule a video conference call.

Malware 327

Malware Cryptocurrency Software Phishing 327

Security Affairs

MAY 2, 2021

The bold author of a new cryptocurrency stealer, dubbed WeSteal, is promising its customers a leading way to make money in 2021. According to Palo Alto Networks, the author of WeSteal, that goes online as “ComplexCodes,” started advertising the cryptocurrency stealer on underground forums in mid-February 2021.

Cryptocurrency 115

Cryptocurrency Malware Advertising System Administration 115

Security Affairs

JUNE 27, 2021

Researchers have discovered a strain of cryptocurrency-mining malware, tracked as Crackonosh, that abuses Windows Safe mode to avoid detection. . Researchers from Avast have spotted a strain of cryptocurrency miner, tracked as Crackonosh, that abuses Windows Safe mode to avoid detection. SecurityAffairs – hacking, Crackonosh).

Antivirus 143

Antivirus Cryptocurrency Malware Software 143

Krebs on Security

DECEMBER 29, 2022

You just knew 2022 was going to be The Year of Crypto Grift when two of the world’s most popular antivirus makers — Norton and Avira — kicked things off by installing cryptocurrency mining programs on customer computers. Penchukov was arrested after leaving Ukraine to meet up with his wife in Switzerland.

Cryptocurrency 293

Cryptocurrency Cybercrime Computers and Electronics Scams 293

Security Affairs

MARCH 28, 2019

The group is considered responsible for the massive WannaCry ransomware attack, a string of SWIFT attacks in 2016, and the Sony Pictures hack. In 2018, the Lazarus APT group targeted several cryptocurrency exchanges , including the campaign tracked as Operation AppleJeus discovered in August 2018. ” Kaspersky says. .

Cryptocurrency 111

Cryptocurrency Malware Advertising Antivirus 111

Security Affairs

APRIL 19, 2021

Avast researchers analyzed the activity of a simple cryptocurrency malware dubbed HackBoss that allowed its operators to earn over $560K. The antivirus company Avast analyzed the case of a simple malware dubbed HackBoss and how it allowed its operators to earn more $560K worth of cryptocurrency since November 2018.

Cryptocurrency 145

Cryptocurrency Hacking Malware Banking 145

Security Affairs

MAY 25, 2024

Threat actors used fake AV websites masquerading as legitimate antivirus products from Avast, Bitdefender, and Malwarebytes to distribute malware. The fake websites were masquerading as legitimate antivirus products from Avast, Bitdefender, and Malwarebytes. exe.zip), malwarebytes.pro (MBSetup.rar). bitdefender-app[.]com malwarebytes[.]pro

Malware 136

Malware Antivirus Cryptocurrency Hacking 136

Security Affairs

FEBRUARY 16, 2021

Latin American Javali trojan weaponizing Avira antivirus legitimate injector to implant malware. The title of the accessed web-pages are collected and compared with the target organizations and services hardcoded and defined by crooks, generally the name of the banking portals, cryptocurrency portals, and financial firms.

Antivirus 132

Antivirus Malware Banking Internet 132

SecureWorld News

JUNE 16, 2021

When it comes to hacking and cybercrime, sometimes all the focus is on the one who launches the attack. DOJ prosecutors say Oleg Koshkin, a 41-year-old Russian national, operated a crypting service used to conceal Kelihos malware from antivirus software. One of those threat actors was just convicted in a United States courtroom.

Antivirus 73

Antivirus Malware Software Ransomware 73

Security Affairs

NOVEMBER 26, 2021

Morphisec researchers spread cryptocurrency malware dubbed Babadeda in attacks aimed at crypto and NFT communities. Morphisec researchers spotted a new crypto-malware strain, tracked as Babadeda, targeting cryptocurrency, non-fungible token (NFT), and DeFi passionates through Discord channels. SecurityAffairs – hacking, babadeda).

Cryptocurrency 143

Cryptocurrency Malware Antivirus Phishing 143

Security Affairs

MARCH 14, 2025

Panev received over $230,000 in laundered cryptocurrency from Khoroshev between 2022 and 2024. He developed the code to disable antivirus software, deploy malware, and print ransom notes to all printers connected to a victim network. A $10 million reward was offered for information on Khoroshev through the U.S. Matveev has a $10M U.S.

