The Hacker News

AUGUST 16, 2024

Cybersecurity researchers have uncovered new stealer malware that's designed to specifically target Apple macOS systems. Dubbed Banshee Stealer, it's offered for sale in the cybercrime underground for a steep price of $3,000 a month and works across both x86_64 and ARM64 architectures.

Architecture 140

Architecture Cryptocurrency Cybercrime Malware 140

Krebs on Security

SEPTEMBER 5, 2023

Since then, a steady trickle of six-figure cryptocurrency heists targeting security-conscious people throughout the tech industry has led some security experts to conclude that crooks likely have succeeded at cracking open some of the stolen LastPass vaults. “The victim profile remains the most striking thing,” Monahan wrote.

Cryptocurrency 362

Cryptocurrency Passwords Encryption Accountability 362

Security Affairs

FEBRUARY 24, 2020

Raccoon Malware is a recently discovered infostealer that can extract sensitive data from about 60 applications on a targeted system. Racoon malware , Legion, Mohazo, and Racealer, is an infostealer that recently appeared in the threat landscape that is advertised in hacking forums. ” reads the report published by CyberArk.

Cybercrime 130

Cybercrime Malware Cryptocurrency Advertising 130

SecureList

MARCH 31, 2022

For the Lazarus threat actor, financial gain is one of the prime motivations, with a particular emphasis on the cryptocurrency business. This application contains a legitimate program called DeFi Wallet that saves and manages a cryptocurrency wallet, but also implants a malicious file when executed. Backdoor creation.

Malware 145

Malware Encryption Cryptocurrency Architecture 145

Security Affairs

DECEMBER 1, 2022

Redigo is a new Go-based malware employed in attacks against Redis servers affected by the CVE-2022-0543 vulnerability. Researchers from security firm AquaSec discovered a new Go-based malware that is used in a campaign targeting Redis servers. ” reads the analysis published by AquaSec. Pierluigi Paganini.

Malware 145

Malware DDOS Architecture Cryptocurrency 145

Security Affairs

SEPTEMBER 8, 2024

Multiple threat actors actively exploited the recently disclosed OSGeo GeoServer GeoTools flaw CVE-2024-36401 in malware-based campaigns. The attack starts with a shell script that downloads binaries for various architectures (ARM, MIPS, X86), extracts a command-and-control (C2) server from an encrypted configuration, and connects to it.

Malware 134

Malware Telecommunications Encryption DDOS 134

Security Affairs

MARCH 13, 2021

Kaspersky researchers spotted a new variant of the XCSSET Mac malware that compiled for devices running on Apple M1 chips. The malware also allows attackers to capture screenshots and exfiltrate stolen documents to the attackers’ server. Recently experts spotted other malware specifically designed to infect Mac running on M1 chips.

Malware 119

Malware Adware Architecture Antivirus 119

Security Affairs

JUNE 27, 2023

An unnamed Japanese cryptocurrency exchange was the victim of a cyber attack aimed at deploying an Apple macOS backdoor named JokerSpy. Elastic Security Labs researchers provided details about a recently discovered intrusion at an unnamed cryptocurrency exchange, aimed at deploying an Apple macOS backdoor named JokerSpy.

Cryptocurrency 98

Cryptocurrency Spyware Malware Architecture 98

Security Affairs

APRIL 23, 2021

Researchers from Trend Micro have spotted a new Linux botnet employing multiple emerging techniques among cyber-criminals, including the use of Tor proxies, the abuse of legitimate DevOps tools, and the removal or deactivation of competing malware. for spreading.

Architecture 137

Architecture Cryptocurrency Malware Technology 137

Security Affairs

SEPTEMBER 28, 2022

North Korea-linked Lazarus APT group is targeting macOS Users searching for jobs in the cryptocurrency industry. North Korea-linked Lazarus APT group continues to target macOS with a malware campaign using job opportunities as a lure. The second-stage malware extracts and executes the third-stage binary.

Malware 104

Malware Cryptocurrency Architecture Advertising 104

Security Affairs

SEPTEMBER 24, 2020

Security researchers spotted a new strain of Android malware, dubbed Alien, that implements multiple features allowing it to steal credentials from 226 apps. Alien first appeared in the threat landscape early this year, its model of sale is Malware-as-a-Service (MaaS) and is advertised on several underground hacking forums.

Banking 110

Banking Malware Advertising Architecture 110

Heimadal Security

APRIL 26, 2021

At first, the researchers noticed the use of a multi-component architecture and the worm (propagator) modules, with the botnet being upgraded to use a single binary able of mining and auto-spreading the malware to other devices. The post A New Cryptomining Malware Is Building an Army of Bots appeared first on Heimdal Security Blog.

