Krebs on Security

AUGUST 25, 2021

After several years of working with investigators, Schober says he’s confident he has located two young men in the United Kingdom responsible for using a clever piece of digital clipboard-stealing malware that let them siphon his crypto holdings. universities). When Schober went to move approximately 16.4

Cryptocurrency 349

Cryptocurrency Malware Mobile Accountability 349

The Hacker News

NOVEMBER 17, 2023

An unknown threat actor has been observed publishing typosquat packages to the Python Package Index (PyPI) repository for nearly six months with an aim to deliver malware capable of gaining persistence, stealing sensitive data, and accessing cryptocurrency wallets for financial gain.

Cryptocurrency 144

Cryptocurrency Malware 144

Security Affairs

MARCH 8, 2021

Experts warn of ongoing attacks targeting QNAP network-attached storage (NAS) devices to abuse them in cryptocurrency mining. Researchers at 360Netlab are warning of a cryptocurrency malware campaign targeting unpatched QNAP network-attached storage (NAS) devices. Unity is an XMRig cryptocurrency miner. and Quick.tar.gz.

Cryptocurrency 143

Cryptocurrency Firmware Malware Threat Detection 143

Malwarebytes

SEPTEMBER 27, 2023

Cryptocurrency owners should take heed of warnings related to Xenomorph malware—Bleeping Computer reports that the most recent version of Xenomorph now targets various cryptocurrency wallets using fake browser update messaging as bait. Keep threats off your Android devices by downloading Malwarebytes for Android today.

Cryptocurrency 134

Cryptocurrency Malware Scams Banking 134

The Hacker News

FEBRUARY 23, 2023

Trojanized versions of legitimate applications are being used to deploy evasive cryptocurrency mining malware on macOS systems. This malware makes use of the Invisible Internet Project (i2p) [.] to download

Cryptocurrency 113

Cryptocurrency Malware Internet Internet 113

The Hacker News

DECEMBER 27, 2021

Peter Parker might not be a mastermind cryptocurrency criminal, but the name Spiderman is quickly becoming more associated with the mining landscape. As perhaps the most talked-about movie for

Malware 130

Malware Cryptocurrency Hacking Software 130

Security Affairs

JULY 22, 2024

The JavaScript downloader SocGholish (aka FakeUpdates) is being used to deliver the AsyncRAT and the legitimate open-source project BOINC. SocGholish attack chain involves a malicious JavaScript file that downloads further stages. top, with BOINC accessed directly by IP. ” reads the report published by Huntress.

Malware 143

Malware Cryptocurrency Hacking Software 143

Security Affairs

NOVEMBER 1, 2021

Operators behind the Squid Game cryptocurrency have exit scam making off with an estimated $2.1 Operators behind the Squid Game cryptocurrency have exit scam making off with an estimated $2.1 The following graph shows that the cryptocurrency peaked at a price of $2,861 before dropping to $0 around. ” reported GixModo.

Cryptocurrency 143

Cryptocurrency Scams Cybercrime Advertising 143

The Hacker News

MAY 10, 2024

The North Korean threat actor tracked as Kimsuky has been observed deploying a previously undocumented Golang-based malware dubbed Durian as part of highly-targeted cyber attacks aimed at South Korean cryptocurrency firms.

Malware 143

Malware Cryptocurrency Cyber Attacks 143

Security Affairs

SEPTEMBER 22, 2022

The gap is being abused for malicious cryptocurrency mining.” ” In one of the attacks spotted by the experts, threat actors exploited the flaw to inject an OGNL expression and download and run a shell script (“ro.sh”) on the victim’s machine. .” in the collaboration tool Atlassian Confluence.

Cryptocurrency 141

Cryptocurrency Firewall Malware Hacking 141

Security Affairs

OCTOBER 3, 2023

Cybersecurity researchers spotted a new malware-as-a-service (MaaS) called BunnyLoader that’s appeared in the threat landscape. Zscaler ThreatLabz researchers discovered a new malware-as-a-service (MaaS) that is called BunnyLoader, which has been advertised for sale in multiple cybercrime forums since September 4, 2023.

Advertising 142

Advertising Cybercrime Malware Cryptocurrency 142

Security Affairs

FEBRUARY 13, 2023

Alleged Russian threat actors have been targeting cryptocurrency users in Eastern Europe with Enigma info-stealing malware. A malware campaign conducted by alleged Russian threat actors has been targeting users in Eastern European in the crypto industry. The files pose an interview for a fake cryptocurrency role or job opening.

Cryptocurrency 98

Cryptocurrency Malware Media Phishing 98

CyberSecurity Insiders

NOVEMBER 26, 2021

Google, the business subsidiary of tech giant Alphabet Inc, has released a report saying that the compromised cloud accounts were leading hackers to mine cryptocurrency that could prove as a double threat to customers. The post Compromised cloud accounts leading to Cryptocurrency mining appeared first on Cybersecurity Insiders.

