Security Affairs

JANUARY 10, 2025

The malware authors claimed it can steal a broad range of data from compromised systems, including browser data, cryptocurrency wallets, and around 100 browser extensions. The malicious code was advertised on cybercrime forums for $3,000 per month.

Malware 118

Malware Advertising Antivirus Cybercrime 118

Krebs on Security

MARCH 11, 2024

Borrowing from the playbook of ransomware purveyors, the darknet narcotics bazaar Incognito Market has begun extorting all of its vendors and buyers, threatening to publish cryptocurrency transaction and chat records of users who refuse to pay a fee ranging from $100 to $20,000. “And yes, this is an extortion!!!!

Marketing 336

Marketing Scams Cryptocurrency Cybercrime 336

Security Affairs

OCTOBER 13, 2024

CISA adds Windows and Qualcomm bugs to its Known Exploited Vulnerabilities catalog Three new Ivanti CSA zero-day actively exploited in attacks Ukrainian national pleads guilty in U.S.

Data breaches 114

Data breaches Cryptocurrency Artificial Intelligence Cybercrime 114

Security Affairs

NOVEMBER 26, 2024

Banshee Stealer can also steal cryptocurrency from different wallets, including Exodus, Electrum, Coinomi, Guarda, Wasabi Wallet, Atomic and Ledger. The ZIP file is then XOR encrypted, base64 encoded, and sent via a POST request to a specified URL using the built-in cURL command. concludes the report.

Malware 142

Malware Cryptocurrency Encryption Passwords 142

Security Affairs

JANUARY 25, 2021

Indian cryptocurrency exchange Buyucoin suffered a security incident, threat actors leaked sensitive data of 325K users. A new incident involving a cryptocurrency exchange made the headlines, the India-based cryptocurrency exchange suffered a security incident, threat actors leaked sensitive data of 325K users on the Dark Web.

Cryptocurrency 143

Cryptocurrency Hacking InfoSec Data breaches 143

Krebs on Security

APRIL 4, 2024

The disclosure revealed a profitable network of phishing sites that behave and look like the real Privnote, except that any messages containing cryptocurrency addresses will be automatically altered to include a different payment address controlled by the scammers. co showing the site did indeed swap out any cryptocurrency addresses.

Phishing 271

Phishing Cryptocurrency DDOS Internet 271

Krebs on Security

MARCH 28, 2021

“web shells”) that various cybercrime groups worldwide have been using to commandeer any unpatched Exchange servers. Watson said the Krebsonsecurity file will attempt to open up an encrypted connection between the Exchange server and the above-mentioned IP address, and send a small amount of traffic to it each minute.

Hacking 363

Hacking Cybercrime DNS Internet 363

Krebs on Security

JANUARY 30, 2024

authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. Among those was the encrypted messaging app Signal , which said the breach could have let attackers re-register the phone number on another device for about 1,900 users.

Social Engineering 356

Social Engineering Mobile Passwords Cybercrime 356

Krebs on Security

DECEMBER 29, 2022

Here’s a look at some of the more notable cybercrime stories from the past year, as covered by KrebsOnSecurity and elsewhere. Super Bowl Sunday watchers are treated to no fewer than a half-dozen commercials for cryptocurrency investing. I will also continue to post on LinkedIn about new stories in 2023. agencies]. .”

Cryptocurrency 288

Cryptocurrency Cybercrime Computers and Electronics Scams 288

Security Affairs

MARCH 10, 2025

. “In December 2022, the above-described commercial online password manager suffered two major data breaches one in August 2022 and one in November 2022 in which the attackers stole encrypted passwords and the online password manager vault data. ” reads the complaint. ” reported KrebsOnSecurity. ” However.

Password Management 85

Password Management Cryptocurrency Passwords Data breaches 85

SecureList

JUNE 12, 2023

Introduction Stealing cryptocurrencies is nothing new. Since then, stealing cryptocurrencies has continued to occupy cybercriminals. One of the latest additions to this phenomenon is the multi-stage DoubleFinger loader delivering a cryptocurrency stealer. For example, the Mt. recovery phrases). recovery phrases).

Cryptocurrency 121

Cryptocurrency Encryption Malware Ransomware 121

Krebs on Security

MAY 13, 2024

This post examines the activities of Khoroshev’s many alter egos on the cybercrime forums, and tracks the career of a gifted malware author who has written and sold malicious code for the past 14 years. was used by a Russian-speaking member called Pin on the English-language cybercrime forum Opensc. Dmitry Yuryevich Khoroshev.

Ransomware 296

Ransomware Cybercrime Accountability Malware 296

Security Affairs

JUNE 8, 2021

Trojan Shield operation: The FBI and Australian Federal Police ran an encrypted chat platform that was used by crime gangs and intercepted their communications. The FBI and Australian Federal Police (AFP) ran an encrypted chat platform that was used by crime gangs and intercepted their communications. ” continues EUROPOL.

