Security Affairs

FEBRUARY 6, 2024

A Belarusian and Cypriot national linked with the cryptocurrency exchange BTC-e is facing charges that can lead maximum penalty of 25 years in prison. BTC-e was popular in the cybercrime ecosystem, it was an illegal platform because it was not registered as a money services business with the U.S. million withdrawn.

Cryptocurrency 130

Cryptocurrency Spyware Cybercrime Hacking 130

Security Affairs

JANUARY 19, 2025

CISA adds Fortinet FortiOS flaw to its Known Exploited Vulnerabilities catalog Codefinger ransomware gang uses compromised AWS keys to encrypt S3 bucket CVE-2024-44243 macOS flaw allows persistent malware installation FBI deleted China-linked PlugX malware from over 4,200 US computers Russia-linked APT UAC-0063 target Kazakhstan in with HATVIBE malware (..)

Spyware 70

Spyware Data breaches DNS Artificial Intelligence 70

Security Affairs

JULY 30, 2018

A new sophisticated version of the AZORult Spyware was spotted in the wild, it was involved in a large email campaign on July 18. Malware researchers at Proofpoint spotted a new version of the AZORult Spyware in the wild, it was involved in a large email campaign on July 18, just 24 hours it appeared in cybercrime forums on the Dark Web.

Spyware 70

Spyware Cryptocurrency Passwords Malware 70

Security Affairs

FEBRUARY 23, 2025

from Bybit, it is the largest cryptocurrency heist ever Apple removes iCloud encryption in UK following backdoor demand B1acks Stash released 1 Million credit cards U.S. Every week the best security articles from Security Affairs are free in your email box. Lazarus APT stole $1.5B

Malware 67

Malware Scams Encryption Phishing 67

Security Affairs

MAY 17, 2022

Experts spotted over 200 Android apps on the Play Store distributing spyware called Facestealer used to steal sensitive data. Trend Micro researchers spotted over 200 Android apps on the Play Store distributing spyware called Facestealer used to steal sensitive data from infected devices.

Spyware 98

Spyware Cryptocurrency VPN Malware 98

Security Affairs

APRIL 20, 2025

infrastructure International Press Newsletter Cybercrime Pixel-Perfect Trap: The Surge of SVG-Borne Phishing Attacks Threat actors misuse Node.js infrastructure International Press Newsletter Cybercrime Pixel-Perfect Trap: The Surge of SVG-Borne Phishing Attacks Threat actors misuse Node.js

Data breaches 61

Data breaches Malware Phishing Hacking 61

SecureWorld News

JULY 11, 2022

Axie Infinity, a video game that utilizes NFTs and Ethereum-based cryptocurrencies, lost $540 million in March of this year after a senior engineer was tricked into opening a PDF of a fake job application, according to a story from The Block. So, what exactly happened with Axie Infinity?

Social Engineering 98

Social Engineering Hacking Cryptocurrency Cybercrime 98

Security Affairs

JUNE 4, 2023

Xplain hack impacted the Swiss cantonal police and Fedpol Zyxel published guidance for protecting devices from ongoing attacks Kimsuky APT poses as journalists and broadcast writers in its attacks New Linux Ransomware BlackSuit is similar to Royal ransomware CISA adds Progress MOVEit Transfer zero-day to its Known Exploited Vulnerabilities catalog (..)

Spyware 98

Spyware Hacking Malware Social Engineering 98

SecureList

FEBRUARY 5, 2025

This is the first known case of an app infected with OCR spyware being found in Apple’s official app marketplace. That being said, we have insufficient data to attribute the campaign to a known cybercrime gang. For instance, ComeCome for iOS was infected in the same way as its Android version.

Malware 144

Malware Encryption Mobile Cryptocurrency 144

Security Affairs

DECEMBER 2, 2023

Researchers devised an attack technique to extract ChatGPT training data Fortune-telling website WeMystic exposes 13M+ user records Expert warns of Turtle macOS ransomware US govt sanctioned North Korea-linked APT Kimsuky Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022 Apple addressed 2 new (..)

Ransomware 126

Ransomware Hacking Spyware Cybercrime 126

SecureList

MAY 27, 2022

In January, we reported a malicious campaign targeting companies that work with cryptocurrencies, smart contracts, decentralized finance and blockchain technology: the attackers are interested in fintech in general. The campaign has two goals: gathering information and stealing cryptocurrency. Other malware.

Phishing 133

Phishing Spyware Firmware Malware 133

Security Affairs

JUNE 11, 2023

Gox exchange and operating BTC-e Japanese Pharmaceutical giant Eisai hit by a ransomware attack Clop ransomware gang was testing MOVEit Transfer bug since 2021 Stealth Soldier backdoor used is targeted espionage attacks in Libya Researchers published PoC exploit code for actively exploited Windows elevation of privilege issue Experts detail a new Kimsuky (..)