Malware 98

Malware Architecture Cryptocurrency Cybersecurity 98

Security Affairs

OCTOBER 7, 2020

Experts noticed that the malware supports multiple CPU architectures, including x86(32/64), ARM(32/64), MIPS(MIPS32/MIPS-III) and PPC, it is written in the Go open-source programming language. Upon gaining access to the device, the bot downloads one of seven binaries that install the HEH malware. ” concludes the post.

Architecture 134

Architecture IoT Malware Advertising 134

Security Affairs

SEPTEMBER 27, 2022

Threat actors behind the new ‘Erbium’ information-stealing malware are distributing it as fake cracks and cheats for popular video games to steal victims’ credentials and cryptocurrency wallets. The Erbium info-stealing malware was first spotted by researchers at threat intelligence firm Cluster25 on July 21, 2022.

Malware 98

Malware Password Management Passwords Authentication 98

SecureList

OCTOBER 4, 2024

While trying to deliver malware on victims’ devices and stay on them as long as they can, sometimes attackers are using quite unusual techniques. Malware was also distributed through Telegram channels targeted at crypto investors and in descriptions and comments on YouTube videos about cryptocurrency, cheats and gambling.

Scams 145

Scams Cryptocurrency Malware Software 145

Security Affairs

JULY 3, 2023

Researchers spotted a new version of the RustBucket Apple macOS malware that supports enhanced capabilities. Researchers from the Elastic Security Labs have spotted a new variant of the RustBucket Apple macOS malware. The RustBucket malware allows operators to download and execute various payloads.

Malware 98

Malware Architecture Cryptocurrency Hacking 98

Security Affairs

SEPTEMBER 13, 2019

A new cryptocurrency-mining botnet tracked as WatchBog is heavily using the Pastebin service for command and control (C&C) operations. Cisco Talos researchers discovered a new cryptocurrency -mining botnet tracked as WatchBog is heavily using the Pastebin service for command and control. ” continues Talos.

Architecture 106

Architecture Cryptocurrency Malware Advertising 106

Security Affairs

FEBRUARY 16, 2021

Latin American Javali trojan weaponizing Avira antivirus legitimate injector to implant malware. Latin American trojans share the same modus operandi and even modules and blocks of code observed during the analysis of several malware samples. Background of Latin American Trojans.

Antivirus 133

Antivirus Malware Banking Internet 133

Security Affairs

NOVEMBER 9, 2021

Threat actors execute malicious scripts to deploy Monero cryptocurrency miners, perform container-to-host escape using well-known techniques, and scan the Internet for exposed ports from other compromised containers. The TeamTNT botnet is a crypto-mining malware operation that has been active since April 2020 and that targets Docker installs.

Cryptocurrency 116

Cryptocurrency Malware Cybercrime Architecture 116

Security Affairs

SEPTEMBER 2, 2019

Akamai researcher Larry Cashdollar reported that a cryptocurrency miner that previously hit only Arm-powered IoT devices it now targeting Intel systems. The researchers revealed that one of his honeypots was hit by this IoT malware that targets Intel machines running Linux. “This one seems to target enterprise systems.”

IoT 111

IoT Cryptocurrency Malware Advertising 111

Centraleyes

DECEMBER 16, 2024

Zero Trust Architecture (ZTA) Expands The Zero Trust model, which focuses on verifying every person and device attempting to access a system, is gaining ground as a best practice in cybersecurity. We are seeing increased use of AI to automate attacks, including malware generation and phishing campaigns.

Cybersecurity 98

Cybersecurity Insurance Cyber Insurance Risk 98

The Last Watchdog

JANUARY 4, 2022

Legacy security architectures just don’t fit this massively complex, highly dynamic environment. So they’ve kept their hacking teams busy utilizing APIs as conduits to move laterally inside breached networks, to locate valuable assets, to steal data and to embed malware. Attack chain multiplier.

Digital transformation 260

Digital transformation Hacking Architecture Cyber Risk 260

Security Affairs

JUNE 19, 2024

A malware campaign targets publicly exposed Docker API endpoints to deliver cryptocurrency miners and other payloads. Researchers at Datadog uncovered a new cryptojacking campaign linked to the attackers behind Spinning YARN campaign. The threat actors target publicly exposed and unsecured Docker API endpoints for initial access.

Internet 135

Internet Internet Malware Architecture 135

Security Affairs

JULY 24, 2018

.” The Trend Micro researchers’ analysis shows a fairly typical command & control (C&C) malware infection process with many similarities to the Satori variant of the Mirai botnet. Since it appears to be killing Monero mining processes, the compromised devices could be retasked to mine cryptocurrency for a different group.

Cryptocurrency 70

Cryptocurrency IoT Mobile Advertising 70

Security Affairs

JUNE 26, 2024

Researchers warn that the P2Pinfect worm is targeting Redis servers with ransomware and cryptocurrency mining payloads. Cado Security researchers warned that the P2Pinfect worm is employed in attacks against Redis servers, aimed at deploying both ransomware and cryptocurrency mining payloads.

