Cryptocurrency, Cybercrime and Manufacturing

Fake Lawsuit Threat Exposes Privnote Phishing Sites

Krebs on Security

APRIL 4, 2024

The disclosure revealed a profitable network of phishing sites that behave and look like the real Privnote, except that any messages containing cryptocurrency addresses will be automatically altered to include a different payment address controlled by the scammers. co showing the site did indeed swap out any cryptocurrency addresses.

Phishing

Phishing Cryptocurrency DDOS Internet

New RedLine malware version distributed as fake Omicron stat counter

Security Affairs

JANUARY 12, 2022

The RedLine malware allows operators to steal several information, including credentials, credit card data, cookies, autocomplete information stored in browsers, cryptocurrency wallets, credentials stored in VPN clients and FTP clients. The malicious code can also act as a first-stage malware. Pierluigi Paganini.

Malware

Malware Manufacturing Cryptocurrency Cybercrime

Group-IB presented latest cybercrime and nation-state hacking trends in Asia

Security Affairs

NOVEMBER 16, 2018

According to Group-IB’s report findings, Asia is one of the most actively attacked regions in the world, the company presented latest cybercrime trends. In 2017-2018 hackers’ interest in cryptocurrency exchanges ramped up. Thus, 60% of the total amount was stolen from Coincheck , a Japanese cryptocurrency exchange.

Cybercrime

Cybercrime Hacking Banking Phishing

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

Feds Seize LockBit Ransomware Websites, Offer Decryption Tools, Troll Affiliates

Krebs on Security

FEBRUARY 20, 2024

The government says Russian national Artur Sungatov used LockBit ransomware against victims in manufacturing, logistics, insurance and other companies throughout the United States. ” In a lengthy thread about the LockBit takedown on the Russian-language cybercrime forum XSS, one of the gang’s leaders said the FBI and the U.K.’s

Ransomware

Ransomware Cybercrime Encryption Insurance

Who’s Behind the GandCrab Ransomware?

Krebs on Security

JULY 8, 2019

“In one year, people who worked with us have earned over US $2 billion,” read the farewell post by the eponymous GandCrab identity on the cybercrime forum Exploit[.]in That email address and nickname had been used since 2009 to register multiple identities on more than a half dozen cybercrime forums. Vpn-service[.]us

Ransomware

Ransomware Accountability Cybercrime Passwords

Is the Value of Bitcoin Tied to Ransomware Rates?

Webroot

APRIL 7, 2021

With investors currently bullish on Bitcoin, is its high value is driving cybercriminals to pursue crypto-generating forms of cybercrime like ransomware and illicit miners? Not necessarily, says threat researcher and cryptocurrency expert Tyler Moffitt. At time of writing, the value of one Bitcoin is north of $58 thousand.

Ransomware

Ransomware Cryptocurrency Marketing Cybercrime

Vietnam-linked Bismuth APT leverages coin miners to stay under the radar

Security Affairs

DECEMBER 1, 2020

Microsoft warns of Vietnam-linked Bismuth group that is deploying cryptocurrency miner while continues its cyberespionage campaigns. Researchers from Microsoft reported that the Vietnam-linked Bismuth group, aka OceanLotus , Cobalt Kitty , or APT32 , is deploying cryptocurrency miners while continues its cyberespionage campaigns.

Cryptocurrency

Cryptocurrency Antivirus Manufacturing Government

Medusa ransomware hit over 300 critical infrastructure organizations until February 2025

Security Affairs

MARCH 13, 2025

As of February 2025, Medusa developers and affiliates have impacted over 300 victims from a variety of critical infrastructure sectors with affected industries including medical, education, legal, insurance, technology, and manufacturing.” Victims can additionally pay $10,000 USD in cryptocurrency to add a day to the countdown timer.

