Krebs on Security

JUNE 15, 2021

Department of Justice (DOJ) last week announced the arrest of a 55-year-old Latvian woman who’s alleged to have worked as a programmer for Trickbot , a malware-as-a-service platform responsible for infecting millions of computers and seeding many of those systems with ransomware. Alla Witte’s personal website — allawitte[.]nl

Cybercrime 354

Cybercrime Ransomware Passwords Banking 354

Krebs on Security

NOVEMBER 14, 2024

Shefel claims the true mastermind behind the Target and other retail breaches was Dmitri Golubov , an infamous Ukrainian hacker known as the co-founder of Carderplanet, among the earliest Russian-language cybercrime forums focused on payment card fraud. “I’m also godfather of his second son.”

Retail 255

Retail Advertising Cryptocurrency Marketing 255

Krebs on Security

OCTOBER 31, 2022

A 26-year-old Ukrainian man is awaiting extradition from The Netherlands to the United States on charges that he acted as a core developer for Raccoon , a popular “malware-as-a-service” offering that helped paying customers steal passwords and financial data from millions of cybercrime victims. According to the U.S.

Malware 337

Malware Identity Theft Cybercrime Accountability 337

Security Affairs

MARCH 10, 2025

Experts warn of a large-scale cryptocurrency miner campaign targeting Russian users with SilentCryptoMiner. Kaspersky researchers discovered a mass malware campaign spreading SilentCryptoMiner by disguising it as a tool to bypass internet restrictions. Common malware families include NJRat , XWorm, Phemedrone , and DCRat.

Cryptocurrency 82

Cryptocurrency Malware Social Engineering Antivirus 82

Krebs on Security

FEBRUARY 17, 2021

Secret Service and Department of Homeland Security told reporters on Wednesday the trio’s activities involved extortion, phishing, direct attacks on financial institutions and ATM networks, as well as malicious applications that masqueraded as software tools to help people manage their cryptocurrency holdings.

Cryptocurrency 329

Cryptocurrency Financial Services Banking Government 329

Security Affairs

JANUARY 10, 2025

In August 2024, Russian crooks advertised a macOS malware called BANSHEE Stealer that can target both x86_64 and ARM64 architectures. The malware authors claimed it can steal a broad range of data from compromised systems, including browser data, cryptocurrency wallets, and around 100 browser extensions.

Malware 121

Malware Advertising Antivirus Cybercrime 121

Security Affairs

JANUARY 14, 2025

A critical vulnerability in Aviatrix Controller is actively exploited to deploy backdoors and cryptocurrency miners in the wild. The Wiz Incident Response team reported that threat actors are exploiting the flaw in attacks in the wild to deploy backdoors and cryptocurrency miners. ” reads the advisory published by Wiz.

Cryptocurrency 82

Cryptocurrency Hacking Risk Cybercrime 82

Krebs on Security

NOVEMBER 9, 2024

One English-speaking cybercriminal who goes by the nicknames “ Pwnstar ” and “ Pwnipotent ” has been selling fake EDR services on both Russian-language and English cybercrime forums. “Unfortunately, a lot of this is phishing or malware campaigns,” Donahue said. dot-gov emails get hacked.

Hacking 278

Hacking Accountability Government Social Engineering 278

Security Affairs

NOVEMBER 26, 2024

Banshee Stealer, a MacOS Malware-as-a-Service, shut down after its source code leaked online. In August 2024, Russian hackers promoted BANSHEE Stealer, a macOS malware targeting x86_64 and ARM64, capable of stealing browser data, crypto wallets, and more. The code is now available on GitHub. concludes the report.

Malware 144

Malware Cryptocurrency Encryption Passwords 144

Security Affairs

OCTOBER 3, 2023

Cybersecurity researchers spotted a new malware-as-a-service (MaaS) called BunnyLoader that’s appeared in the threat landscape. Zscaler ThreatLabz researchers discovered a new malware-as-a-service (MaaS) that is called BunnyLoader, which has been advertised for sale in multiple cybercrime forums since September 4, 2023.

Advertising 139

Advertising Cybercrime Malware Cryptocurrency 139

Security Affairs

APRIL 2, 2025

The malware was discovered on counterfeit Android devices mimicking popular smartphone models. “The malware has broad functionality and gives attackers almost unlimited control over the gadget” The malware, embedded in the system framework, provides attackers full control over the device. 231 banking malware.

Malware 122

Malware Cryptocurrency Mobile Firmware 122

Security Affairs

APRIL 6, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape CISA Releases Malware Analysis Report on RESURGE Malware Associated with Ivanti Connect Secure Unboxing Anubis: Exploring the Stealthy Tactics of FIN7’s Latest Backdoor Advancements in delivery: Scripting with (..)

