SecureList

JANUARY 13, 2022

Also, we have previously reported on cryptocurrency-focused BlueNoroff attacks. It appears that BlueNoroff shifted focus from hitting banks and SWIFT-connected servers to solely cryptocurrency businesses as the main source of the group’s illegal income.

Cryptocurrency 145

Cryptocurrency Malware Accountability Banking 145

SecureWorld News

FEBRUARY 18, 2021

And the targets in this case are widespread: banks, ATMs, cryptocurrency exchanges, online casinos, movie studios such as Sony Pictures, and theater chains such as AMC. In court documents unsealed this week, the United States Department of Justice revealed its hand to show new evidence. The list goes on. global targets.

Hacking 109

Hacking Cryptocurrency Computers and Electronics Banking 109

Security Affairs

MARCH 30, 2020

Security experts uncovered a new Coronavirus-themed phishing campaign, the messages inform recipients that they have been exposed to the virus. The phishing messages tell the victims that one of their colleagues, friends, or family members has tested positive for the virus, then it urges them to print the attached “EmergencyContact.

Phishing 145

Phishing Advertising Cryptocurrency Malware 145

Security Affairs

APRIL 20, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malicious NPM Packages Targeting PayPal Users New Malware Variant Identified: ResolverRAT Enters the Maze Nice chatting with you: what connects cheap Android smartphones, WhatsApp and cryptocurrency theft?

Malware 78

Malware Cryptocurrency Engineering Encryption 78

SecureList

MARCH 25, 2025

Key findings Phishing Banks were the most popular lure in 2024, accounting for 42.58% of financial phishing attempts. Amazon Online Shopping was mimicked by 33.19% of all phishing and scam pages targeting online store users in 2024. Cryptocurrency phishing saw an 83.37% year-over-year increase in 2024, with 10.7

Phishing 82

Phishing Banking Scams Mobile 82

Security Affairs

MAY 13, 2024

Experts reported that since April, the Phorpiex botnet sent millions of phishing emails to spread LockBit Black ransomware. Subject lines included “your document” and “photo of you???”. Phishing Reporting : Report phishing emails and other malicious cyber activities to relevant authorities like the FBI’s IC3 and the NJCCIC.

Phishing 131

Phishing Ransomware Security Awareness Authentication 131

Krebs on Security

JULY 15, 2024

The Squarespace domain hijacks, which took place between July 9 and July 12, appear to have mostly targeted cryptocurrency businesses, including Celer Network , Compound Finance , Pendle Finance , and Unstoppable Domains.

Accountability 328

Accountability Cryptocurrency Passwords DNS 328

Security Affairs

JUNE 13, 2021

The Anti-Phishing Working Group (APWG) revealed that the number of phishing websites peaked at record levels in the first quarter of 2021. The Anti-Phishing Working Group (APWG) has published its new Phishing Activity Trends Report related to the first quarter of 2021. Reported Phishing Websites for Q1 2021.

Phishing 124

Phishing Advertising Cryptocurrency Encryption 124

Krebs on Security

JANUARY 30, 2024

authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. ” Group-IB dubbed the gang by a different name — 0ktapus — which was a nod to how the criminal group phished employees for credentials.

Social Engineering 356

Social Engineering Mobile Passwords Cybercrime 356

Krebs on Security

AUGUST 25, 2023

Security consulting giant Kroll disclosed today that a SIM-swapping attack against one of its employees led to the theft of user information for multiple cryptocurrency platforms that are relying on Kroll services in their ongoing bankruptcy proceedings. ” A phishing message targeting FTX users that went out en masse today.

Mobile 238

Mobile Cyber Risk Data breaches Cryptocurrency 238

Threatpost

AUGUST 25, 2020

The North Korean-linked APT's latest campaign shows that it is shifting focus to target the cryptocurrency and financial verticals.

Cryptocurrency 115

Cryptocurrency Phishing Hacking 115

The Hacker News

NOVEMBER 8, 2022

Cryptocurrency users are being targeted with a new clipper malware strain dubbed Laplas by means of another malware known as SmokeLoader. SmokeLoader, which is delivered by means of weaponized documents sent through spear-phishing emails, further acts as a conduit for other commodity trojans like SystemBC and Raccoon Stealer 2.0,

Cryptocurrency 88

Cryptocurrency Malware Phishing 88

Malwarebytes

JULY 19, 2022

A new phishing campaign targeting PayPal users aims to get extensive data from potential victims. The data it’s after includes government documents like passport, as well as selfie photos. PayPal phishing sites are a dime a dozen due to the number of people and companies using it as another form of payment method.

