Antivirus, Cryptocurrency and Malware - Cyber Security Informer

Hackers hijack antivirus updates to drop GuptiMiner malware

Bleeping Computer

APRIL 23, 2024

North Korean hackers have been exploiting the updating mechanism of the eScan antivirus to plant backdoors on big corporate networks and deliver cryptocurrency miners through GuptiMiner malware. [.]

Antivirus

Antivirus Malware Cryptocurrency

Hackers hijacked the eScan Antivirus update mechanism in malware campaign

Security Affairs

APRIL 24, 2024

A malware campaign has been exploiting the updating mechanism of the eScan antivirus to distribute backdoors and cryptocurrency miners. Avast researchers discovered and analyzed a malware campaign that exploited the update mechanism of the eScan antivirus to distribute backdoors and crypto miners.

Antivirus

Antivirus Malware DNS Cryptocurrency

eScan Antivirus Update Mechanism Exploited to Spread Backdoors and Miners

The Hacker News

APRIL 24, 2024

A new malware campaign has been exploiting the updating mechanism of the eScan antivirus software to distribute backdoors and cryptocurrency miners like XMRig through a long-standing threat codenamed GuptiMiner targeting large corporate networks.

Antivirus

Antivirus Cryptocurrency Malware Hacking

Calendar Meeting Links Used to Spread Mac Malware

Krebs on Security

FEBRUARY 28, 2024

Malicious hackers are targeting people in the cryptocurrency space in attacks that start with a link added to the target’s calendar at Calendly , a popular application for scheduling appointments and meetings. The attackers impersonate established cryptocurrency investors and ask to schedule a video conference call.

Malware

Malware Cryptocurrency Software Phishing

Backdoors and Miners Amid eScan Antivirus Backdoor Exploit

Security Boulevard

MAY 10, 2024

Recently, a wave of malware attacks has surfaced, exploiting vulnerabilities in the update mechanism of the eScan antivirus software. This eScan antivirus backdoor exploit distributes backdoors and cryptocurrency miners, such as XMRig, posing a significant threat to large corporate networks.

Antivirus

Antivirus Cryptocurrency Software Malware

Fake AV websites used to distribute info-stealer malware

Security Affairs

MAY 25, 2024

Threat actors used fake AV websites masquerading as legitimate antivirus products from Avast, Bitdefender, and Malwarebytes to distribute malware. The fake websites were masquerading as legitimate antivirus products from Avast, Bitdefender, and Malwarebytes. exe.zip), malwarebytes.pro (MBSetup.rar). bitdefender-app[.]com

Malware

Malware Antivirus Cryptocurrency Hacking

US Government Exposes North Korean Malware

Schneier on Security

MAY 14, 2020

US Cyber Command has uploaded North Korean malware samples to the VirusTotal aggregation repository, adding to the malware samples it uploaded in February. It's interesting to see the US government take a more aggressive stance on foreign malware. Me, I like reading the codenames.

Government

Government Malware Antivirus Cryptocurrency

Lazarus APT continues to target cryptocurrency businesses with Mac malware

Security Affairs

MARCH 28, 2019

The activity of the Lazarus Group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks and experts that investigated on the crew consider it highly sophisticated. At the time, North Korea-linked Lazarus APT group leveraged for the first time on a MacOS variant of the Fallchill malware.

Cryptocurrency

Cryptocurrency Malware Advertising Antivirus

Crypto Hackers Using Babadeda Crypter to Make Their Malware Undetectable

The Hacker News

NOVEMBER 26, 2021

A new malware campaign has been discovered targeting cryptocurrency, non-fungible token (NFT), and DeFi aficionados through Discord channels to deploy a crypter named "Babadeda" that's capable of bypassing antivirus solutions and stage a variety of attacks. "[T]his

Malware

Malware Antivirus Cryptocurrency Ransomware

Deceptive Google Meet Invites Lures Users Into Malware Scams

eSecurity Planet

OCTOBER 22, 2024

These malware scams lure individuals with fake conference invitations designed to mimic legitimate meeting requests and exploit users’ trust. You are then guided to execute PowerShell code designed to “fix” the supposed problem, unwittingly allowing malware to infiltrate their systems.

Scams

Scams Malware Phishing Social Engineering

WeSteal, a shameless commodity cryptocurrency stealer available for sale

Security Affairs

MAY 2, 2021

The bold author of a new cryptocurrency stealer, dubbed WeSteal, is promising its customers a leading way to make money in 2021. WeSteal is a Python-based malware that uses regular expressions to search for strings related to wallet addresses that victims have copied to their clipboard. There is the name of the malware itself.

