Security Affairs

JANUARY 4, 2024

The X account of cybersecurity giant Mandiant was hacked, attackers used it to impersonate the Phantom crypto wallet and push a cryptocurrency scam. Crooks hacked the X account of cybersecurity firm Mandiant and used it to impersonate the Phantom crypto platform and share a cryptocurrency scam. “Sorry, change password please.”

Cryptocurrency 133

Cryptocurrency Scams Accountability Hacking 133

Security Affairs

DECEMBER 13, 2023

Microsoft warns that threat actors are using OAuth applications cryptocurrency mining campaigns and phishing attacks. Threat actors are using OAuth applications such as an automation tool in cryptocurrency mining campaigns and other financially motivated attacks. ” states Microsoft.

Cryptocurrency 133

Cryptocurrency Phishing Accountability VPN 133

Security Affairs

APRIL 18, 2021

Threat actors targeted are exploiting the ProxyLogon vulnerabilities in Microsoft Exchange servers to deploy Monero cryptocurrency miners. The miner’s pools.txt file is temporarily written to disk, its analysis allowed the researchers to determine the wallet address and its password, and the name DRUGS assigned to the pool of miners.

Cryptocurrency 122

Cryptocurrency Passwords Hacking Information Security 122

Security Affairs

JANUARY 10, 2025

The malware authors claimed it can steal a broad range of data from compromised systems, including browser data, cryptocurrency wallets, and around 100 browser extensions. Researchers at Elastic Security Labs who first analyzed the malware confirmed it can steal keychain passwords and data from multiple browsers.

Malware 120

Malware Advertising Antivirus Cybercrime 120

Security Affairs

JULY 15, 2022

Threat actors behind the campaign used multiple accounts across several social media platforms to advertise password-cracking software for Programmable Logic Controller (PLC), Human-Machine Interface (HMI), and project files. The password cracking software also acts as a dropper for the Sality P2P bot. ” concludes the report.

Passwords 129

Passwords Software Firmware Malware 129

Security Affairs

NOVEMBER 3, 2024

Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cryptocurrency 109

Cryptocurrency Hacking Phishing Cyber Attacks 109

Security Affairs

MAY 2, 2021

The bold author of a new cryptocurrency stealer, dubbed WeSteal, is promising its customers a leading way to make money in 2021. According to Palo Alto Networks, the author of WeSteal, that goes online as “ComplexCodes,” started advertising the cryptocurrency stealer on underground forums in mid-February 2021. Pierluigi Paganini.

Cryptocurrency 116

Cryptocurrency Malware Advertising System Administration 116

Security Affairs

FEBRUARY 24, 2023

Trojanized versions of legitimate applications are being used to deploy XMRig cryptocurrency miner on macOS systems. Later first generation samples changed to a user Launch Agent, which would not require the conspicuous password prompt. ” reads the analysis published by the experts. ” concludes the report.

Cryptocurrency 98

Cryptocurrency Malware Software Passwords 98

Security Affairs

APRIL 30, 2023

Threat actors are gaining access to AT&T email accounts in an attempt to hack into the victim’s cryptocurrency exchange accounts. Hackers are breaking into the AT&T email accounts and then using the access they are logging into the victim’s cryptocurrency exchange accounts to drain their crypto funds, TechCrunch reported.

Cryptocurrency 98

Cryptocurrency Accountability Passwords Hacking 98

Security Affairs

JANUARY 2, 2020

The Poloniex cryptocurrency exchange is forcing users to reset their passwords following a data leak. . Another bad news for the community of the virtual currencies communities, the Poloniex cryptocurrency exchange has forced its users to reset their passwords following a data leak. . This is a real email!

Passwords 92

Passwords Cryptocurrency Data breaches Advertising 92

Security Affairs

JUNE 20, 2019

Researchers discovered that recently patched Firefox zero-day (CVE-2019-11707) has been exploited to deliver Windows and Mac malware to cryptocurrency exchanges. According to Martin, other cryptocurrency organizations were hit by similar attacks. CVE-2019-11707 is a type confusion vulnerability in Array.pop. ” wrote Wardle.

Cryptocurrency 106

Cryptocurrency Malware Advertising Hacking 106

Security Affairs

NOVEMBER 4, 2020

Yesterday almost $1 billion worth of cryptocurrency contained in a password-protected BitCoin wallet was moved to another wallet. Ahead of the 2020 Presidential election a mysterious transaction was noticed by cyber security experts and researchers. I have the wallet, @Google hook me up with a quantum computer please.

Cryptocurrency 145

Cryptocurrency Passwords Advertising Hacking 145

Security Affairs

AUGUST 7, 2018

Group-IB researchers have investigated user data leaks from cryptocurrency exchanges and has analyzed the nature of these incidents. In 2017, when cryptocurrencies were gaining momentum, their record-breaking capitalization and a spike in Bitcoin’s exchange rate led to dozens of attacks on cryptocurrency services.