Phishing 118

Phishing Social Engineering Accountability Engineering 118

SecureList

DECEMBER 6, 2022

There are two main types of online fraud aimed at stealing user data and money: phishing and scams. The history of scams and phishing. The term “phishing” was coined back in 1996, when cybercriminals attacked users of America Online (AOL), the largest internet provider at that time. Phishing site with chat support.

Scams 133

Scams Phishing Social Engineering Banking 133

Krebs on Security

SEPTEMBER 17, 2020

The government alleges the men used malware-laced phishing emails and “supply chain” attacks to steal data from companies and their customers. Justice Department this week indicted seven Chinese nationals for a decade-long hacking spree that targeted more than 100 high-tech and online gaming companies. Image: FBI.

Antivirus 363

Antivirus Hacking Software Government 363

Krebs on Security

AUGUST 7, 2018

Police in Florida have arrested a 25-year-old man accused of being part of a multi-state cyber fraud ring that hijacked mobile phone numbers in online attacks that siphoned hundreds of thousands of dollars worth of bitcoin and other cryptocurrencies from victims. A WORRIED MOM.

Mobile 246

Mobile Cryptocurrency Computers and Electronics Scams 246

Security Affairs

NOVEMBER 18, 2020

The kill chain starts with phishing messages that use a.docx file that once is opened triggers a template injection attack. bin, researchers also observed the use of a cryptocurrency mining module. . The post Phishing campaign targets LATAM e-commerce users with Chaes Malware appeared first on Security Affairs.

Phishing 132

Phishing Malware Cryptocurrency Information Security 132

Malwarebytes

DECEMBER 5, 2022

In January of 2022 the Malwarebytes Intelligence Team uncovered a campaign where Lazarus conducted spear phishing attacks weaponized with malicious documents that used a familiar job opportunities theme. One of the group's preferred tactics is to use trojanized cryptocurrency related apps, like AppleJeus. Lazarus Group.

Cryptocurrency 96

Cryptocurrency Malware Scams Cybercrime 96

Security Affairs

FEBRUARY 13, 2023

Alleged Russian threat actors have been targeting cryptocurrency users in Eastern Europe with Enigma info-stealing malware. The attack chain starts with phishing emails or social media messages distributing a RAR archive. The files pose an interview for a fake cryptocurrency role or job opening. The second server (193[.]56[.]146[.]29)

Cryptocurrency 98

Cryptocurrency Malware Media Phishing 98

SecureList

FEBRUARY 21, 2025

Technical details Initial attack vector The initial attack vector used by Angry Likho consists of standardized spear-phishing emails with various attachments. Contents of spear-phishing email inviting the victim to join a videoconference The archive includes two malicious LNK files and a legitimate bait file.

Phishing 90

Phishing Encryption Banking Malware 90

Security Affairs

MAY 28, 2023

Bandit Stealer is a new stealthy information stealer malware that targets numerous web browsers and cryptocurrency wallets. Trend Micro researchers discovered a new info-stealing malware, dubbed Bandit Stealer, which is written in the Go language and targets multiple browsers and cryptocurrency wallets.

Cryptocurrency 98

Cryptocurrency Malware Advertising Phishing 98

The Last Watchdog

SEPTEMBER 28, 2022

Phishing attacks are nothing new, but scammers are getting savvier with their tactics. Other Iranian-based cyberattacks have included hackers targeting Albanian government systems and spear phishing scams. Here are four new phishing trends keeping businesses on their toes. Spear phishing. Phishing via texting.

Phishing 124

Phishing Scams Cybercrime Passwords 124

Krebs on Security

APRIL 6, 2022

“They would just keep jamming a few individuals to get [remote] access, read some onboarding documents, enroll a new 2FA [two-factor authentication method] and exfiltrate code or secrets, like a smash-and-grab,” the CXO said. “Someone was trying to phish employee credentials, and they were good at it,” Wired reported.

Social Engineering 288

Social Engineering Phishing Engineering Accountability 288

Security Affairs

AUGUST 19, 2019

Phishing is one of the oldest methods of cyberattacks. Types of Phishing Attacks. There are different types of phishing attacks and each is deceiving and manipulative in its own unique way. The most common type is phishing is carried out through fraudulent email receptionist. Another targeted phishing practice is Whaling.

Phishing 111

Phishing Accountability Authentication Passwords 111

SecureList

SEPTEMBER 8, 2022

Southern Europe leads the ranking of regions by percentage of ICS computers on which malicious email attachments and phishing links were blocked. Regions ranked by percentage of ICS computers on which malicious email attachments and phishing links were blocked, H1 2022. Malicious documents. Industry specifics. of ICS computers.

