Trend Micro

APRIL 23, 2023

We observed cryptocurrency and information stealer ViperSoftX evading initial loader detection and making its lure more believable by making the initial package loader via cracks, keygens, activators, and packers non-malicious.

Encryption 101

Encryption Cryptocurrency Cyber threats Malware 101

Security Affairs

APRIL 13, 2024

Researchers warn threat actors are manipulating GitHub search results to target developers with persistent malware. Checkmarx researchers reported that t hreat actors are manipulating GitHub search results to deliver persistent malware to developers systems. The archive contained an executable named feedbackAPI.exe.

Malware 143

Malware Cryptocurrency Encryption Hacking 143

Security Affairs

SEPTEMBER 8, 2024

Multiple threat actors actively exploited the recently disclosed OSGeo GeoServer GeoTools flaw CVE-2024-36401 in malware-based campaigns. The attack starts with a shell script that downloads binaries for various architectures (ARM, MIPS, X86), extracts a command-and-control (C2) server from an encrypted configuration, and connects to it.

Malware 136

Malware Telecommunications Encryption DDOS 136

Security Affairs

APRIL 29, 2023

A new variant of the information-stealing malware ViperSoftX implements sophisticated techniques to avoid detection. Trend Micro researchers observed a new ViperSoftX malware campaign that unlike previous attacks relies on DLL sideloading for its arrival and execution technique. c2 arrowlchat[.]com c2 arrowlchat[.]com

Encryption 98

Encryption Malware Cryptocurrency Software 98

Security Affairs

NOVEMBER 5, 2023

North Korea-linked Lazarus group is using new KandyKorn macOS Malware in attacks against blockchain engineers. North Korea-linked Lazarus APT group were spotted using new KandyKorn macOS malware in attacks against blockchain engineers, reported Elastic Security Labs. Stage 1 (Dropper) – testSpeed.py

Engineering 131

Engineering Malware Cryptocurrency Encryption 131

The Last Watchdog

SEPTEMBER 6, 2023

Over time, Bitcoin has become the most widely used cryptocurrency in the world. Backups should be kept safely in several places, such as encrypted cloud storage or external hard drives. A virtual private network (VPN) can offer an additional layer of encryption and security. Secure your network, device. Ashford Be wary of fraud.

Cryptocurrency 100

Cryptocurrency Backups Passwords Software 100

Webroot

OCTOBER 31, 2024

In our annual “Nastiest Malware” report, now in its sixth year, we’ve observed a steady increase in both the number and sophistication of malware attacks. Now let’s take a look at this year’s Nastiest Malware. It is the most successful and lucrative avenue for monetizing a breach of a victim.

Malware 83

Malware Ransomware Passwords Healthcare 83

SecureWorld News

APRIL 21, 2022

Treasury Department warning of a North Korean state-sponsored advanced persistent threat (APT) known as the Lazarus Group targeting cryptocurrency and blockchain companies. The threat actors use social engineering to encourage individuals to download trojanized cryptocurrency applications on Windows or macOS operating systems.

Cryptocurrency 80

Cryptocurrency Computers and Electronics Social Engineering System Administration 80

SecureList

JUNE 5, 2023

Satacom downloader, also known as LegionLoader, is a renowned malware family that emerged in 2019. It is known to use the technique of querying DNS servers to obtain the base64-encoded URL in order to receive the next stage of another malware family currently distributed by Satacom.

Cryptocurrency 90

Cryptocurrency DNS Malware Encryption 90

SecureList

JANUARY 13, 2022

The group seems to work more like a unit within a larger formation of Lazarus attackers, with the ability to tap into its vast resources: be it malware implants, exploits, or infrastructure. Also, we have previously reported on cryptocurrency-focused BlueNoroff attacks. Malware infection.

Cryptocurrency 134

Cryptocurrency Malware Accountability Banking 134

Security Affairs

APRIL 24, 2024

A malware campaign has been exploiting the updating mechanism of the eScan antivirus to distribute backdoors and cryptocurrency miners. Avast researchers discovered and analyzed a malware campaign that exploited the update mechanism of the eScan antivirus to distribute backdoors and crypto miners.

Antivirus 133

Antivirus Malware DNS Cryptocurrency 133

SecureList

NOVEMBER 6, 2024

It also uses stealer malware to extract the victim’s credit card data as well as details about the infected device. Technical Details Background In August 2024, we stumbled upon a massive infection caused by an unknown bundle consisting of miner and stealer malware. SteelFox.gen , Trojan.Win64.SteelFox.*. SteelFox.*.

Software 85

Software Cryptocurrency Malware DNS 85

Krebs on Security

SEPTEMBER 5, 2023

In November 2022, the password manager service LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. Taylor Monahan is founder and CEO of MetaMask , a popular software cryptocurrency wallet used to interact with the Ethereum blockchain.