Ransomware 63

Ransomware Cryptocurrency Small Business Malware 63

Security Affairs

AUGUST 27, 2020

Most of us already know the importance of using antivirus , anti-malware, and VPNs to secure our computers, phones, and other devices against potential attacks. Or they can simply use these printers to mine cryptocurrency, ramping up their victims’ electricity bills in the process. SecurityAffairs – hacking, printers).

Hacking 145

Hacking IoT Firmware Internet 145

Security Affairs

SEPTEMBER 2, 2020

The malware has been active since at least December 2018, it targets cryptocurrency users as a triple threat. The malware uses the victim’s resource to mine cryptocurrency, steals cryptocurrency wallet-related files, and replaces wallet addresses in the clipboard to hijack cryptocurrency payments.

Cryptocurrency 142

Cryptocurrency Antivirus Malware Advertising 142

Security Affairs

AUGUST 20, 2019

Your IP address represents your digital identity online, hacking it not only allows attackers to access your device or your accounts, but it may cause even bigger damage. Cybercriminals are interested in hacking your IP address for various reasons. The hacked and stolen IPs are often used for carrying out illegal activities.

Hacking 111

Hacking VPN Internet Internet 111

Security Boulevard

MAY 10, 2024

Recently, a wave of malware attacks has surfaced, exploiting vulnerabilities in the update mechanism of the eScan antivirus software. This eScan antivirus backdoor exploit distributes backdoors and cryptocurrency miners, such as XMRig, posing a significant threat to large corporate networks.

Antivirus 52

Antivirus Cryptocurrency Software Malware 52

Security Affairs

JANUARY 7, 2021

Both exchanges are structured in a way that probably wouldn’t obligate them to comply with law enforcement requests and both were founded by Chinese nationals that moved their business to countries that are more friendly to cryptocurrency exchanges. SecurityAffairs – hacking, Ryuk ransomware). ” concludes the report.

Ransomware 145

Ransomware Cryptocurrency Antivirus Banking 145

eSecurity Planet

FEBRUARY 17, 2025

Simply put, they are antivirus solutions. In fact, it is one of the most popular antivirus solutions. Per 6sense, McAfee Cloud Security makes up 12.47% of the worldwide antivirus market share. 5 McAfee Total Protection is a set of five consumer security plans, including antivirus, web protection, and safety scores.

Antivirus 68

Antivirus Identity Theft VPN Spyware 68

Security Boulevard

MARCH 30, 2022

Introduction: Hacking forums often double up as underground marketplaces where cybercriminals buy, rent, and sell all kinds of malicious illegal products, including software, trojans, stealers, exploits, and leaked credentials. BlackGuard detects antivirus processes. This allows it to bypass antivirus and string-based detection.

Malware 98

Malware Hacking Antivirus Passwords 98

CyberSecurity Insiders

JANUARY 20, 2022

Cryptocurrency has been subjected to a rapidly changing balance of laws for the government to try and control it through regulation. Indeed, Vice recently reported that the US tax authorities had placed sanctions on 57 cryptocurrency addresses and one popular exchange due to their connections with money laundering. Staying ahead.

Cryptocurrency 127

Cryptocurrency Marketing Scams Government 127

Security Affairs

DECEMBER 1, 2020

Microsoft warns of Vietnam-linked Bismuth group that is deploying cryptocurrency miner while continues its cyberespionage campaigns. Researchers from Microsoft reported that the Vietnam-linked Bismuth group, aka OceanLotus , Cobalt Kitty , or APT32 , is deploying cryptocurrency miners while continues its cyberespionage campaigns.

Cryptocurrency 136

Cryptocurrency Antivirus Manufacturing Government 136

Security Affairs

JUNE 22, 2021

The Windows botnet has been active since late 2017, it was mainly used to mine cryptocurrency, but it was also involved in DDoS attacks in 2018. Experts pointed out that the number of infected systems could be far greater because data provided by AVAST are only related to systems running their antivirus solution. Pierluigi Paganini.

DNS 145

DNS Internet Internet Malware 145

SecureWorld News

JUNE 16, 2021

When it comes to hacking and cybercrime, sometimes all the focus is on the one who launches the attack. DOJ prosecutors say Oleg Koshkin, a 41-year-old Russian national, operated a crypting service used to conceal Kelihos malware from antivirus software. One of those threat actors was just convicted in a United States courtroom.