Cryptocurrency 74

Cryptocurrency Passwords Authentication Accountability 74

Security Affairs

JULY 3, 2023

The malware also targets crypto wallet extensions, password managers, and 2FA extensions. The malware also collects a variety of data, including system info, browser info, password manager info, miner related registry info, and installed games info. The malware admin declared that their operations do not involve any ransom activities.

Password Management 98

Password Management Passwords Malware Marketing 98

Security Affairs

DECEMBER 29, 2023

On Christmas Eve, Resecurity’s HUNTER unit spotted the author of perspective password stealer Meduza has released a new version (2.2). Presently, Meduza password stealer supports Windows Server 2012/2016/2019/2022 and Windows 10/11.

Password Management 144

Password Management Cryptocurrency Passwords Authentication 144

Security Affairs

MARCH 2, 2025

DragonForce Ransomware Group is Targeting Saudi Arabia Massive Botnet Targets M365 with Stealthy Password Spraying Attacks Notorious Malware, Spam Host Prospero Moves to Kaspersky Lab ACRStealer Infostealer Exploiting Google Docs as C2 #StopRansomware: Ghost (Cring) Ransomware The GitVenom campaign: cryptocurrency theft using GitHub Silent Killers: (..)

Malware 63

Malware Architecture IoT Ransomware 63

Security Affairs

JANUARY 11, 2024

The X account of cybersecurity firm Mandiant was likely hacked through a brute-force password attack, the company revealed. Last week, threat actors hacked the X account of cybersecurity firm Mandiant and used it to impersonate the Phantom crypto platform and share a cryptocurrency scam. Sorry, change password please.”

Accountability 136

Accountability Hacking Cryptocurrency Cybersecurity 136

Security Affairs

OCTOBER 2, 2021

According to a data breach notification letter filed with US state attorney general offices, the attackers with the knowledge of their username and password and phone number associated with the account, were able to steal funds bypassing the SMS-based authentication. SecurityAffairs – hacking, cryptocurrency). Pierluigi Paganini.

Cryptocurrency 141

Cryptocurrency Data breaches Authentication Accountability 141

Security Affairs

JANUARY 21, 2021

QNAP is warning customers of a new piece of malware dubbed Dovecat that is targeting NAS devices to mine cryptocurrency. Taiwanese vendor QNAP has published a security advisory to warn customers of a new piece of malware named Dovecat that is targeting NAS devices. ” reads the security advisory published by the vendor.

Cryptocurrency 124

Cryptocurrency Firmware Malware Passwords 124

Security Affairs

AUGUST 23, 2024

The malicious code is written in GoLang, upon mounting the dmg it prompts users to enter their system and MetaMask passwords using the macOS osascript tool. Once the user inputs their credentials, the malware stores them in a directory and uses Chainbreak to dump Keychain passwords. ” reads the report published by Cado Security.

Malware 129

Malware Passwords Cryptocurrency Software 129

Security Affairs

AUGUST 8, 2019

Avast spotted a new strain of Clipsa malware that is used to mine and steal cryptocurrencies along with carrying out brute-force attacks on WordPress sites. Clipsa is a malware that is well known to cyber security community is able to steal cryptocurrency via clipoard hijacking and mine cryptocurrency after installing a miner. .

Malware 111

Malware Cryptocurrency Passwords Internet 111

Security Affairs

MARCH 17, 2020

The website was distributing a file named WSHSetup.exe, it is the downloader for both the CoronaVirus Ransomware and the Kpot password-stealer. exe,’ which is the Kpot password-stealing Trojan. One of these files is, ‘file1.exe,’ The second file downloaded by the initial dropper is ‘file2.exe’,

Ransomware 139

Ransomware Advertising Cryptocurrency Passwords 139

Security Affairs

JULY 22, 2020

Security experts from Cisco Talos discovered a new crypto-mining botnet, tracked as Prometei, that exploits the Microsoft Windows SMB protocol for lateral movements. move laterally across systems while covertly mining for cryptocurrency. . This latest function is typically used to search for Bitcoin cryptocurrency wallets.

Cryptocurrency 121

Cryptocurrency Advertising Passwords Encryption 121

Security Affairs

MAY 18, 2022

Microsoft researchers warn of the rising threat of cryware targeting non-custodial cryptocurrency wallets, also known as hot wallets. Microsoft warns of the rise of cryware, malicious software used to steal info an dfunds from non-custodial cryptocurrency wallets, also known as hot wallets. Password and info stealers.

Cryptocurrency 109

Cryptocurrency Social Engineering Malware Cybercrime 109

Security Affairs

MARCH 15, 2024

“Buyers could search for compromised computer credentials on E-Root, such as usernames and passwords that would allow buyers to access remote computers for purposes of stealing private information or manipulating the contents of the remote computer. ” reads the press release published by DoJ.

