Schneier on Security

MAY 14, 2020

US Cyber Command has uploaded North Korean malware samples to the VirusTotal aggregation repository, adding to the malware samples it uploaded in February. It's interesting to see the US government take a more aggressive stance on foreign malware.

Government 252

Government Malware Antivirus Cryptocurrency 252

Schneier on Security

APRIL 4, 2023

News : Researchers at Russian cybersecurity firm Kaspersky today revealed that they identified a small number of cryptocurrency-focused firms as at least some of the victims of the 3CX software supply-chain attack that’s unfolded over the past week.

Cryptocurrency 221

Cryptocurrency Hacking Software Cybersecurity 221

The Hacker News

FEBRUARY 20, 2024

A novel malware campaign has been observed targeting Redis servers for initial access with the ultimate goal of mining cryptocurrency on compromised Linux hosts. The cryptojacking attack is facilitated

Cryptocurrency 140

Cryptocurrency Malware 140

The Hacker News

OCTOBER 3, 2024

Linux servers are the target of an ongoing campaign that delivers a stealthy malware dubbed perfctl with the primary aim of running a cryptocurrency miner and proxyjacking software.

Cryptocurrency 141

Cryptocurrency Malware Software 141

Schneier on Security

SEPTEMBER 12, 2022

It’s pretty nasty : The malware was dubbed “ Shikitega ” for its extensive use of the popular Shikata Ga Nai polymorphic encoder, which allows the malware to “mutate” its code to avoid detection.

Malware 301

Malware Backups IoT Software 301

Krebs on Security

OCTOBER 31, 2022

A 26-year-old Ukrainian man is awaiting extradition from The Netherlands to the United States on charges that he acted as a core developer for Raccoon , a popular “malware-as-a-service” offering that helped paying customers steal passwords and financial data from millions of cybercrime victims. According to the U.S.

Malware 329

Malware Identity Theft Cybercrime Accountability 329

Security Affairs

APRIL 26, 2024

As cryptocurrencies have grown in popularity, there has also been growing concern about cybercrime involvement in this sector Cryptocurrencies have revolutionized the financial world, offering new investment opportunities and decentralized transactions.

Cryptocurrency 135

Cryptocurrency Cybercrime Education Scams 135

Krebs on Security

AUGUST 25, 2021

After several years of working with investigators, Schober says he’s confident he has located two young men in the United Kingdom responsible for using a clever piece of digital clipboard-stealing malware that let them siphon his crypto holdings. universities). When Schober went to move approximately 16.4

Cryptocurrency 349

Cryptocurrency Malware Mobile Accountability 349

Penetration Testing

JULY 18, 2024

Cyble Research and Intelligence Labs (CRIL) has uncovered a sophisticated cyberattack campaign targeting cryptocurrency users.

Cryptocurrency 104

Cryptocurrency Malware Phishing Software 104

The Hacker News

FEBRUARY 16, 2024

Several companies operating in the cryptocurrency sector are the target of a newly discovered Apple macOS backdoor codenamed RustDoor. RustDoor was first documented by Bitdefender last week, describing it as a Rust-based malware capable of harvesting and uploading files, as well as gathering information about the infected machines.

Cryptocurrency 140

Cryptocurrency Malware 140

Malwarebytes

SEPTEMBER 27, 2023

Cryptocurrency owners should take heed of warnings related to Xenomorph malware—Bleeping Computer reports that the most recent version of Xenomorph now targets various cryptocurrency wallets using fake browser update messaging as bait. This on its own is already very malicious behaviour.

Cryptocurrency 134

Cryptocurrency Malware Scams Banking 134

The Hacker News

SEPTEMBER 16, 2024

Cybersecurity researchers are continuing to warn about North Korean threat actors' attempts to target prospective victims on LinkedIn to deliver malware called RustDoor.

Malware 144

Malware Cryptocurrency Cybersecurity 144

The Hacker News

JUNE 28, 2024

Security researchers have shed more light on the cryptocurrency mining operation conducted by the 8220 Gang by exploiting known security flaws in the Oracle WebLogic Server.