Antivirus 52

Antivirus Malware Software Ransomware 52

Security Affairs

JANUARY 7, 2022

Experts warn that the popular antivirus product Norton 360 has installed a cryptocurrency miner on its customers’ computers. Many users ignore that Norton 360 comes with a cryptomining feature, dubbed Norton Crypto, that could allow them to earn money mining Ethereum (ETH) cryptocurrency while the customer’s computer is idle.

Energy and Utilities 98

Energy and Utilities Cryptocurrency Antivirus Hacking 98

Security Affairs

JUNE 17, 2021

Russian national Oleg Koshkin was convicted for operating a “crypting” service used to obfuscate the Kelihos bot from antivirus software. ”The websites promised to render malicious software fully undetectable by nearly every major provider of antivirus software. .”The SecurityAffairs – hacking, Kelihos).

Antivirus 112

Antivirus Malware Software Cryptocurrency 112

Security Affairs

APRIL 26, 2020

SecurityAffairs – newsletter, hacking). Are Maze operators behind the attack on the IT services giant Cognizant? Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Hacking 121

Hacking Advertising Spyware Antivirus 121

Security Affairs

SEPTEMBER 14, 2019

Researchers at Z s caler have spotted a new malware dubbed InnfiRAT that infects victims’ systems to steal cryptocurrency wallet data. . Researchers at Z s caler have discovered a new Trojan dubbed InnfiRAT that implements many standard Trojan capabilities along with the ability to steal cryptocurrency wallet data. .

Cryptocurrency 111

Cryptocurrency Malware Advertising Antivirus 111

Security Affairs

NOVEMBER 15, 2021

The trojan allows to hijack users’ mobile devices and steal funds from online banking and cryptocurrency accounts. At the time of writing, SharkBot appears to have a very low detection rate by antivirus solutions since. SecurityAffairs – hacking, SharkBot). login credentials, personal information, current balance, etc.).

Banking 143

Banking Mobile Social Engineering Malware 143

Security Affairs

MARCH 7, 2022

SharkBot banking malware was able to evade Google Play Store security checks masqueraded as an antivirus app. The trojan allows to hijack users’ mobile devices and steal funds from online banking and cryptocurrency accounts. sellsourcecode.alpha) Powerful Cleaner, Antivirus (com.pagnotto28.sellsourcecode.supercleaner).

Banking 98

Banking Antivirus Mobile Malware 98

Security Affairs

APRIL 27, 2021

Microsoft announced an improvement of its Defender antivirus that will leverage Intel’s Threat Detection Technology (TDT) to detect processes associated with crypto-miners. Cryptojacking malware allows threat actors to secretly mine for cryptocurrency abusing computational resources of the infected devices. Pierluigi Paganini.

Technology 112

Technology Malware Threat Detection Antivirus 112

Krebs on Security

MARCH 22, 2022

When I first began writing about Vrublevsky in 2009 as a reporter for The Washington Post , ChronoPay and its sister firm Red & Partners (RNP) were earning millions setting up payment infrastructure for fake antivirus peddlers and spammers pimping male enhancement drugs. The latest document in the hacked archive is dated April 2021.

Banking 235

Banking Marketing DDOS Risk 235

Krebs on Security

JULY 8, 2019

But GandCrab far eclipsed the success of competing ransomware affiliate programs largely because its authors worked assiduously to update the malware so that it could evade antivirus and other security defenses. in threads asking for urgent help obtaining access to hacked businesses in South Korea.

Ransomware 277

Ransomware Accountability Cybercrime Passwords 277

Security Affairs

FEBRUARY 22, 2021

Excel documents created with the APOMacroSploit builder are capable of bypassing antivirus software, Windows Antimalware Scan Interface (AMSI), and even Gmail and other email-based phishing detection. BitRAT implements multiple features, including mining cryptocurrencies and RAT features. SecurityAffairs – hacking, apomacrosploit).

Malware 143

Malware Antivirus Phishing Cryptocurrency 143

Security Affairs

FEBRUARY 19, 2023

Twitter will allow using the SMS-based two-factor authentication (2FA) only to its Blue subscribers GoDaddy discloses a new data breach Fortinet fixes critical vulnerabilities in FortiNAC and FortiWeb German airport websites hit by DDos attacks once again Cisco fixed critical RCE bug in ClamAV Open-Source Antivirus engine CISA adds Cacti, Office, Windows (..)

DDOS 98

DDOS Data breaches Ransomware Hacking 98