Malware 70

Malware Cryptocurrency Hacking Accountability 70

Security Affairs

MARCH 15, 2025

Pirated software seekers are targeted by the new MassJacker clipper malware, according to CyberArk researchers. A new malware campaign spreading a new clipper malware dubbed MassJacker targets users searching for pirated software, Cyberark users warn. com) distributing pirated software that also spreads malware.

Software 106

Software Cryptocurrency Malware Encryption 106

Security Affairs

OCTOBER 13, 2024

The Mexican Drug Cartels Want You Casio: Notice of Partial Service Outage and Information Leak Caused by Ransomware Attack He founded a “startup” to access sanctioned Russian websites: the cyber police of Khmelnytskyi region exposed the hacker Hacked ‘AI Girlfriend’ Data Shows Prompts Describing Child Sexual Abuse Malware Over 300,000!

Data breaches 117

Data breaches Cryptocurrency Artificial Intelligence Cybercrime 117

Security Affairs

FEBRUARY 3, 2025

The Russian-speaking Crazy Evil group runs over 10 social media scams, tricking victims into installing StealC, AMOS, and Angel Drainer malware. Since 2021, the Crazy Evil gang has become a major cybercriminal group, using phishing, identity fraud, and malware to steal cryptocurrency.

Scams 77

Scams Media Cryptocurrency Cybercrime 77

Security Affairs

APRIL 20, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malicious NPM Packages Targeting PayPal Users New Malware Variant Identified: ResolverRAT Enters the Maze Nice chatting with you: what connects cheap Android smartphones, WhatsApp and cryptocurrency theft?

Malware 67

Malware Cryptocurrency Engineering Encryption 67

Security Affairs

JANUARY 30, 2025

An international law enforcement operation targeted several major cybercrime websites, including Cracked, Nulled, Sellix, and StarkRDP. An international law enforcement operation led by Europol, code-named Operation Talent, dismantled several major cybercrime sites, including Cracked, Nulled, Sellix, and StarkRDP. and Nulled.to.”

Cybercrime 61

Cybercrime Cryptocurrency Hacking Phishing 61

Security Affairs

NOVEMBER 3, 2024

Chinese threat actors use Quad7 botnet in password-spray attacks FBI arrested former Disney World employee for hacking computer menus and mislabeling allergy info Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide PTZOptics cameras zero-days actively exploited in the wild New LightSpy spyware (..)

Cryptocurrency 110

Cryptocurrency Hacking Phishing Cyber Attacks 110

Security Affairs

MARCH 23, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Decrypting Encrypted files from Akira Ransomware (Linux/ESXI variant 2024) using a bunch of GPUs Jaguar Land Rover Breached by HELLCAT Ransomware Group Using Its Infostealer PlaybookThen a Second Hacker Strikes ClearFakes (..)

Malware 65

Malware Threat Detection Cryptocurrency Ransomware 65

Security Affairs

JANUARY 2, 2022

North Korea-linked threat actors are behind some of the largest cyberattacks against cryptocurrency exchanges. North Korea-linked APT groups are suspected to be behind some of the largest cyberattacks against cryptocurrency exchanges. billion (2 trillion won) worth of cryptocurrency from multiple exchanges during the past five years.

Cryptocurrency 142

Cryptocurrency Cybercrime Media Government 142

Security Affairs

NOVEMBER 17, 2024

Agency Warns Employees About Phone Use Amid Ongoing China Hack APT Actors Embed Malware within macOS Flutter Applications The Botnet is Back: SSC STRIKE Team Uncovers a Renewed Cyber Threat Iranian “Dream Job” Campaign 11.24

Cryptocurrency 112

Cryptocurrency Malware Hacking Ransomware 112

Malwarebytes

FEBRUARY 19, 2025

These findings come from the 2025 State of Malware report. The threat of info stealers Info stealers are a type of malware that do exactly as they saythey steal information from peoples devices. But the variety of information that these pieces of malware can steal makes them particularly dangerous. They are wildly adaptable.

Malware 134

Malware Software Passwords Cryptocurrency 134

Security Affairs

NOVEMBER 15, 2024

The Glove Stealer malware exploits a new technique to bypass Chrome’s App-Bound encryption and steal browser cookies. The malware could harvest a huge trove of data from infected systems, including cookies, autofill, cryptocurrency wallets, 2FA authenticators, password managers, and email client information.

Encryption 117

Encryption Password Management Cryptocurrency Social Engineering 117

Security Affairs

NOVEMBER 1, 2021

Operators behind the Squid Game cryptocurrency have exit scam making off with an estimated $2.1 Operators behind the Squid Game cryptocurrency have exit scam making off with an estimated $2.1 The following graph shows that the cryptocurrency peaked at a price of $2,861 before dropping to $0 around. ” reported GixModo.