Cryptocurrency 132

Cryptocurrency Malware 132

We Live Security

MAY 14, 2024

One of the most advanced server-side malware campaigns is still growing, with hundreds of thousands of compromised servers, and it has diversified to include credit card and cryptocurrency theft

Cryptocurrency 138

Cryptocurrency Malware 138

Penetration Testing

NOVEMBER 29, 2024

Cybersecurity researchers at ReversingLabs have uncovered a stealthy supply chain attack targeting cryptocurrency wallets via the PyPI repository.

Cryptocurrency 107

Cryptocurrency Cybersecurity Malware 107

The Hacker News

MARCH 20, 2024

Cybersecurity researchers have discovered an updated variant of a stealer and malware loader called BunnyLoader that modularizes its various functions as well as allow it to evade detection.

Malware 143

Malware Cryptocurrency Cybersecurity 143

Security Affairs

JULY 22, 2024

Huntress researchers observed the JavaScript downloader malware SocGholish (aka FakeUpdates ) that is being used to deliver remote access trojan AsyncRAT and the legitimate open-source project BOINC (Berkeley Open Infrastructure Network Computing Client). ” reads the report published by Huntress.

Malware 143

Malware Cryptocurrency Hacking Software 143

The Hacker News

MAY 30, 2024

The threat actors behind the RedTail cryptocurrency mining malware have added a recently disclosed security flaw impacting Palo Alto Networks firewalls to its exploit arsenal.

Firewall 139

Firewall Malware Cryptocurrency 139

Security Affairs

SEPTEMBER 22, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 132

Malware Healthcare IoT Cryptocurrency 132

Security Affairs

OCTOBER 3, 2023

Cybersecurity researchers spotted a new malware-as-a-service (MaaS) called BunnyLoader that’s appeared in the threat landscape. Zscaler ThreatLabz researchers discovered a new malware-as-a-service (MaaS) that is called BunnyLoader, which has been advertised for sale in multiple cybercrime forums since September 4, 2023.

Advertising 142

Advertising Cybercrime Malware Cryptocurrency 142

Security Affairs

OCTOBER 13, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Over 300,000!

Malware 130

Malware DDOS Cryptocurrency Education 130

The Hacker News

MAY 10, 2024

The North Korean threat actor tracked as Kimsuky has been observed deploying a previously undocumented Golang-based malware dubbed Durian as part of highly-targeted cyber attacks aimed at South Korean cryptocurrency firms.

Malware 143

Malware Cryptocurrency Cyber Attacks 143

Krebs on Security

OCTOBER 18, 2023

One of the oldest malware tricks in the book — hacked websites claiming visitors need to update their Web browser before they can view any content — has roared back to life in the past few months. “The team is committed to ongoing monitoring of addresses that are involved in spreading malware scripts on the BSC. .

Scams 324

Scams Malware Cryptocurrency Hacking 324

Penetration Testing

MARCH 31, 2024

The package, named “vue2util,” sneakily executes a sophisticated scheme designed to drain USDT tokens from... The post ‘Trojanized’ npm Package Targets Cryptocurrency Wallets, Steals USDT appeared first on Penetration Testing.

Cryptocurrency 125

Cryptocurrency Penetration Testing Malware 125

Security Affairs

AUGUST 16, 2024

Russian cybercriminals are advertising a new macOS malware called Banshee Stealer with a monthly subscription price of $3,000. In August 2024, Russian crooks advertised a macOS malware called BANSHEE Stealer that can target both x86_64 and ARM64 architectures. ” concludes the report. ” concludes the report.

Malware 135

Malware Cryptocurrency Advertising Architecture 135

Security Affairs

NOVEMBER 7, 2024

SentinelLabs observed North Korea-linked threat actor BlueNoroff targeting businesses in the crypto industry with a new multi-stage malware. SentinelLabs researchers identified a North Korea-linked threat actor targeting crypto businesses with new macOS malware as part of a campaign tracked as “Hidden Risk.”