Cryptocurrency

Cryptocurrency Malware Advertising System Administration

Latin American Javali trojan weaponizing Avira antivirus legitimate injector to implant malware

Security Affairs

FEBRUARY 16, 2021

Latin American Javali trojan weaponizing Avira antivirus legitimate injector to implant malware. Latin American trojans share the same modus operandi and even modules and blocks of code observed during the analysis of several malware samples. Background of Latin American Trojans.

Antivirus

Antivirus Malware Banking Internet

GUEST ESSAY: Securing your cryptocurrency — best practices for Bitcoin wallet security

The Last Watchdog

SEPTEMBER 6, 2023

Over time, Bitcoin has become the most widely used cryptocurrency in the world. To avoid potential vulnerabilities, keep your operating system, antivirus software, and other security tools up to date. As the use of Bitcoin has grown, so have the number of phishing and malware attempts that prey on naïve users.

Cryptocurrency

Cryptocurrency Backups Passwords Software

Convicted: He Helped Cybercriminals Evade Antivirus

SecureWorld News

JUNE 16, 2021

DOJ prosecutors say Oleg Koshkin, a 41-year-old Russian national, operated a crypting service used to conceal Kelihos malware from antivirus software. In other words, it could fool antivirus into believing there was no threat and no security reason to deny the malware access to a particular system.

Antivirus

Antivirus Malware Software Ransomware

8 Tips to protect your devices from malware attacks

Webroot

OCTOBER 4, 2024

The most common form of cyberattack is malware , a type of software that’s used to break into your computer system. Last year alone, there were more than 6 billion malware attacks detected worldwide. Some of the many forms of malware include: Ransomware : Prevents you from accessing your files, devices or network unless you pay money.

Malware

Malware Backups Adware Ransomware

Convicted: He Helped Cybercriminals Evade Antivirus

SecureWorld News

JUNE 16, 2021

DOJ prosecutors say Oleg Koshkin, a 41-year-old Russian national, operated a crypting service used to conceal Kelihos malware from antivirus software. In other words, it could fool antivirus into believing there was no threat and no security reason to deny the malware access to a particular system.

Antivirus

Antivirus Malware Software Ransomware

Satacom delivers browser extension that steals cryptocurrency

SecureList

JUNE 5, 2023

Satacom downloader, also known as LegionLoader, is a renowned malware family that emerged in 2019. It is known to use the technique of querying DNS servers to obtain the base64-encoded URL in order to receive the next stage of another malware family currently distributed by Satacom.

Cryptocurrency

Cryptocurrency DNS Malware Encryption

Crackonosh Monero miner made $2M after infecting 222,000 Win systems

Security Affairs

JUNE 27, 2021

Researchers have discovered a strain of cryptocurrency-mining malware, tracked as Crackonosh, that abuses Windows Safe mode to avoid detection. . Researchers from Avast have spotted a strain of cryptocurrency miner, tracked as Crackonosh, that abuses Windows Safe mode to avoid detection. ” continues the report.

Antivirus

Antivirus Cryptocurrency Malware Software

New SteelFox Trojan mimics software activators, stealing sensitive data and mining cryptocurrency

SecureList

NOVEMBER 6, 2024

It also uses stealer malware to extract the victim’s credit card data as well as details about the infected device. Technical Details Background In August 2024, we stumbled upon a massive infection caused by an unknown bundle consisting of miner and stealer malware. SteelFox.gen , Trojan.Win64.SteelFox.*. SteelFox.*.

Software

Software Cryptocurrency Malware DNS

Grandoreiro banking malware targets Mexico and Spain

Security Affairs

AUGUST 21, 2022

A new Grandoreiro banking malware campaign is targeting organizations in Mexico and Spain, Zscaler reported. Zscaler ThreatLabz researchers observed a Grandoreiro banking malware campaign targeting organizations in the Spanish-speaking nations of Mexico and Spain. ” reads the post published by Zscaler. Pierluigi Paganini.

Banking

Banking Malware Antivirus Phishing

Microsoft Defender uses Intel TDT technology against crypto-mining malware

Security Affairs

APRIL 27, 2021

Microsoft announced an improvement of its Defender antivirus that will leverage Intel’s Threat Detection Technology (TDT) to detect processes associated with crypto-miners. Cryptojacking malware allows threat actors to secretly mine for cryptocurrency abusing computational resources of the infected devices.