Cryptocurrency 140

Cryptocurrency Scams Cybercrime Advertising 140

eSecurity Planet

DECEMBER 21, 2021

Cryptocurrency Fuels Ransomware. One constant in all this will be cryptocurrency, the coin of the realm when it comes to ransomware. Cryptocurrency really is fueling this in a sense. … If you were to take cryptocurrency away from that, they don’t have a convenient digital platform.

Cryptocurrency 140

Cryptocurrency Ransomware Cybercrime Social Engineering 140

Krebs on Security

AUGUST 29, 2023

government today announced a coordinated crackdown against QakBot , a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. Qakbot/Qbot was once again the top malware loader observed in the wild in the first six months of 2023. Source: Reliaquest.com.

Hacking 307

Hacking Malware Ransomware Government 307

The Hacker News

FEBRUARY 2, 2025

A Russian-speaking cybercrime gang known as Crazy Evil has been linked to over 10 active social media scams that leverage a wide range of tailored lures to deceive victims and trick them into installing malware such as StealC, Atomic macOS Stealer (aka AMOS), and Angel Drainer.

Malware 127

Malware Cryptocurrency Scams Cybercrime 127

Krebs on Security

MARCH 28, 2021

New data suggests someone has compromised more than 21,000 Microsoft Exchange Server email systems worldwide and infected them with malware that invokes both KrebsOnSecurity and Yours Truly by name. “web shells”) that various cybercrime groups worldwide have been using to commandeer any unpatched Exchange servers.

Hacking 363

Hacking Cybercrime DNS Internet 363

Security Affairs

MARCH 6, 2021

A suspicious wave of attacks resulted in the hack of four cybercrime forums Verified, Crdclub, Exploit, and Maza since January. Since January, a series of mysterious cyberattacks that resulted in the hack of popular Russian-language cybercrime forums. The hack of the Maza cybercrime forum was also reported by researchers at Flashpoint.

Cybercrime 145

Cybercrime Hacking DDOS Passwords 145

Security Affairs

APRIL 7, 2025

. “PoisonSeed threat actors are targeting enterprise organizations and individuals outside the cryptocurrency industry.They have been phishing CRM and bulk email providers credentials to export email lists and send bulk spam from the accounts. ” reads the report published by Silent Push. ” continues the report.

Scams 74

Scams Cryptocurrency Phishing Cybercrime 74

Security Affairs

MARCH 2, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 63

Malware Architecture IoT Ransomware 63

Security Affairs

JANUARY 11, 2025

Department of Justice charged three Russian citizens with operating crypto-mixing services that helped crooks launder cryptocurrency. that helped crooks launder cryptocurrency. were allegedly used for laundering funds from ransomware and cybercrimes. and Sinbad.io 1, 2024, while Anton Vyachlavovich Tarasov, remains at large.

Cybercrime 74

Cybercrime Cryptocurrency Hacking Ransomware 74

Security Affairs

JANUARY 25, 2021

Indian cryptocurrency exchange Buyucoin suffered a security incident, threat actors leaked sensitive data of 325K users. A new incident involving a cryptocurrency exchange made the headlines, the India-based cryptocurrency exchange suffered a security incident, threat actors leaked sensitive data of 325K users on the Dark Web.

Cryptocurrency 144

Cryptocurrency Hacking InfoSec Data breaches 144

Krebs on Security

MAY 13, 2024

This post examines the activities of Khoroshev’s many alter egos on the cybercrime forums, and tracks the career of a gifted malware author who has written and sold malicious code for the past 14 years. was used by a Russian-speaking member called Pin on the English-language cybercrime forum Opensc. Image: treasury.gov.

Ransomware 297

Ransomware Cybercrime Accountability Malware 297

Security Affairs

JANUARY 12, 2022

Experts warn of a new variant of the RedLine malware that is distributed via emails as fake COVID-19 Omicron stat counter app as a lure. The malicious code can also act as a first-stage malware. SecurityAffairs – hacking, RedLine malware). Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Malware 145

Malware Manufacturing Cryptocurrency Cybercrime 145

SecureList

MARCH 25, 2025

Note that for mobile banking malware, we retrospectively revised the 2023 numbers to provide more accurate statistics. We also changed the methodology for PC banking malware by removing obsolete families that no longer use Trojan banker functionality, hence the sharp drop in numbers against 2023. million detections compared to 5.84

Phishing 84

Phishing Banking Scams Mobile 84

SecureWorld News

FEBRUARY 26, 2025

On February 21, 2025, the cryptocurrency world was rocked by the largest crypto heist in history. Dubai-based exchange Bybit was targeted in a malware-driven attack that resulted in the theft of approximately $1.46 Enhanced malware defense, including advanced detection and regular audits, is crucial. billion in crypto assets.

Hacking 86

Hacking Cryptocurrency Cyber threats Malware 86