Ransomware

Ransomware Encryption Cryptocurrency Insurance

North Korea dedicates a hacking group to fund cyber crime

CyberSecurity Insiders

APRIL 5, 2023

North Korea has established a hacking group named APT43 to fund its cybercrime activities, aimed at advancing Pyongyang’s geopolitical interests. On April 3 of this year, Google’s Threat Analysis Group (TAG) announced that APT43 was in-volved in cryptocurrency theft and digital currency laundering.

Hacking

Hacking Social Engineering Cryptocurrency Manufacturing

French authorities arrested a Russian national for his role in the Hive ransomware operation

Security Affairs

DECEMBER 14, 2023

“A Russian, suspected of having recovered in cryptocurrencies the money taken from French victims of the powerful Hive ransomware , dismantled in January, was arrested last week, AFP learned on Tuesday December 12 from the judicial police.” anti-cybercrime (Ofac).” anti-cybercrime (Ofac).”

Ransomware

Ransomware Cryptocurrency Cybercrime VPN

HIVE Ransomware Shut Down by International Law Enforcement

SecureWorld News

JANUARY 27, 2023

The United States Department of Justice (DOJ) recently announced that it has successfully taken down the HIVE ransomware network, an international cybercrime ring that had been responsible for stealing and encrypting the data of more than 1,500 companies from 80 different countries. Cybercrime is a constantly evolving threat.

Ransomware

Ransomware Cybercrime Cryptocurrency Telecommunications

Crooks stole more than $1.5M worth of Bitcoin from General Bytes ATMs

Security Affairs

MARCH 21, 2023

Cryptocurrency ATM maker General Bytes suffered a security breach over the weekend, the hackers stole $1.5M worth of cryptocurrency. Cryptocurrency ATM manufacturers General Bytes suffered a security incident that resulted in the theft of $1.5M worth of cryptocurrency.

Cryptocurrency

Cryptocurrency VPN Manufacturing Firewall

2022: The threat landscape is paved with faster and more complex attacks with no signs of stopping

Webroot

JANUARY 7, 2022

The cybercrime marketplace also continued to get more robust while the barrier to entry for malicious actors continued to drop. This has created a perfect breeding ground for aspiring cybercriminals and organized cybercrime groups that support newcomers with venture capitalist-style funding. Cryptocurrency.

Cybercrime

Cybercrime Ransomware Phishing Cryptocurrency

Acer Hit with Highest Ransomware Demand Ever

SecureWorld News

MARCH 25, 2021

Computer manufacturer Acer is facing a challenging task this week. A $50 million ransomware demand has been made against the company by the REvil cybercrime group, which is reportedly the largest known ransomware demand ever made. Acer responds to ransomware situation.

Ransomware

Ransomware Computers and Electronics Manufacturing Cybercrime

How Secure Are Bitcoin Wallets, Really?

Security Affairs

OCTOBER 8, 2018

However, purchasers of Bitcoin wallets — the software programs that facilitate storing someone’s cryptocurrency-related wealth — usually have one priority topping their lists: security. His tale of woe proves a hacker couldn’t contact a Bitcoin wallet manufacturer, masquerade as a wallet owner and get the goods for access.

Hacking

Hacking Cryptocurrency Advertising Manufacturing

Security Affairs newsletter Round 426 by Pierluigi Paganini – International edition

Security Affairs

JULY 2, 2023

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Hacking

Hacking Ransomware Cybercrime Malware

Prometei botnet is targeting ProxyLogon Microsoft Exchange flaws

Security Affairs

APRIL 26, 2021

Attackers are exploiting the ProxyLogon flaws in Microsoft Exchange to recruit machines in a cryptocurrency botnet tracked as Prometei. Attackers are exploiting the ProxyLogon flaws in Microsoft Exchange to recruit machines in a cryptocurrency botnet tracked as Prometei. ” concludes the report.