Cryptocurrency 359

Cryptocurrency Passwords Encryption Accountability 359

Security Affairs

AUGUST 10, 2023

Zscaler ThreatLabz researchers discovered a new information stealer malware, called Statc Stealer, that can steal a broad range of info from Windows devices. The malware can steal sensitive information from various web browsers, including login data, cookies, web data, and preferences. ” concludes the report.

Malware 98

Malware Encryption Advertising Cryptocurrency 98

Malwarebytes

FEBRUARY 17, 2023

The tag-team campaign serves up ransomware known as Mortal Kombat, which borrows the name made famous by the video game, and Laplas Clipper malware, a clipboard stealer. The email is cryptocurrency themed, and claims that a payment of yours has “timed out” and will need resending.

Ransomware 76

Ransomware Malware Cryptocurrency Encryption 76

Security Affairs

AUGUST 3, 2020

million worth of cryptocurrency from cryptocurrency investment accounts. . Hackers stole roughly €1.183 million worth of cryptocurrency from investment accounts of 2gether, 26.79% of overall funds stored by the accounts. worth of cryptocurrency from 2gether appeared first on Security Affairs. Pierluigi Paganini.

Cryptocurrency 144

Cryptocurrency Accountability Hacking Advertising 144

Security Affairs

JANUARY 25, 2021

Indian cryptocurrency exchange Buyucoin suffered a security incident, threat actors leaked sensitive data of 325K users. A new incident involving a cryptocurrency exchange made the headlines, the India-based cryptocurrency exchange suffered a security incident, threat actors leaked sensitive data of 325K users on the Dark Web.

Cryptocurrency 144

Cryptocurrency Hacking InfoSec Data breaches 144

Security Affairs

JANUARY 12, 2022

Experts warn of a new variant of the RedLine malware that is distributed via emails as fake COVID-19 Omicron stat counter app as a lure. The malicious code can also act as a first-stage malware. Upon executing the Omicron Stats.exe, it unpacks resources encrypted with triple DES using ciphermode ECB and padding mode PKCS7.

Malware 145

Malware Manufacturing Cryptocurrency Cybercrime 145

Security Affairs

SEPTEMBER 28, 2022

North Korea-linked Lazarus APT group is targeting macOS Users searching for jobs in the cryptocurrency industry. North Korea-linked Lazarus APT group continues to target macOS with a malware campaign using job opportunities as a lure. The second-stage malware extracts and executes the third-stage binary.

Malware 104

Malware Cryptocurrency Architecture Advertising 104

SecureList

MARCH 31, 2022

For the Lazarus threat actor, financial gain is one of the prime motivations, with a particular emphasis on the cryptocurrency business. This application contains a legitimate program called DeFi Wallet that saves and manages a cryptocurrency wallet, but also implants a malicious file when executed. Backdoor creation.

Malware 125

Malware Encryption Cryptocurrency Architecture 125

Security Affairs

AUGUST 19, 2020

According to the Guardicore Labs researchers, the malware already infected over 500 servers in the U.S. ” The botnet’s P2P communication is encrypted using AES for symmetric encryption and the Diffie-Hellman protocol for key exchange. and Europe belonging to universities and a railway company.

Cryptocurrency 145

Cryptocurrency Malware Advertising Encryption 145

Security Affairs

JANUARY 9, 2020

In the last 18 months, North Korea-linked Lazarus APT group has continued to target cryptocurrency exchanges evolving its TTPs. Kaspersky researchers have analyzed the attacks carried out by North Korea-linked Lazarus APT group in the past 18 months and confirmed their interest in banks and cryptocurrency exchanges.

Cryptocurrency 93

Cryptocurrency Malware Advertising Encryption 93

Security Affairs

OCTOBER 20, 2021

A Cookie Theft malware was employed in phishing attacks against YouTube creators, Google’s Threat Analysis Group (TAG) warns. Financially motivated threat actors are using Cookie Theft malware in phishing attacks against YouTube creators since late 2019. The hackers used fake collaboration opportunities (i.e. Pierluigi Paganini.

Accountability 145

Accountability Malware Phishing Social Engineering 145

Security Affairs

APRIL 19, 2021

XCSSET, a Mac malware targeting Xcode developers, was now re-engineered and employed in a campaign aimed at Apple’s new M1 chips. Experts from Trend Micro have uncovered a Mac malware campaign targeting Xcode developers that employed a re-engineered version of the XCSSET malware to support Apple’s new M1 chips.

Malware 139

Malware Cryptocurrency Architecture Engineering 139

Security Affairs

OCTOBER 31, 2022

In the early afternoon of Friday 12 May 2017, the media broke the news of a global computer security attack carried out through a malicious code capable of encrypting data residing in information systems and demanding a ransom in cryptocurrency to restore them, the Wannacry ransomware. The infection chain.