Cryptocurrency 131

Cryptocurrency Accountability Passwords Software 131

SecureList

JUNE 12, 2023

Introduction Stealing cryptocurrencies is nothing new. Since then, stealing cryptocurrencies has continued to occupy cybercriminals. One of the latest additions to this phenomenon is the multi-stage DoubleFinger loader delivering a cryptocurrency stealer. For example, the Mt. recovery phrases). recovery phrases).

Cryptocurrency 123

Cryptocurrency Encryption Malware Ransomware 123

Security Affairs

DECEMBER 4, 2022

The North Korea-linked Lazarus APT spreads fake cryptocurrency apps under the fake brand BloxHolder to install the AppleJeus malware. Volexity researchers warn of a new malware campaign conducted by the North Korea-linked Lazarus APT against cryptocurrency users. ” reads the report published by Volexity.

Cryptocurrency 102

Cryptocurrency Malware Hacking Information Security 102

Security Affairs

OCTOBER 23, 2021

CISA warned of crypto-mining malware hidden in a popular JavaScript NPM library, named UAParser.js, which has millions of weekly downloads. Cybersecurity and Infrastructure Security Agency published an advisory to warn of the discovery of a crypto-mining malware in the popular NPM Package UAParser.js. Pierluigi Paganini.

Malware 145

Malware Cryptocurrency Accountability Software 145

Krebs on Security

APRIL 20, 2023

Researchers at ESET say this job offer from a phony HSBC recruiter on LinkedIn was North Korean malware masquerading as a PDF file. Researchers at ESET say this job offer from a phony HSBC recruiter on LinkedIn was North Korean malware masquerading as a PDF file. Image: Mandiant.

Malware 322

Malware Software Technology Accountability 322

SecureList

JANUARY 13, 2022

The group seems to work more like a unit within a larger formation of Lazarus attackers, with the ability to tap into its vast resources: be it malware implants, exploits, or infrastructure. Also, we have previously reported on cryptocurrency-focused BlueNoroff attacks. Malware infection.

Cryptocurrency 143

Cryptocurrency Malware Accountability Banking 143

Dark Reading

JUNE 2, 2022

The malware targets Windows users via Trojanized downloads of cracked or pirated software and then starts in on cryptocurrency mining and clipboard hijacking.

Malware 130

Malware Cryptocurrency Software 130

Security Affairs

NOVEMBER 5, 2023

North Korea-linked Lazarus group is using new KandyKorn macOS Malware in attacks against blockchain engineers. North Korea-linked Lazarus APT group were spotted using new KandyKorn macOS malware in attacks against blockchain engineers, reported Elastic Security Labs. Stage 1 (Dropper) – testSpeed.py ” concludes the report.

Engineering 136

Engineering Malware Cryptocurrency Encryption 136

Security Affairs

APRIL 13, 2024

Researchers warn threat actors are manipulating GitHub search results to target developers with persistent malware. Checkmarx researchers reported that t hreat actors are manipulating GitHub search results to deliver persistent malware to developers systems. ” concludes the report.

Malware 144

Malware Cryptocurrency Encryption Hacking 144

Security Affairs

AUGUST 27, 2020

Microsoft warned of a recently uncovered piece of malware, tracked as Anubis that was designed to steal information from infected systems. This week, Microsoft warned of a recently uncovered piece of malware, tracked as Anubis, that was distributed in the wild to steal information from infected systems. Pierluigi Paganini.

Malware 142

Malware Advertising Cryptocurrency Cybercrime 142

Security Affairs

SEPTEMBER 16, 2020

A threat actor is launching brute-force attacks on MSSQL servers in the attempt to access them to install a new crypto-mining malware dubbed MrbMiner. A group of hackers is launching brute-force attacks on MSSQL servers with the intent to compromise them and install crypto-mining malware dubbed MrbMiner. Mining process.”

Malware 145

Malware Advertising Cryptocurrency Accountability 145

Security Affairs

APRIL 3, 2021

Code repository hosting service GitHub launched an investigation in a series of attacks aimed at abusing its infrastructure to illicitly mine cryptocurrency. Miner itself is downloaded from gitlab. The post Attackers are abusing GitHub infrastructure to mine cryptocurrency appeared first on Security Affairs. Pierluigi Paganini.

Cryptocurrency 144

Cryptocurrency Accountability Software Engineering 144

Security Affairs

SEPTEMBER 7, 2022

A new Linux malware dubbed Shikitega leverages a multi-stage infection chain to target endpoints and IoT devices. Researchers from AT&T Alien Labs discovered a new piece of stealthy Linux malware, dubbed Shikitega, that targets endpoints and IoT devices. ” reads the analysis published by AT&T Alien Labs.