Malware

Malware Cryptocurrency Retail Insurance

US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT GANG MEMBERS AND AFFILIATES

Security Affairs

FEBRUARY 21, 2024

In wider action coordinated by Europol, two LockBit actors have been arrested this morning in Poland and Ukraine, over 200 cryptocurrency accounts linked to the group have been frozen.” “The technical infiltration and disruption is only the beginning of a series of actions against LockBit and their affiliates.

Energy and Utilities

Energy and Utilities Ransomware Manufacturing Financial Services

DDoS attacks in Q4 2020

SecureList

FEBRUARY 16, 2021

After the attacks came to light, the manufacturer promptly released a firmware update for configuring verification of incoming requests. While the resource was down, cryptocurrency newbies were invited to download a copy of Bitcoin Core via a torrenting service. Overall, Q4 remained within the parameters of 2020 trends.

DDOS

DDOS Cryptocurrency Marketing Internet

KmsdBot, a new evasive bot for cryptomining activity and DDoS attacks

Security Affairs

NOVEMBER 14, 2022

The malware was employed in cryptocurrency mining campaigns and to launch denial-of-service (DDoS) attacks. The malicious code was used in attacks targeting multiple sectors including the gaming industry, technology industry, and luxury car manufacturers.

DDOS

DDOS Malware Cryptocurrency Architecture

Grandoreiro banking malware targets Mexico and Spain

Security Affairs

AUGUST 21, 2022

The campaign began in June 2022 and is still ongoing, the attacks hit organizations in multiple industries, such as Automotive, Chemicals Manufacturing, and others. ” reads the post published by Zscaler. That’s not all. Grandoreiro is a continuously evolving threat that represents a serious threat to organizations worldwide.

Banking

Banking Malware Antivirus Phishing

More details about Operation Cronos that disrupted Lockbit operation

Security Affairs

FEBRUARY 20, 2024

In wider action coordinated by Europol, two LockBit actors have been arrested this morning in Poland and Ukraine, over 200 cryptocurrency accounts linked to the group have been frozen.” . “The technical infiltration and disruption is only the beginning of a series of actions against LockBit and their affiliates.

Energy and Utilities

Energy and Utilities Ransomware Manufacturing Financial Services

Security Affairs newsletter Round 236

Security Affairs

OCTOBER 20, 2019

Winnti Group was planning a devastating supply-chain attack against Asian manufacturer. Chinese-speaking cybercrime gang Rocke changes tactics. Cryptocurrency miners infected more than 50% of the European airport workstations. Global Shipping and mailing services firm Pitney Bowes hit by ransomware attack.

Data breaches

Data breaches Advertising Ransomware Manufacturing

Ransomware world in 2021: who, how and why

SecureList

MAY 12, 2021

Finally, negotiations with the victims may be handled by yet another team and when the ransom is paid out, a whole new set of skills is needed to launder the cryptocurrency obtained. They interact with each other through internet handles, paying for services with cryptocurrency. Monero (XMR) cryptocurrency is used for payment.

Ransomware

Ransomware Encryption Malware Cybercrime

Updated Kmsdx botnet targets IoT devices

Security Affairs

AUGUST 28, 2023

The malware was employed in cryptocurrency mining campaigns and to launch denial-of-service (DDoS) attacks. The malicious code was used in attacks targeting multiple sectors including the gaming industry, technology industry, and luxury car manufacturers.

IoT

IoT DDOS Architecture Internet

Xenomorph malware is back after months of hiatus and expands the list of targets

Security Affairs

SEPTEMBER 26, 2023

“In addition, the samples identified by ThreatFabric featured configurations with Target lists made of more than 400 banking and financial institutions , including several cryptocurrency wallets , with an increase of more than 6 times with comparison to its previous variants, including financial institutions from all continents.”

Malware

Malware Banking Phishing Engineering

The Scammers’ Playbook: How Cybercriminals Get Ahold of Your Data

eSecurity Planet

SEPTEMBER 14, 2022

Cybercrime is a growth industry like no other. According to the 2021 IBM Threat Force Intelligence Index , Manufacturing was the industry most likely to be attacked last year, comprising 23.2% One particularly potent emergent technology for scammers is blockchain and the related cryptocurrency and NFTs.