Spyware 125

Spyware Cryptocurrency Ransomware Phishing 125

Krebs on Security

DECEMBER 27, 2019

20 warned against the dangers of phishing-based cyberattacks, less than three days prior to their (apparently phishing-based) Sodinokibi ransomware infestation. The company has nearly a thousand employees and brought in more than $100 million in revenue in the past year, according to their Web site.

Ransomware 228

Ransomware Media Financial Services Retail 228

Krebs on Security

MARCH 26, 2024

Several Apple customers recently reported being targeted in elaborate phishing attacks that involve what appears to be a bug in Apple’s password reset feature. Parth Patel is an entrepreneur who is trying to build a startup in the cryptocurrency space. Some of the many notifications Patel says he received from Apple all at once.

Passwords 357

Passwords Accountability Engineering Phishing 357

SecureList

AUGUST 10, 2022

In late August 2020, we published an overview of DeathStalker’s profile and malicious activities, including their Janicab, Evilnum and PowerSing campaigns ( PowerPepper was later documented in 2020). We discovered it in Q2 2020 as part of an update of the Evilnum modus operandi, and attributed it to DeathStalker.

Cryptocurrency 117

Cryptocurrency Encryption Social Engineering Passwords 117

Krebs on Security

NOVEMBER 6, 2018

that has been tracking down individuals engaged in unauthorized “SIM swaps” — a complex form of mobile phone fraud that is often used to steal large amounts of cryptocurrencies and other items of value from victims. SIM swapping attacks primarily target individuals who are visibly active in the cryptocurrency space.

Mobile 269

Mobile Cryptocurrency Accountability Passwords 269

Krebs on Security

AUGUST 29, 2023

QakBot is most commonly delivered via email phishing lures disguised as something legitimate and time-sensitive, such as invoices or work orders. Documents published by the DOJ in support of today’s takedown state that beginning on Aug. ” The DOJ said it also recovered more than 6.5

Hacking 307

Hacking Malware Ransomware Government 307

SecureList

FEBRUARY 23, 2022

We look at phishing threats commonly encountered by users and companies as well as the prevalence of various Windows and Android-based financial malware. Phishing: In 2021, 8.2% of users were hit by phishing. E-commerce-related phishing continued to exceed banking-related phishing, as it did in 2020, making up 17.6%

Banking 140

Banking Phishing Cryptocurrency Malware 140

Security Affairs

FEBRUARY 22, 2021

APOMacroSploit is a macro builder that was to create weaponized Excel documents used in multiple phishing attacks. Excel documents created with the APOMacroSploit builder are capable of bypassing antivirus software, Windows Antimalware Scan Interface (AMSI), and even Gmail and other email-based phishing detection.

Malware 143

Malware Antivirus Phishing Cryptocurrency 143

Security Affairs

APRIL 20, 2025

infrastructure International Press Newsletter Cybercrime Pixel-Perfect Trap: The Surge of SVG-Borne Phishing Attacks Threat actors misuse Node.js infrastructure International Press Newsletter Cybercrime Pixel-Perfect Trap: The Surge of SVG-Borne Phishing Attacks Threat actors misuse Node.js

Data breaches 60

Data breaches Malware Phishing Hacking 60

Security Affairs

OCTOBER 20, 2021

A Cookie Theft malware was employed in phishing attacks against YouTube creators, Google’s Threat Analysis Group (TAG) warns. Financially motivated threat actors are using Cookie Theft malware in phishing attacks against YouTube creators since late 2019.

Accountability 144

Accountability Malware Phishing Social Engineering 144

Security Affairs

JUNE 18, 2022

Malibot is a new Android malware targeting online banking and cryptocurrency wallet customers in Spain and Italy. F5 Labs researchers spotted a new strain of Android malware, named Malibot, that is targeting online banking and cryptocurrency wallet customers in Spain and Italy. ” reads the advisory published by F5 Labs.

Banking 144

Banking Cryptocurrency Malware Mobile 144

SecureList

NOVEMBER 29, 2024

The campaign, which we dubbed EastWind , used phishing emails with malicious shortcuts attached to deliver malware to target computers. The attack starts with phishing emails purporting to be a court order or summons from an institution in Colombia’s judicial system.

Energy and Utilities 105

Energy and Utilities Ransomware Malware Government 105

Security Affairs

OCTOBER 18, 2018

Group-IB, an international company that specializes in preventing cyber attacks, has estimated that cryptocurrency exchanges suffered a total loss of $882 million due to targeted attacks in 2017 and in the first three quarters of 2018. Spear phishing remains the major vector of attack on corporate networks.

Cyber Attacks 110

Cyber Attacks Cryptocurrency Phishing Social Engineering 110