Malware 142

Malware IoT Cryptocurrency Engineering 142

Hot for Security

JUNE 17, 2021

At the time we warned users of the hardware cryptocurrency wallet to watch out for phishing scams that might attempt to steal users’ credentials. It does not contain any application to download and install on your computer. The only way to download the Ledger Live app is by using the official download page.

Cryptocurrency 145

Cryptocurrency Data breaches Scams Phishing 145

Malwarebytes

DECEMBER 5, 2022

Now, researchers at Volexity have analyzed a new campaign that is likely targeting cryptocurrency users and organizations with a variant of the AppleJeus malware by using malicious Microsoft Office documents. One of the group's preferred tactics is to use trojanized cryptocurrency related apps, like AppleJeus. Lazarus Group.

Cryptocurrency 97

Cryptocurrency Malware Scams Cybercrime 97

Security Affairs

NOVEMBER 26, 2024

Banshee Stealer, a MacOS Malware-as-a-Service, shut down after its source code leaked online. In August 2024, Russian hackers promoted BANSHEE Stealer, a macOS malware targeting x86_64 and ARM64, capable of stealing browser data, crypto wallets, and more. The code is now available on GitHub. concludes the report.

Malware 145

Malware Cryptocurrency Encryption Passwords 145

Security Affairs

AUGUST 30, 2022

Researchers spotted three campaigns delivering multiple malware, including ModernLoader, RedLine Stealer, and cryptocurrency miners. The downloaded PowerShell code also downloads and runs auxiliary modules and payloads.” SecurityAffairs – hacking, malware). “The next stage is the PowerShell loader.

Malware 144

Malware Cryptocurrency Hacking Technology 144

SecureList

JUNE 5, 2023

Satacom downloader, also known as LegionLoader, is a renowned malware family that emerged in 2019. It is known to use the technique of querying DNS servers to obtain the base64-encoded URL in order to receive the next stage of another malware family currently distributed by Satacom.

Cryptocurrency 117

Cryptocurrency DNS Malware Encryption 117

Security Affairs

NOVEMBER 7, 2024

SentinelLabs observed North Korea-linked threat actor BlueNoroff targeting businesses in the crypto industry with a new multi-stage malware. SentinelLabs researchers identified a North Korea-linked threat actor targeting crypto businesses with new macOS malware as part of a campaign tracked as “Hidden Risk.”

Malware 131

Malware Architecture Risk Cryptocurrency 131

Malwarebytes

MARCH 5, 2024

We’re going to let you in on a little cybersecurity secret… There’s malware on Mac computers. This mass adoption was good for Microsoft and its revenue, but it also drew and maintained the interests of cybercriminals, who would develop malware that could impact the highest number of victims. There pretty much always has been.

Malware 144

Malware Adware Ransomware Social Engineering 144

Security Affairs

APRIL 18, 2021

Threat actors targeted are exploiting the ProxyLogon vulnerabilities in Microsoft Exchange servers to deploy Monero cryptocurrency miners. “The.zip file is not a compressed archive, but a batch script that then invokes the built-into-Windows certutil.exe program to download two additional files, win_s.zip and win_d.zip.”

Cryptocurrency 130

Cryptocurrency Passwords Hacking Information Security 130

Security Affairs

APRIL 24, 2024

A malware campaign has been exploiting the updating mechanism of the eScan antivirus to distribute backdoors and cryptocurrency miners. Avast researchers discovered and analyzed a malware campaign that exploited the update mechanism of the eScan antivirus to distribute backdoors and crypto miners.

Antivirus 138

Antivirus Malware DNS Cryptocurrency 138

Security Affairs

OCTOBER 4, 2024

perfctl malware targets misconfigured Linux servers to deploy cryptocurrency miners and proxyjacking software in an ongoing campaign. Aqua Nautilus researchers shed light on a Linux malware, dubbed perfctl malware, that over the past 3-4 years targeted misconfigured Linux servers. ” reads the report.

Malware 140

Malware Cryptocurrency Encryption Software 140

Security Affairs

APRIL 19, 2021

XCSSET, a Mac malware targeting Xcode developers, was now re-engineered and employed in a campaign aimed at Apple’s new M1 chips. Experts from Trend Micro have uncovered a Mac malware campaign targeting Xcode developers that employed a re-engineered version of the XCSSET malware to support Apple’s new M1 chips.

Malware 142

Malware Cryptocurrency Architecture Engineering 142

Security Affairs

FEBRUARY 22, 2021

Researchers spotted a new Office malware builder, tracked as APOMacroSploit, that was employed in a campaign targeting more than 80 customers worldwide. Researchers from security firm Check Point uncovered a new Office malware builder called APOMacroSploit, which was employed in attacks that targeted more than 80 customers worldwide.

Malware 144

Malware Antivirus Phishing Cryptocurrency 144