Technology

Technology Malware Threat Detection Antivirus

Under the Mask of Copyright: How Phishing Attacks Are Evolving

Centraleyes

NOVEMBER 7, 2024

Fake copyright infringement notices are sweeping across inboxes globally, hitting hundreds of companies with a new and devious malware campaign. But instead of legal documents, victims are met with a decoy and a hidden malware file. ” Meet Rhadamanthys: The Malware with a $1,000 Price Tag This isn’t your run-of-the-mill malware.

Phishing

Phishing Antivirus Malware Cryptocurrency

Windows Malware that Mines for Crypto ‘Crackonosh’ Used by Hackers to Infect Gamers’ PCs

Heimadal Security

JUNE 28, 2021

Security specialists have recently discovered that Crackonosh, a new strain of cryptocurrency-mining malware dispensed through pirated and cracked versions of popular online games is destroying antivirus solutions and secretively mining cryptocurrency in multiple countries.

Malware

Malware Cryptocurrency Antivirus Software

Researchers uncovered a new Malware Builder dubbed APOMacroSploit

Security Affairs

FEBRUARY 22, 2021

Researchers spotted a new Office malware builder, tracked as APOMacroSploit, that was employed in a campaign targeting more than 80 customers worldwide. Researchers from security firm Check Point uncovered a new Office malware builder called APOMacroSploit, which was employed in attacks that targeted more than 80 customers worldwide.

Malware

Malware Antivirus Phishing Cryptocurrency

Discover 2022’s Nastiest Malware

Webroot

OCTOBER 14, 2022

In other words, 2022 has been an eventful year in the threat landscape, with malware continuing to take center stage. The 6 Nastiest Malware of 2022. With that, here are the 6 Nastiest Malware of 2022. The post Discover 2022’s Nastiest Malware appeared first on Webroot Blog. 2022 was no different.

Malware

Malware Antivirus DDOS Cyber Insurance

Crooks made more than $560K with a simple clipboard hijacker

Security Affairs

APRIL 19, 2021

Avast researchers analyzed the activity of a simple cryptocurrency malware dubbed HackBoss that allowed its operators to earn over $560K. The antivirus company Avast analyzed the case of a simple malware dubbed HackBoss and how it allowed its operators to earn more $560K worth of cryptocurrency since November 2018.

Cryptocurrency

Cryptocurrency Hacking Malware Banking

New Linux Malware Shikitega Can Take Full Control of Devices

eSecurity Planet

SEPTEMBER 15, 2022

AT&T Alien Labs has discovered a new Linux malware that can be used for highly evasive attacks, as the infection has been designed for persistence and runs on practically all kinds of Linux devices. Researchers dubbed the malware “Shikitega.” Five Scripts Provide Persistence. Cybercriminals Use C2 Servers to Deploy Cryptominer.

Malware

Malware Social Engineering System Administration Antivirus

Top 10 Malware Strains of 2021

SecureWorld News

AUGUST 8, 2022

Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC) released a joint Cybersecurity Advisory (CSA) providing details on the top malware strains of 2021. The top malware strains in 2021 included remote access Trojans (RATs), banking Trojans, information stealers, and ransomware.

Malware

Malware Banking Healthcare Penetration Testing

Threat actors target crypto and NFT communities with Babadeda crypter

Security Affairs

NOVEMBER 26, 2021

Morphisec researchers spread cryptocurrency malware dubbed Babadeda in attacks aimed at crypto and NFT communities. Morphisec researchers spotted a new crypto-malware strain, tracked as Babadeda, targeting cryptocurrency, non-fungible token (NFT), and DeFi passionates through Discord channels.

Cryptocurrency

Cryptocurrency Malware Antivirus Phishing

New Android BlackRock malware targets hundreds of apps

Security Affairs

JULY 16, 2020

Researchers spotted a new Android banking trojan dubbed BlackRock malware that steals credentials and credit card data from hundreds of apps. The BlackRock malware borrows the code from the Xerxes banking malware, which is a strain of the popular LokiBot Android trojan. Coinbase, BitPay, and Coinbase), and banks (i.e.