Social Engineering

Social Engineering Energy and Utilities Phishing Internet

A massive phishing campaign using QR codes targets the energy sector

Security Affairs

AUGUST 16, 2023

Other top 4 targeted industries include Manufacturing, Insurance, Technology, and Financial Services seeing 15%, 9%, 7%, and 6% of the campaign traffic respectively.” Experts warn that the Energy sector was a major focus of this campaign, followed by manufacturing, and insurance. ” continues the report.

Phishing

Phishing Energy and Utilities Insurance Manufacturing

Cybersecurity Landscape

Spinone

NOVEMBER 22, 2018

The Internet of Things devices create a rapidly growing network of connected objects that frequently were manufactured without taking the security issues into consideration; so additional data protection or encryption can not be implemented. Spending on Cyber Security Why is the cybersecurity market expanding so rapidly?

Cybersecurity

Cybersecurity Cyber Risk Marketing Risk

The Analyst Prompt #20: Attack Against Tata Power Highlights Cyber Risk to India’s Growing and Increasingly Connected Population?

Security Boulevard

OCTOBER 27, 2022

8 ) Deadbolt first targeted storage devices manufactured by Taiwan-based company QNAP, for which patches have been available since early this year. ( 8 ) Deadbolt first targeted storage devices manufactured by Taiwan-based company QNAP, for which patches have been available since early this year. (

Cyber Risk

Cyber Risk Risk Cryptocurrency Backups

3CX Hit with Massive Supply Chain Attack

SecureWorld News

APRIL 4, 2023

Lazarus has gained notoriety over the last few years with some high-profile incidents, including targeting cryptocurrency and blockchain organizations, as well as the energy sector in the U.S., Denying the problem and pointing at the manufacturers of security software until the evidence is clear paints a horrible picture.

CSO

CSO Software Manufacturing Cryptocurrency

Top Cyber Attacker Techniques, August–October 2024

Digital Shadows

NOVEMBER 26, 2024

The US, manufacturing sector, and professional, scientific, and technical services (PSTS) sector are primary targets amidst an overall increase in ransomware attacks. Despite a slowdown in “LockBit” ransomware activity due to law enforcement actions and a loss of affiliate trust, it remains a key player.

Cyber Attacks

Cyber Attacks Phishing Ransomware Cyber Insurance

Advanced threat predictions for 2025

SecureList

NOVEMBER 25, 2024

This is particularly notable in the case of Lazarus APT, specifically its attacks against cryptocurrency investors in May. In general, we’ve observed hacktivists in the Russo-Ukrainian conflict become more skilled and more focused on attacking large organizations such as government, manufacturing and energy entities.

IoT

IoT Energy and Utilities Phishing Cryptocurrency

Outlaw is Back, a New Crypto-Botnet Targets European Organizations

Security Affairs

APRIL 28, 2020

Based on our findings, there are some similarities in both techniques and architectures with another cybercrime group, which appeared in the wild around 2012, most probably Romanian. Technical Analysis. As previously mentioned, the infection chain starts with the hack of a Linux server, after a SSH brute-force attack as shown in Fig.1.

Architecture

Architecture Malware Hacking DDOS

Top Cyber Attacker Techniques, August–October 2024

Digital Shadows

NOVEMBER 26, 2024

The US, manufacturing sector, and professional, scientific, and technical services (PSTS) sector are primary targets amidst an overall increase in ransomware attacks. Despite a slowdown in “LockBit” ransomware activity due to law enforcement actions and a loss of affiliate trust, it remains a key player.

Cyber Attacks

Cyber Attacks Phishing Ransomware Cyber Insurance

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms. The messages said recipients had earned an investment credit at a cryptocurrency trading platform called moonxtrade[.]com. A DIRECT QUOT The domain quot[.]pw billion last year.