Encryption 132

Encryption Cryptocurrency Cybercrime Advertising 132

Security Affairs

FEBRUARY 24, 2020

The malware is cheap compared to similar threats, it is able to steal sensitive data from about 60 applications, including (browsers, cryptocurrency wallets, email and FTP clients). And this goes beyond usernames and passwords to information that can get them immediate financial gain like credit card information and cryptocurrency wallets.”

Cybercrime 129

Cybercrime Malware Cryptocurrency Advertising 129

SecureList

FEBRUARY 5, 2025

It encrypts data with AES-256 in CBC mode before sending and decrypts server responses with AES-128 in CBC mode. The process of sending data to “rust” consists of three stages: Data is encrypted with AES-256 in CBC mode using the same key as in the case of the “http” server.

Malware 138

Malware Encryption Mobile Cryptocurrency 138

Security Affairs

OCTOBER 23, 2018

A new version of the Azorult info-stealer appeared in the wild, it is able to steal more data, including other types of cryptocurrencies. A new version of the Azorult info-stealer appeared in the wild, it is able to steal more data, including other types of cryptocurrencies, and implements new features. Pierluigi Paganini.

Marketing 105

Marketing Cybercrime Cryptocurrency Advertising 105

Security Affairs

MARCH 18, 2025

Once deployed, StilachiRAT scans configuration data from tens of cryptocurrency wallet extensions to steal digital assets. StilachiRAT can extract Chromes encrypted encryption_key and decrypts it using Windows APIs to access stored credentials. It retrieves login data from SQLite databases and sends it to the attacker.

Malware 110

Malware Cryptocurrency Encryption Passwords 110

Krebs on Security

NOVEMBER 26, 2018

In reality, the [link] part of the address (also called “ Secure Sockets Layer ” or SSL ) merely signifies the data being transmitted back and forth between your browser and the site is encrypted and can’t be read by third parties. A live Facebook phish that uses SSL (has the green padlock).

Phishing 279

Phishing Scams Cryptocurrency Internet 279

Security Affairs

MARCH 13, 2025

Medusa operators leverage legitimate remote access tools like AnyDesk, Atera, and Splashtop, alongside RDP and PsExec, to move laterally and locate files for exfiltration and encryption. Encryption is executed using gaze.exe , which disables security tools, deletes backups, and encrypts files with AES-256 before dropping a ransom note.

Ransomware 67

Ransomware Encryption Cryptocurrency Insurance 67

Krebs on Security

FEBRUARY 20, 2024

Kondratyev is also charged (PDF) with three criminal counts arising from his alleged use of the Sodinokibi (aka “ REvil “) ransomware variant to encrypt data, exfiltrate victim information, and extort a ransom payment from a corporate victim based in Alameda County, California. An FBI wanted poster for Matveev.

Ransomware 326

Ransomware Cybercrime Encryption Insurance 326

SecureList

OCTOBER 20, 2021

Having been in the field for so long, we have witnessed some major changes in the cybercrime world’s modus operandi. This report shares our insights into the Russian-speaking cybercrime world and the changes in how it operates that have happened in the past five years. Conclusion: cybersecurity and cybercrime have matured.

Cybercrime 145

Cybercrime Banking Malware Ransomware 145

Krebs on Security

JUNE 2, 2020

Lawrence Abrams , editor of the computer help and news Web site BleepingComputer , said while some ransomware groups have a history of selling victim data on cybercrime forums, this latest move by REvil may be just another tactic used by criminals to force victims to negotiate a ransom payment. and Europe in early March.”

Ransomware 340

Ransomware Backups Encryption Internet 340

Security Affairs

JUNE 7, 2019

million Ripple coins (XRP), worth nearly $10 million, from the users of the GateHub cryptocurrency wallet service. million Ripple coins (XRP), worth nearly $10 million, from the users of the GateHub cryptocurrency wallet service. Cyber criminals stole 3.2 A new cyber heist made the headlines, crooks stole 3.2 Pierluigi Paganini.

Cryptocurrency 109

Cryptocurrency Accountability Advertising Hacking 109

Security Affairs

DECEMBER 8, 2024

Hackers stole millions of dollars from Uganda Central Bank International Press Newsletter Cybercrime INTERPOL financial crime operation makes record 5,500 arrests, seizures worth over USD 400 million Hackers Stole $1.49

Artificial Intelligence 101

Artificial Intelligence Spyware Hacking Ransomware 101

Security Affairs

SEPTEMBER 19, 2022

AquaSec researchers observed the cybercrime gang TeamTNT hijacking servers to run Bitcoin solver since early September. In the first week of September, AquaSec researchers identified at least three different attacks targeting their honeypots, the experts associated them with the cybercrime gang TeamTNT. ” continue the experts.