Malware 130

Malware Risk Architecture Cryptocurrency 130

Penetration Testing

MARCH 11, 2024

A dangerous new malware named Planet Stealer is making its rounds in the cybercriminal underworld, and security experts warn that your passwords, cryptocurrency wallets, and other sensitive information could be in its sights.

Passwords 132

Passwords Penetration Testing Malware Risk 132

Security Affairs

OCTOBER 4, 2024

perfctl malware targets misconfigured Linux servers to deploy cryptocurrency miners and proxyjacking software in an ongoing campaign. Aqua Nautilus researchers shed light on a Linux malware, dubbed perfctl malware, that over the past 3-4 years targeted misconfigured Linux servers. ” reads the report.

Malware 140

Malware Cryptocurrency Encryption Software 140

Bleeping Computer

FEBRUARY 7, 2024

A new password-stealing malware named Ov3r_Stealer is spreading through fake job advertisements on Facebook, aiming to steal account credentials and cryptocurrency. [.]

Passwords 125

Passwords Malware Cryptocurrency Advertising 125

Security Affairs

AUGUST 23, 2024

Cado Security researchers have discovered a malware-as-a-service (MaaS) targeting macOS users dubbed Cthulhu Stealer. Once the user inputs their credentials, the malware stores them in a directory and uses Chainbreak to dump Keychain passwords. ” The malware can steal various types of information from a broad array of sources.

Malware 136

Malware Passwords Cryptocurrency Software 136

Trend Micro

MARCH 28, 2023

We discovered a new malware, which we named “OpcJacker” (due to its opcode configuration design and its cryptocurrency hijacking ability), that has been distributed in the wild since the second half of 2022.

Malware 136

Malware VPN Cryptocurrency 136

Security Affairs

NOVEMBER 8, 2023

The North Korea-linked APT BlueNoroff used a new strain of macOS malware strain dubbed ObjCShellz, Jamf Threat Labs reported. Researchers from Jamf Threat Labs discovered a new macOS malware strain dubbed ObjCShellz and attributed it to North Korea-linked APT BlueNoroff. ” concludes the report.

Malware 139

Malware Cryptocurrency Social Engineering Engineering 139

Security Affairs

OCTOBER 6, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 125

Malware Architecture Cryptocurrency Cyber Attacks 125

The Hacker News

AUGUST 21, 2024

Cybersecurity researchers have unpacked a new malware strain dubbed PG_MEM that's designed to mine cryptocurrency after brute-forcing their way into PostgreSQL database instances.

Malware 133

Malware Cryptocurrency Passwords Cybersecurity 133

Krebs on Security

SEPTEMBER 5, 2023

Since then, a steady trickle of six-figure cryptocurrency heists targeting security-conscious people throughout the tech industry has led some security experts to conclude that crooks likely have succeeded at cracking open some of the stolen LastPass vaults. “The victim profile remains the most striking thing,” Monahan wrote.

Cryptocurrency 362

Cryptocurrency Passwords Encryption Accountability 362

The Hacker News

MAY 15, 2023

Poorly managed Microsoft SQL (MS SQL) servers are the target of a new campaign that's designed to propagate a category of malware called CLR SqlShell that ultimately facilitates the deployment of cryptocurrency miners and ransomware.

Malware 145

Malware Ransomware Cryptocurrency 145

Security Affairs

MAY 25, 2024

Threat actors used fake AV websites masquerading as legitimate antivirus products from Avast, Bitdefender, and Malwarebytes to distribute malware. The sites hosting malware are avast-securedownload.com (Avast.apk), bitdefender-app.com (setup-win-x86-x64.exe.zip), exe.zip), malwarebytes.pro (MBSetup.rar). bitdefender-app[.]com

Malware 141

Malware Antivirus Cryptocurrency Hacking 141