Cybercrime 132

Cybercrime Cryptocurrency Advertising Passwords 132

Security Affairs

AUGUST 16, 2024

The malware authors claim it can steal a broad range of data from compromised systems, including browser data, cryptocurrency wallets, and around 100 browser extensions. Researchers at Elastic Security Labs analyzed the malware and confirmed it can steal keychain passwords and data from multiple browsers.

Malware 129

Malware Cryptocurrency Advertising Architecture 129

Krebs on Security

APRIL 20, 2023

The decrypted icon files revealed the location of the malware’s control server, which was then queried for a third stage of the malware compromise — a password stealing program dubbed ICONICSTEALER. Researchers at ESET say this job offer from a phony HSBC recruiter on LinkedIn was North Korean malware masquerading as a PDF file.

Malware 321

Malware Software Technology Accountability 321

Security Affairs

SEPTEMBER 16, 2020

According to security firm Tencent, the team of hackers has been active over the past few months by hacking into Microsoft SQL Servers (MSSQL) to install a crypto-miner. “Tencent Security Threat Intelligence Center detected a new type of mining Trojan family MrbMiner.

Malware 144

Malware Advertising Cryptocurrency Accountability 144

Security Affairs

DECEMBER 31, 2021

The RedLine malware allows operators to steal several information, including credentials, credit card data, cookies, autocomplete information stored in browsers, cryptocurrency wallets, credentials stored in VPN clients and FTP clients. The data included usernames, email addresses and plain text passwords.”

Accountability 145

Accountability Malware Data breaches Passwords 145

Security Affairs

APRIL 4, 2022

During the weekend, multiple owners of Trezor hardware cryptocurrency wallets reported having received fake data breach notifications from Trezor, BleepingComputer first reported. We also recommend two-factor authentication and other account security measures for our users as added measures to keep accounts and passwords secure.”

Phishing 138

Phishing Data breaches Cryptocurrency Social Engineering 138

Security Affairs

JUNE 22, 2021

The Windows botnet has been active since late 2017, it was mainly used to mine cryptocurrency, but it was also involved in DDoS attacks in 2018. “Recently, a new infection vector that cracks Windows machines through SMB password brute force is on the rise” reads the analysis published by AVAST.

DNS 145

DNS Internet Internet Malware 145

Security Affairs

MAY 21, 2021

CyberNews researchers found that crooks could abuse cryptocurrency exchange API keys and steal cryptocurrencies. CyberNews researchers found that cybercriminals are able to abuse cryptocurrency exchange API keys and steal cryptocurrencies from their victims’ accounts without being granted withdrawal rights.

Cryptocurrency 107

Cryptocurrency Accountability Marketing Passwords 107

Security Affairs

APRIL 14, 2024

When informed that the target had significant cryptocurrency and project files, Chakhmakhchyan agreed to sell the Hive RAT. ” reported the DoJ. “ According to the indictment, Chakhmakhchyan engaged in electronic communication with buyers after advertising the Hive RAT. . ” continues DoJ.

Computers and Electronics 140

Computers and Electronics Advertising Cryptocurrency Malware 140

Security Affairs

JANUARY 25, 2021

“These techniques include numerous modules that exploit implicit trust, weak passwords, and unauthenticated remote code execution (RCE) vulnerabilities in popular applications, including Secure Shell (SSH), IT administration tools, a variety of cloud-based applications, and databases.” Ransomware, data theft).

Cryptocurrency 145

Cryptocurrency Malware DNS Passwords 145

Security Affairs

OCTOBER 2, 2024

introduces AI-driven capabilities for extracting cryptocurrency seed phrases from images. The infostealer can steal credentials, system information, and financial data from infected systems, it supports sophisticated evasion techniques, including MSI installer disguise. The subscription fee is $250 per month, or $550 for 90 days.

Artificial Intelligence 124

Artificial Intelligence Cryptocurrency Malware Hacking 124

Security Affairs

JANUARY 14, 2022

The North Korea-linked APT group BlueNoroff has been spotted targeting cryptocurrency startups with fake MetaMask browser extensions. The North Korea-linked APT group BlueNoroff has been spotted targeting cryptocurrency startups with fake MetaMask browser extensions.

Cryptocurrency 121

Cryptocurrency Banking Malware Passwords 121

Security Affairs

JANUARY 31, 2024

Direct Trading Technologies (DTT) is an international fintech company offering trading platforms for stocks, forex, precious metals, energies, indices, Contracts for Difference (CFDs), and cryptocurrencies. Source: Cybernews Users holding the company’s email addresses, potentially the employees, had their passwords exposed in plaintext.

Technology 140

Technology Identity Theft Backups Passwords 140