Social Engineering 98

Social Engineering Data breaches Ransomware Cybercrime 98

Malwarebytes

MAY 16, 2022

Almost all forms of business suffered—even illegal ones like cybercrime. Cryptocurrency values soared in 2021 and, to nobody’s surprise, detections of malware that mines cryptocurrencies increased more than 300 precent.

Malware 100

Malware Adware Cryptocurrency Cybercrime 100

Security Affairs

JULY 24, 2022

released in Dark Web – malicious shortcut-based attacks are on the rise Tor Browser 11.5 is optimized to automatically bypass censorship A massive cyberattack hit Albania Watch out for the CVE-2022-30136 Windows NFS Remote Code Execution flaw Graff paid a $7.5M released in Dark Web – malicious shortcut-based attacks are on the rise Tor Browser 11.5

Spyware 108

Spyware Surveillance Insurance Malware 108

SecureList

NOVEMBER 22, 2022

Cryptocurrency targeted attacks. The cryptocurrency business continues to grow, and people continue to invest their money in this market because it’s a digital asset and all transactions occur online. These are attractive aspects that cybercrime groups will be unable to resist. It also offers anonymity to users.

Cryptocurrency 106

Cryptocurrency Mobile Ransomware Banking 106

Security Affairs

SEPTEMBER 23, 2018

New XBash malware combines features from ransomware, cryptocurrency miners, botnets, and worms. NSO mobile Pegasus Spyware used in operations in 45 countries. Magecart cybercrime group stole customers credit cards from Newegg electronics retailer. Hackers stole $60 Million worth of cryptocurrencies from Japanese Zaif exchange.

Computers and Electronics 77

Computers and Electronics Cryptocurrency Data breaches Advertising 77

Webroot

OCTOBER 4, 2024

Spyware : Secretly monitors your online behavior and shares your personal information. Cryptojacking : Hides on your device and steals its computing resources to mine cryptocurrencies like Bitcoin. So how do we protect ourselves from this type of cybercrime?

Malware 106

Malware Backups Adware Ransomware 106

Security Affairs

OCTOBER 2, 2018

The Gazorp builder allows generating for free the malicious code to steal passwords, payment information, cryptocurrency wallet data and more. Security researchers from Checkpoint have discovered in the Dark Web an online builder, dubbed Gazorp, that allows crooks to easily create customized binaries for the Azorult info-stealing malware.

Malware 108

Malware Advertising Spyware Passwords 108

Security Boulevard

JANUARY 25, 2022

Folks, Who wants to dive deep into some of my latest commercially available research and stay on the top of their OSINT/cybercrime research and threat intelligence gathering game that also includes their team and organization? Dancho Danchev’s “Intell on the Criminal Underground – Who’s Who in Cybercrime for ” Presentation – [PDF].

Cybercrime 96

Cybercrime Hacking Scams Ransomware 96

Security Affairs

JANUARY 23, 2022

Pay attention to Log4j attacks, Dutch National Cybersecurity Centre (NCSC) warns Vulnerabilities in Control Web Panel potentially expose Linux Servers to hack US Treasury Department sanctions 4 Ukrainian officials for working with Russian intelligence A bug in McAfee Agent allows running code with Windows SYSTEM privileges Experts warn of anomalous (..)

VPN 111

VPN Ransomware Spyware Hacking 111

Webroot

MAY 12, 2021

Since cryptocurrencies were, are and will continue to be impactful technologies, surely NFTs are a topic worth exploring. NFTs use the same blockchain ledger technology to verify uniqueness that cryptocurrencies rely on to prove ownership. NFT theft and a new brand of cybercrime. “What Bitcoin was to 2011, NFTs are to 2021.”.

Cryptocurrency 101

Cryptocurrency Marketing Phishing Authentication 101

Security Affairs

NOVEMBER 10, 2020

The Brazilian cybercrime underground is recognized as the most focuses on the development and commercialization of banking trojans. Ghimob was designed to target financial apps from banks, fintech companies, exchanges, and cryptocurrencies in Brazil, Paraguay, Peru, Portugal, Germany, Angola, and Mozambique.

Banking 110

Banking Mobile Malware Spyware 110

Security Affairs

MAY 6, 2023

Twitter confirmed that a security incident publicly exposed Circle tweets FBI seized other domains used by the shadow eBook library Z-Library WordPress Advanced Custom Fields plugin XSS exposes +2M sites to attacks Fortinet fixed two severe issues in FortiADC and FortiOS Pro-Russia group NoName took down multiple France sites, including the French (..)