Malware 112

Malware Computers and Electronics Encryption Ransomware 112

Malwarebytes

DECEMBER 13, 2023

While Zoom is used by millions of people around the world, these campaigns are likely targeting victims who are into cryptocurrencies as well as corporate users, in order to gain access to company networks. Its goal is to drop additional malware, typically a stealer followed by data exfiltration. me ntcrgfmmc3[.]onelink[.]me

Cryptocurrency 67

Cryptocurrency Advertising Malware Accountability 67

CyberSecurity Insiders

NOVEMBER 20, 2022

Thousands of financial transactions related to demat accounts were halted on Friday November 18th,2022 as the servers at the Central Depository Services (India) Limited went through a cyber attack of the malware genre. The post Malware attack on India CDSL halts financial transactions on Friday appeared first on Cybersecurity Insiders.

Malware 102

Malware Banking Cryptocurrency Cyber Attacks 102

eSecurity Planet

JANUARY 26, 2023

Security researchers are warning that Google Ads are being actively leveraged to distribute malware to unsuspecting victims searching for software downloads. On January 20, CronUp researcher Germán Fernández warned that the DEV-0569 ransomware group is using Google Ads to distribute Gozi/Ursnif malware, RedLine stealer, and Royal ransomware.

Malware 122

Malware Ransomware Software Cryptocurrency 122

Security Affairs

FEBRUARY 5, 2021

The TeamTNT hacker group has been employing a new piece of malware, dubbed Hildegard, to target Kubernetes installs. The hacking group TeamTNT has been employing a new piece of malware, dubbed Hildegard, in a series of attacks targeting Kubernetes systems. The malware deploys the XMRig mining tool to mine Monero cryptocurrency.

Malware 121

Malware DNS Cryptocurrency Internet 121

SecureList

OCTOBER 4, 2024

While trying to deliver malware on victims’ devices and stay on them as long as they can, sometimes attackers are using quite unusual techniques. Malware was also distributed through Telegram channels targeted at crypto investors and in descriptions and comments on YouTube videos about cryptocurrency, cheats and gambling.

Scams 130

Scams Cryptocurrency Malware Software 130

NopSec

MARCH 29, 2023

Another day goes by, another latest and greatest security breach affects the cryptocurrency world. The attacks range from phishing campaigns scamming prominent crypto personalities of their NFT (Non-fungible tokens) stashes to attackers exploiting crypto protocols and encryption algorithms to extract tokens out of various crypto ecosystems.

Cryptocurrency 52

Cryptocurrency Accountability Malware Architecture 52

Security Affairs

MARCH 11, 2019

Experts observed the STOP ransomware installing the Azorult password-stealing Trojan to steal account credentials, cryptocurrency wallets, and more. Experts observed the ransomware also installing the dreaded Azorult password-stealing Trojan on victim’s machine to steal account credentials, cryptocurrency wallets, documents and more.

Encryption 109

Encryption Ransomware Cryptocurrency Passwords 109

SecureWorld News

AUGUST 8, 2022

Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC) released a joint Cybersecurity Advisory (CSA) providing details on the top malware strains of 2021. The top malware strains in 2021 included remote access Trojans (RATs), banking Trojans, information stealers, and ransomware.

Malware 87

Malware Banking Healthcare Penetration Testing 87

Malwarebytes

SEPTEMBER 6, 2023

If we define ransomware as malware that encrypts files to extort the owner of the system, then the first malware that could be classified as ransomware is the 1989 AIDS Trojan. However, while it encrypted file(name)s and asked for a ransom, it was far from effective. But where did it start?

Ransomware 111

Ransomware Encryption Cryptocurrency Government 111

Naked Security

OCTOBER 21, 2021

And sign up for our forthcoming Live Malware Demo at the same time.). Latest episode - listen now!

Malware 110

Malware Encryption Scams Cryptocurrency 110

Hot for Security

JUNE 2, 2021

In the early days of ransomware things were fairly simple: malware would infect your company’s infrastructure, encrypting your valuable data with a secret key that was only known to your attackers. If you had shown the foresight of making secure backups in advance, you could get back up and running again.

Encryption 138

Encryption Ransomware Backups Hacking 138

Security Affairs

SEPTEMBER 19, 2022

The TeamTNT botnet is a crypto-mining malware operation that has been active since April 2020 and targets Docker installs. In January 2021, the cybercrime gang launched a new campaign targeting Kubernetes environments with the Hildegard malware. “Breaking the cryptographic encryption is considered “Mission: Impossible”.

Encryption 98

Encryption Cybercrime Hacking Malware 98