Scams

Scams DDOS Cryptocurrency Accountability

Ransomware Prevention Guide for Enterprise

Spinone

OCTOBER 13, 2020

Ransom payments are generally demanded in the form of untraceable cryptocurrency such as Bitcoin. This includes the Billtrust and German manufacturer, Pilz, ransomware infections. It has been noted that paying a ransom demand only encourages this type of cybercrime and funds it. Ransoms demanded average $110,000 USD (50 BTC).

Ransomware

Ransomware Backups Data breaches Encryption

CLOP Ransomware gang arrested in Ukraine

CyberSecurity Insiders

JUNE 16, 2021

CLOP is suspected to be behind many high-profile cyber-attacks including that on Accellion’s FTA software that allowed hackers to access classical information from multinational companies such as aircraft manufacturer Bombardier. . The post CLOP Ransomware gang arrested in Ukraine appeared first on Cybersecurity Insiders.

Ransomware

Ransomware Cybercrime Manufacturing Threat Detection

APT trends report Q1 2022

SecureList

APRIL 27, 2022

Another victim in which the same chain was exhibited is a computer game manufacturer in Cambodia, where the attack could have been used for a different purpose, possibly to infiltrate the company’s supply chain. We recently discovered a Trojanized DeFi application, compiled in November 2021.

Malware

Malware Firmware Government Phishing

Fake Lawsuit Threat Exposes Privnote Phishing Sites

New RedLine malware version distributed as fake Omicron stat counter

Webinars

Trending Sources

Group-IB presented latest cybercrime and nation-state hacking trends in Asia

Webinars

Feds Seize LockBit Ransomware Websites, Offer Decryption Tools, Troll Affiliates

Who’s Behind the GandCrab Ransomware?

Is the Value of Bitcoin Tied to Ransomware Rates?

Vietnam-linked Bismuth APT leverages coin miners to stay under the radar

Medusa ransomware hit over 300 critical infrastructure organizations until February 2025

North Korea dedicates a hacking group to fund cyber crime

French authorities arrested a Russian national for his role in the Hive ransomware operation

HIVE Ransomware Shut Down by International Law Enforcement

Crooks stole more than $1.5M worth of Bitcoin from General Bytes ATMs

2022: The threat landscape is paved with faster and more complex attacks with no signs of stopping

Acer Hit with Highest Ransomware Demand Ever

How Secure Are Bitcoin Wallets, Really?

Security Affairs newsletter Round 426 by Pierluigi Paganini – International edition

Prometei botnet is targeting ProxyLogon Microsoft Exchange flaws

US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT GANG MEMBERS AND AFFILIATES

DDoS attacks in Q4 2020

KmsdBot, a new evasive bot for cryptomining activity and DDoS attacks

Grandoreiro banking malware targets Mexico and Spain

More details about Operation Cronos that disrupted Lockbit operation

Security Affairs newsletter Round 236

Ransomware world in 2021: who, how and why

Updated Kmsdx botnet targets IoT devices

Xenomorph malware is back after months of hiatus and expands the list of targets

The Scammers’ Playbook: How Cybercriminals Get Ahold of Your Data

A massive phishing campaign using QR codes targets the energy sector

Cybersecurity Landscape

The Analyst Prompt #20: Attack Against Tata Power Highlights Cyber Risk to India’s Growing and Increasingly Connected Population?

3CX Hit with Massive Supply Chain Attack

Top Cyber Attacker Techniques, August–October 2024

Advanced threat predictions for 2025

Outlaw is Back, a New Crypto-Botnet Targets European Organizations

Top Cyber Attacker Techniques, August–October 2024

Interview With a Crypto Scam Investment Spammer

Ransomware Prevention Guide for Enterprise

CLOP Ransomware gang arrested in Ukraine

APT trends report Q1 2022

Stay Connected