Encryption 98

Encryption Cybercrime Hacking Malware 98

SecureList

NOVEMBER 23, 2021

The COVID-19 pandemic is likely to cause a massive wave of poverty, and that invariably translates into more people resorting to crime, including cybercrime. We should expect more fraud, targeting mostly BTC , because this cryptocurrency is the most popular. Cracking down hard on the cybercrime world.

Cryptocurrency 141

Cryptocurrency Banking Cybercrime Ransomware 141

Security Affairs

APRIL 29, 2023

xyz pic.twitter.com/VLhISark8Y — Goldwave (@OGoldwave) March 13, 2023 The variant employed in the campaign supports a more sophisticated encryption method of byte remapping and a monthly rotation of the C2 server. #ViperSoftX is back, doesn't look like much has changed. c2 arrowlchat[.]com ” concludes the report.

Encryption 98

Encryption Malware Cryptocurrency Software 98

Security Affairs

MARCH 23, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Decrypting Encrypted files from Akira Ransomware (Linux/ESXI variant 2024) using a bunch of GPUs Jaguar Land Rover Breached by HELLCAT Ransomware Group Using Its Infostealer PlaybookThen a Second Hacker Strikes ClearFakes (..)

Malware 63

Malware Threat Detection Cryptocurrency Ransomware 63

Security Affairs

AUGUST 15, 2022

The SOVA Android banking trojan was improved, it has a new ransomware feature that encrypts files on Android devices, Cleafy researchers report. targets over 200 banking and cryptocurrency exchange apps. The malware encrypts the files inside the infected devices using an AES algorithm and renaming them with the extension “.enc”.

Encryption 98

Encryption Malware Banking Ransomware 98

Security Affairs

FEBRUARY 23, 2025

from Bybit, it is the largest cryptocurrency heist ever Apple removes iCloud encryption in UK following backdoor demand B1acks Stash released 1 Million credit cards U.S. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Lazarus APT stole $1.5B

Malware 64

Malware Scams Encryption Phishing 64

Security Affairs

JUNE 18, 2024

Over the last few years, ransomware attacks have become one of the most prevalent and expensive forms of cybercrime. Initially, these attacks involved malicious software that encrypts a victim’s data, rendering it inaccessible until a ransom is paid to the attackers. She is also a regular writer at Bora.

Ransomware 139

Ransomware Cryptocurrency Insurance Cybercrime 139

Security Affairs

JANUARY 12, 2022

The RedLine malware allows operators to steal several information, including credentials, credit card data, cookies, autocomplete information stored in browsers, cryptocurrency wallets, credentials stored in VPN clients and FTP clients. The malicious code can also act as a first-stage malware. Pierluigi Paganini.

Malware 145

Malware Manufacturing Cryptocurrency Cybercrime 145

Security Affairs

MAY 2, 2024

“Ransomware is malicious software designed to encrypt data on victim computers, allowing bad actors the ability to demand a ransom payment in exchange for the decryption key.” victims, and we are disrupting the broader cybercrime ecosystem.” .” reads the press release published by DoJ.

Ransomware 124

Ransomware Cryptocurrency Cybercrime Encryption 124

Malwarebytes

JUNE 16, 2021

According to a press release issued by Ukrainian authorities, law enforcement officials also shut down infrastructure that was used to spread the cybercrime gang’s ransomware, which was first spotted in February of 2019 as a new variant of the Cryptomix family.

Ransomware 124

Ransomware Cybercrime Cryptocurrency Encryption 124

CyberSecurity Insiders

FEBRUARY 8, 2021

Later security firm ENKI said that Lazarus could have carried out the latest file encrypting malware attack by exploiting a zero day vulnerability in Internet Explorer browser of Windows operating system. Note- Lazarus group aka Guardians of Peace is a Cybercrime group that is being funded by North Korean intelligence- as per US Intelligence.

Ransomware 134

Ransomware Social Engineering Cryptocurrency Cybercrime 134

Malwarebytes

NOVEMBER 11, 2021

Of course, we’re interested from a cybercrime point of view. Cybercrime. Cybercrime in this report includes the creation and spread of malware, hacking to steal sensitive personal or industry data, denial of service attacks to cause financial and/or reputational damage, and other criminal activities. So let’s dig in.

Cybercrime 115

Cybercrime Encryption Cryptocurrency Advertising 115

Malwarebytes

SEPTEMBER 19, 2023

Since then, cybercrime group specialists from the North Rhine-Westphalia State Criminal Police Office (LKA NRW), together with the Cybercrime Central and Contact Point (ZAC NRW), carried out another targeted strike against people associated with the criminal network. Stop malicious encryption.

Ransomware 136

Ransomware Backups Cryptocurrency Cybercrime 136