eSecurity Planet

JULY 28, 2021

Since blockchain’s arrival, cryptocurrency has framed the technology as permissionless, or a public blockchain. DDoS: Overwhelming the Network. In the age-old denial of service (DDoS) attack, a fleet of attacker devices can overwhelm an organization’s web server, thus blocking access to legitimate users.

Cybersecurity 136

Cybersecurity Cryptocurrency Technology Energy and Utilities 136

Security Affairs

MAY 8, 2022

If you want to also receive for free the newsletter with the international press subscribe here.

IoT 98

IoT DNS Antivirus Malware 98

SecureList

MAY 27, 2022

In January, we reported a malicious campaign targeting companies that work with cryptocurrencies, smart contracts, decentralized finance and blockchain technology: the attackers are interested in fintech in general. The campaign has two goals: gathering information and stealing cryptocurrency.

Phishing 141

Phishing Spyware Firmware Malware 141

Security Affairs

AUGUST 8, 2018

DDoS attacks, ransomware-based campaigns, cryptocurrency mining campaigns). Malware actor publishes the address of the Bot-A in DNS (or using any other public channel). Another malware Bot-B resolves the address of Bot-A using DNS (or using any other public channel). Server-X asks the bot to start the TCP server.

Malware 75

Malware DNS Encryption Banking 75

eSecurity Planet

FEBRUARY 16, 2021

Attackers often use botnets to send out spam or phishing campaigns to carry out distributed denial of service (DDoS) attacks. CISA reported that LokiBot “employs Trojan malware to steal sensitive information such as usernames, passwords, cryptocurrency wallets, and other credentials.” DDoS trojan. See DDoS for reference.

Malware 105

Malware Adware Spyware Antivirus 105

SecureList

APRIL 27, 2022

Subsequently, DDoS attacks hit several government websites. This application contains a legitimate program called DeFi Wallet, that saves and manages a cryptocurrency wallet, but also implants a malicious file when executed. We recently discovered a Trojanized DeFi application, compiled in November 2021.

Malware 144

Malware Firmware Government Phishing 144

SecureList

FEBRUARY 10, 2022

Q4 2021 saw the appearance of several new DDoS botnets. In October, the botnet was upgraded with DDoS functionality. This is further evidence that the same botnets are often used for mining and DDoS. In some cases, DNS amplification was also used. The channel was created in June and went live in August 2021.

DDOS 139

DDOS Cryptocurrency Marketing Accountability 139

SecureList

JULY 28, 2021

For example, April saw the active distribution of a new DDoS botnet called Simps — the name under which it introduced itself to owners of infected devices. The malware creators promoted their brainchild on a specially set-up YouTube channel and Discord server, where they discussed DDoS attacks. The bug was named TsuNAME.

DDOS 145

DDOS DNS IoT Marketing 145

SecureList

FEBRUARY 16, 2021

The DTLS (Datagram Transport Layer Security) protocol is used to establish secure connections over UDP, through which most DNS queries, as well as audio and video traffic, are sent. While the resource was down, cryptocurrency newbies were invited to download a copy of Bitcoin Core via a torrenting service.

DDOS 144

DDOS Cryptocurrency Marketing Internet 144

Krebs on Security

APRIL 11, 2022

Online scams that try to separate the unwary from their cryptocurrency are a dime a dozen, but a great many seemingly disparate crypto scam websites tend to rely on the same dodgy infrastructure providers to remain online in the face of massive fraud and abuse complaints from their erstwhile customers. The ark-x2[.]org

Scams 204

Scams Cryptocurrency Media Hacking 204

Malwarebytes

APRIL 19, 2021

Source: TechRadar) Cryptocurrency rewards platform Celsius Network disclosed a security breach exposing customer information that led to a phishing attack. Other cybersecurity news: An update to the Covid-19 NHS track and trace mobile app was blocked over privacy and security concerns.

Artificial Intelligence 73

Artificial Intelligence Scams DDOS DNS 73

SecureList

NOVEMBER 18, 2022

Finally, it is worth mentioning the CVE-2022-34724 vulnerability, which affects Windows DNS Server and can lead to denial of service if exploited. In particular, researchers found Operation In(ter)ception , a campaign operated by North Korean Lazarus group, which targets macOS users looking for cryptocurrency jobs.

Mobile 127

Mobile Malware Ransomware IoT 127