Malware

Malware Banking Mobile Advertising

An Interview With the Target & Home Depot Hacker

Krebs on Security

NOVEMBER 14, 2024

That investigation detailed how the 38-year-old Shefel adopted the nickname Rescator while working as vice president of payments at ChronoPay , a Russian financial company that paid spammers to advertise fake antivirus scams, male enhancement drugs and knockoff pharmaceuticals. “I’m also godfather of his second son.”

Retail

Retail Advertising Cryptocurrency Marketing

Fake DDoS protection pages on compromised WordPress sites lead to malware infections

Security Affairs

AUGUST 21, 2022

Threat actors compromise WordPress sites to display fake Cloudflare DDoS protection pages to distribute malware. Recently security experts from Sucuri, spotted JavaScript injections targeting WordPress sites to display fake DDoS Protection pages which lead victims to download remote access trojan malware. Pierluigi Paganini.

DDOS

DDOS Malware Antivirus Firewall

Types of Malware & Best Malware Protection Practices

eSecurity Planet

FEBRUARY 16, 2021

Malware, short for “malicious software,” is any unwanted software on your computer that, more often than not, is designed to inflict damage. Since the early days of computing, a wide range of malware types with varying functions have emerged. Best Practices to Defend Against Malware. Jump ahead: Adware. RAM scraper.

Malware

Malware Adware Spyware Antivirus

Microsoft Defender now blocks cryptojacking malware using Intel TDT

Bleeping Computer

APRIL 26, 2021

Microsoft today announced that Microsoft Defender for Endpoint, the enterprise version of its Windows 10 Defender antivirus, now comes with support for blocking cryptojacking malware using Intel's silicon-based Threat Detection Technology (TDT). [.].

Malware

Malware Antivirus Threat Detection Technology

Scam Information and Event Management

SecureList

OCTOBER 4, 2024

While trying to deliver malware on victims’ devices and stay on them as long as they can, sometimes attackers are using quite unusual techniques. Malware was also distributed through Telegram channels targeted at crypto investors and in descriptions and comments on YouTube videos about cryptocurrency, cheats and gambling.

Scams

Scams Cryptocurrency Malware Software

Cryptocurrency Attacks to be Aware of in 2021

Digital Shadows

JUNE 7, 2021

It’s been a pretty big year so far for cryptocurrency. Cryptocurrencies’ current total market cap sits just above $1.7 The cryptocurrency exchange Coinbase recently launched an IPO, India has reversed a ban on cryptocurrencies, and ransomware groups continue to demand payment in anonymity-based cryptocurrency.

Cryptocurrency

Cryptocurrency Phishing Advertising Antivirus

New KryptoCibule Windows Trojan spreads via malicious torrents

Security Affairs

SEPTEMBER 2, 2020

Experts warn of the KryptoCibule Windows malware that has been active since late 2018 and has targeted users in the Czech Republic and Slovakia. Security researchers from ESET have shared technical detailts of a new piece of Windows malware tracked as KryptoCibule. ” reads the report. ” concludes ESET.

Cryptocurrency

Cryptocurrency Antivirus Malware Advertising

Cryptocurrency miners infected more than 50% of the European airport workstations

Security Affairs

OCTOBER 17, 2019

European airport systems were infected with a Monero cryptocurrency miner that was linked to the Anti-CoinMiner campaign discovered this summer by Zscaler researchers. . Experts pointed out that the Monero miners were installed on the European airport systems, even if they were running an industry-standard antivirus.

Cryptocurrency

Cryptocurrency Antivirus Advertising Malware

Analysis of BlackGuard – a new info stealer malware being sold in a Russian hacking forum

Security Boulevard

MARCH 30, 2022

Malware-as-a-service has contributed substantially to the growth of ransomware and phishing attacks (among other attack types) in the past year, as they lower the technical barrier to entry for criminals to carry out attacks. Blackguard is currently being sold as malware-as-a-service with a lifetime price of $700 and a monthly price of $200.

Malware

Malware Hacking Antivirus Passwords

Wannacry, the hybrid malware that brought the world to its knees

Security Affairs

OCTOBER 31, 2022

In the early afternoon of Friday 12 May 2017, the media broke the news of a global computer security attack carried out through a malicious code capable of encrypting data residing in information systems and demanding a ransom in cryptocurrency to restore them, the Wannacry ransomware. The infection chain. What should we learn from this?

Malware

Malware Computers and Electronics Encryption Ransomware

SharkBot, the new generation banking Trojan distributed via Play Store

Security Affairs

MARCH 7, 2022

SharkBot banking malware was able to evade Google Play Store security checks masqueraded as an antivirus app. The malware was spotted at the end of October by researchers from cyber security firms Cleafy and ThreatFabric, the name comes after one of the domains used for its command and control servers.