Ransomware 126

Ransomware Malware Cryptocurrency Passwords 126

SecureList

OCTOBER 25, 2023

Introduction It’s just another cryptocurrency miner… Nobody would even suspect the mining malware was merely a mask, masquerading behind an intricate modular framework that supports both Linux and Windows. During that time, it had effectively evaded analysis and had previously been misclassified as a cryptocurrency miner.

Malware 144

Malware DNS Encryption Ransomware 144

Security Affairs

NOVEMBER 14, 2022

Researchers spotted a new evasive malware, tracked as KmsdBot, that infects systems via an SSH connection that uses weak credentials. Akamai Security Research discovered a new evasive Golang-based malware, tracked as KmsdBot, that infects systems via an SSH connection that uses weak login credentials.

DDOS 98

DDOS Malware Cryptocurrency Architecture 98

Security Affairs

AUGUST 28, 2023

KmsdBot is an evasive Golang-based malware that was first detected by Akamai in November 2022, it infects systems via an SSH connection that uses weak login credentials. The malware was employed in cryptocurrency mining campaigns and to launch denial-of-service (DDoS) attacks.

IoT 98

IoT DDOS Architecture Internet 98

Security Affairs

SEPTEMBER 29, 2018

According to experts from Avast, the Torii bot has been active since at least December 2017, it could targets a broad range of architectures, including ARM, MIPS, x86, x64, PowerPC, and SuperH. The Torii IoT botnet stands out for the largest sets of architectures it is able to target. ” reads the analysis published by Avast.

IoT 110

IoT Architecture Advertising DDOS 110

NopSec

MARCH 29, 2023

Another day goes by, another latest and greatest security breach affects the cryptocurrency world. With this blog post, I would like to shed light on the components of cryptocurrency infrastructure and how to threat model these various elements. Miners are then rewarded with a certain amount of cryptocurrency to find a valid block.

Cryptocurrency 52

Cryptocurrency Accountability Malware Architecture 52

Security Affairs

SEPTEMBER 23, 2018

Feedify cloud service architecture compromised by MageCart crime gang. New XBash malware combines features from ransomware, cryptocurrency miners, botnets, and worms. Sustes Malware: CPU for Monero. Hackers stole $60 Million worth of cryptocurrencies from Japanese Zaif exchange. 20% discount. Kindle Edition.

Computers and Electronics 84

Computers and Electronics Cryptocurrency Data breaches Advertising 84

Security Boulevard

MAY 27, 2022

The Exfiltration Phase of The Kill Chain of a Cryptocurrency-Based Attack Provides the Greatest Opportunity to Identify Cybercriminals. Cryptocurrency gained through illicit means is less useable than other assets due to the way cryptocurrency systems currently do not fully protect owner identity and allow for only limited liquidity.

Cryptocurrency 59

Cryptocurrency Risk Marketing Architecture 59

Security Affairs

MARCH 30, 2021

The expert determined the number of cryptocurrencies that were mined to a mining pool account by inspecting the mining pool. Half of the images discovered by the expert were using a shared mining pool, by he estimated that threat actors mined US$200,000 worth of cryptocurrencies in a two-year period.

Cryptocurrency 104

Cryptocurrency Accountability Architecture Software 104

Security Affairs

JUNE 22, 2019

The ADB could be abused by malware to target Android phones through the port 5555. “We observed a new cryptocurrency-mining botnet malware that arrives via open ADB (Android Debug Bridge) ports and can spread via SSH. “This botnet malware also tries to block its competitor by modifying /etc/hosts. .

Cryptocurrency 99

Cryptocurrency Malware Advertising Firmware 99

Security Affairs

APRIL 28, 2020

The Outlaw Hacking Group is back, malware researchers from Cybaze-Yoroi ZLab have uncovered a new botnet that is targeting European organizations. During our daily monitoring activities, we intercepted a singular Linux malware trying to penetrate the network of some of our customers. Introduction. Technical Analysis.

Architecture 133

Architecture Malware Hacking DDOS 133

Security Affairs

FEBRUARY 27, 2019

Security researchers at Cisco Talos are warning of a spike in attacks on unsecured Elasticsearch clusters to drop cryptocurrency miners. The experts observed a second threat actor using the exploit for the CVE-2014-3120 to deliver a malicious code that is a derivative of the Bill Gates DDoS malware. ” Talos concludes.

Advertising 108

Advertising Cryptocurrency Malware DDOS 108

CyberSecurity Insiders

JANUARY 26, 2022

Other cybersecurity subjects realized substantial year-over-year growth, including privacy (up 90%), identity (up 50%), application security (up 45%), malware (up 34%), governance (up 35%), and cybersecurity compliance (up 30%). For example, content use about ransomware nearly tripled (a 270% increase).

Data breaches 84

Data breaches Cybersecurity Cryptocurrency Technology 84