Data breaches 98

Data breaches Malware Mobile Spyware 98

Security Affairs

MARCH 4, 2023

stolen credit/debit cards Pegasus spyware used to spy on a Polish mayor Hundreds of thousands of websites hacked as part of redirection campaign MQsTTang, a new backdoor used by Mustang Panda APT against European entities Trusted Platform Module (TPM) 2.0 FiXS, a new ATM malware that is targeting Mexican banks BidenCash leaks 2.1M

Data breaches 98

Data breaches Ransomware Spyware Hacking 98

Security Affairs

FEBRUARY 13, 2022

US seizes $3.6 to replace Chinese equipment Hackers breached a server of National Games of China days before the event Russian Gamaredon APT is targeting Ukraine since October Israeli surveillance firm QuaDream emerges from the dark Argo CD flaw could allow stealing sensitive data from Kubernetes Apps.

Ransomware 98

Ransomware Spyware Surveillance Hacking 98

Security Affairs

NOVEMBER 17, 2019

TA505 Cybercrime targets system integrator companies. Two men arrested for stealing $550,000 in cryptocurrency with Sim Swapping. WhatsApp flaw CVE-2019-11931 could be exploited to install spyware. Experts warn of spike in TCP DDoS reflection attacks targeting Amazon, SoftLayer and telco infrastructure.

DDOS 67

DDOS Spyware Advertising Ransomware 67

Security Affairs

APRIL 5, 2019

The malware has evolved over time and has added functionality, in fact, apart from collecting banking credentials it is also able to collect keystrokes, cryptocurrencies, screenshots, webmail, integrating spyware features together with banking Trojans features. SecurityAffairs – Ursnif Trojan, cybercrime). Pierluigi Paganini.

Banking 108

Banking Malware Cryptocurrency Advertising 108

SecureWorld News

AUGUST 8, 2022

Cybercriminals often use malware to gain access to a computer or mobile device to deploy viruses, worms, Trojans, ransomware, spyware, and rootkits. It has been sold on underground hacker forums for stealing browser data, user credentials, and cryptocurrency information. AZORult's developers are constantly updating its capabilities.

Malware 98

Malware Banking Penetration Testing Healthcare 98

Security Affairs

SEPTEMBER 2, 2018

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Banking 51

Banking Spyware Data breaches Advertising 51

Security Affairs

MAY 8, 2020

H2 2019 has proved the tendency of past several years: mail remains the main method of delivering ransomware, spyware, backdoors and other malware, being used by cyber crooks in 94 percent of cases. They, in turn, let spyware and backdoors move ahead and become the second most popular malware with a 35-percent share. Balance of power.

Phishing 78

Phishing Spyware Banking Malware 78

Security Affairs

NOVEMBER 14, 2021

Hundreds of thousands of fake warnings of cyberattacks sent from a hacked FBI email server GravityRAT returns disguised as an end-to-end encrypted chat app Intel and AMD address high severity vulnerabilities in products and drivers New evolving Abcbot DDoS botnet targets Linux systems Retail giant Costco discloses data breach, payment card data exposed (..)

Spyware 55

Spyware Data breaches Ransomware Hacking 55

Security Affairs

AUGUST 4, 2018

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Cryptocurrency 49

Cryptocurrency Data breaches Spyware Advertising 49

SecureList

AUGUST 30, 2023

While investigating an infection of a cryptocurrency company in Southeast Asia, we found Gopuram coexisting on target computers with AppleJeus , a backdoor attributed to the Lazarus. The threat actor specifically targeted cryptocurrency companies. We observed that they have a specific interest in cryptocurrency companies.

Malware 98

Malware Spyware Government Cryptocurrency 98

SecureList

FEBRUARY 5, 2025

This is the first known case of an app infected with OCR spyware being found in Apple’s official app marketplace. That being said, we have insufficient data to attribute the campaign to a known cybercrime gang. For instance, ComeCome for iOS was infected in the same way as its Android version.

Malware 136

Malware Encryption Mobile Cryptocurrency 136

Security Affairs

MARCH 19, 2019

We expect that that other APTs like Silence , MoneyTaker , and Cobalt will stage multiple attacks on cryptocurrency exchanges in the near future,” – says Dmitry Volkov. Cybercriminals steal user accounts’ data using special spyware aimed at obtaining users’ authentication data. Have you been pwned?

Banking 107

Banking Government Passwords Marketing 107

Security Affairs

MARCH 27, 2023

Lower.exe, a sample of “GCleaner” spyware, historically, this piece of malware was initially faking CCleaner to drop additional malware ( link ). Brg.exe, a common RacconStealer with its command and control server hosted by VDSina, a Russian cloud provider. The module also exfiltrates 2FA secrets from Twilio’s Authy local storage.

Malware 98

Malware Social Engineering Encryption Marketing 98

SecureList

NOVEMBER 14, 2023

This politician became the target of a previously undiscovered “zero-day” attack aimed at infecting his phone with spyware. This attack was highly targeted and showed particular interest in cryptocurrency companies, which may indicate that the ultimate goal of the attackers was financial gain.

Hacking 141

Hacking Energy and Utilities Media Malware 141