Remove Antivirus Remove Cryptocurrency Remove Passwords
article thumbnail

Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack

Krebs on Security

One of the alleged hackers was first profiled here in 2012 as the owner of a Chinese antivirus firm. One of the men indicted as part of APT41 — now 35-year-old Tan DaiLin — was the subject of a 2012 KrebsOnSecurity story that sought to shed light on a Chinese antivirus product marketed as Anvisoft. Image: FBI.

Antivirus 363
article thumbnail

FBI warns of malicious free online document converters spreading malware

Security Affairs

They can also steal personal data, banking details, cryptocurrency info, emails, and passwords by scraping the files the users upload. The FBI Denver Field Office advises staying cautious online, being aware of potential risks, and keeping antivirus software updated to scan files before opening them.

Malware 114
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

New SteelFox Trojan mimics software activators, stealing sensitive data and mining cryptocurrency

SecureList

Type of data Details Browser data Cookies, credit cards, location, search history Software Installed software, antivirus solutions, running services, installed addons System info Build date (if possible), version, revision, installation date Network info Wireless interfaces, networks and passwords (extracted as plaintext) SIM SIM-card data (if applicable) (..)

Software 123
article thumbnail

AMOS and Lumma stealers actively spread to Reddit users

Malwarebytes

We were alerted to Mac and Windows stealers currently distributed via Reddit posts targeting users engaging in cryptocurrency trading. These two malware families have wreaked havoc, pillaging victims’ personal data and enabling their distributors to make substantial gains, mostly by taking over cryptocurrency wallets.

article thumbnail

An Interview With the Target & Home Depot Hacker

Krebs on Security

That investigation detailed how the 38-year-old Shefel adopted the nickname Rescator while working as vice president of payments at ChronoPay , a Russian financial company that paid spammers to advertise fake antivirus scams, male enhancement drugs and knockoff pharmaceuticals. “Hi, how are you?” ” he inquired.

Retail 258
article thumbnail

Banshee macOS stealer supports new evasion mechanisms

Security Affairs

The malware authors claimed it can steal a broad range of data from compromised systems, including browser data, cryptocurrency wallets, and around 100 browser extensions. Researchers at Elastic Security Labs who first analyzed the malware confirmed it can steal keychain passwords and data from multiple browsers.

Malware 118
article thumbnail

Attackers distributing a miner and the ClipBanker Trojan via SourceForge

SecureList

The infection chain: from searching for office software to downloading an installer The downloaded archive contains another password-protected archive, installer.zip , and a Readme.txt file with the password. The installer files lack an archive password. This file contains the password for the RAR archive.