Banking

Banking Antivirus Mobile Malware

The Most Common Types of Malware in 2021

CyberSecurity Insiders

JANUARY 31, 2021

Regardless of how familiar you are with Information Security, you’ve probably come across the term ‘malware’ countless times. From accessing your business-critical resources and sensitive information to halting business operations and services, a malware infection can quickly become an organization’s worst nightmare come true.

Malware

Malware Computers and Electronics Adware Spyware

Security Affairs newsletter Round 491 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

SEPTEMBER 29, 2024

CISA adds new Ivanti Cloud Services Appliance Vulnerability to its Known Exploited Vulnerabilities catalog Ivanti warns of a new actively exploited Cloud Services Appliance (CSA) flaw International law enforcement operation dismantled criminal communication platform Ghost U.S.

Hacking

Hacking Ransomware Antivirus Cybercrime

Oleg Koshkin was convicted for operating a crypting service also used by Kelihos botnet

Security Affairs

JUNE 17, 2021

Russian national Oleg Koshkin was convicted for operating a “crypting” service used to obfuscate the Kelihos bot from antivirus software. Russian national Oleg Koshkin was convicted for charges related to the operation of a malware crypting service used by the Kelihos botnet to obfuscate malware and evade detection.

Antivirus

Antivirus Malware Software Cryptocurrency

Hackers hijack antivirus updates to drop GuptiMiner malware

Hackers hijacked the eScan Antivirus update mechanism in malware campaign

Trending Sources

eScan Antivirus Update Mechanism Exploited to Spread Backdoors and Miners

Calendar Meeting Links Used to Spread Mac Malware

Backdoors and Miners Amid eScan Antivirus Backdoor Exploit

Fake AV websites used to distribute info-stealer malware

US Government Exposes North Korean Malware

Lazarus APT continues to target cryptocurrency businesses with Mac malware

Crypto Hackers Using Babadeda Crypter to Make Their Malware Undetectable

Deceptive Google Meet Invites Lures Users Into Malware Scams

WeSteal, a shameless commodity cryptocurrency stealer available for sale

Latin American Javali trojan weaponizing Avira antivirus legitimate injector to implant malware

GUEST ESSAY: Securing your cryptocurrency — best practices for Bitcoin wallet security

Convicted: He Helped Cybercriminals Evade Antivirus

8 Tips to protect your devices from malware attacks

Convicted: He Helped Cybercriminals Evade Antivirus

Satacom delivers browser extension that steals cryptocurrency

Crackonosh Monero miner made $2M after infecting 222,000 Win systems

New SteelFox Trojan mimics software activators, stealing sensitive data and mining cryptocurrency

Grandoreiro banking malware targets Mexico and Spain

Microsoft Defender uses Intel TDT technology against crypto-mining malware

Under the Mask of Copyright: How Phishing Attacks Are Evolving

Windows Malware that Mines for Crypto ‘Crackonosh’ Used by Hackers to Infect Gamers’ PCs

Researchers uncovered a new Malware Builder dubbed APOMacroSploit

Discover 2022’s Nastiest Malware

Crooks made more than $560K with a simple clipboard hijacker

New Linux Malware Shikitega Can Take Full Control of Devices

Top 10 Malware Strains of 2021

Threat actors target crypto and NFT communities with Babadeda crypter

New Android BlackRock malware targets hundreds of apps

An Interview With the Target & Home Depot Hacker

Fake DDoS protection pages on compromised WordPress sites lead to malware infections

Types of Malware & Best Malware Protection Practices

Microsoft Defender now blocks cryptojacking malware using Intel TDT

Scam Information and Event Management

Cryptocurrency Attacks to be Aware of in 2021

New KryptoCibule Windows Trojan spreads via malicious torrents

Cryptocurrency miners infected more than 50% of the European airport workstations

Analysis of BlackGuard – a new info stealer malware being sold in a Russian hacking forum

Wannacry, the hybrid malware that brought the world to its knees

SharkBot, the new generation banking Trojan distributed via Play Store

The Most Common Types of Malware in 2021

Security Affairs newsletter Round 491 by Pierluigi Paganini – INTERNATIONAL EDITION

Oleg Koshkin was convicted for operating a crypting service also used by Kelihos botnet

Stay Connected