CSO Magazine

SEPTEMBER 21, 2021

The Biden administration has introduced new sanctions against cryptocurrency exchange Suex to stifle revenue for ransomware groups. Suex, which has been accused by US officials of doing business with ransomware actors in the past, has had its access to US markets cut off as a result.

Cryptocurrency 125

Cryptocurrency Ransomware CSO Marketing 125

Security Affairs

MARCH 8, 2021

Experts warn of ongoing attacks targeting QNAP network-attached storage (NAS) devices to abuse them in cryptocurrency mining. Researchers at 360Netlab are warning of a cryptocurrency malware campaign targeting unpatched QNAP network-attached storage (NAS) devices. Unity is an XMRig cryptocurrency miner. and Quick.tar.gz.

Cryptocurrency 143

Cryptocurrency Firmware Malware Threat Detection 143

The Hacker News

MAY 15, 2023

Poorly managed Microsoft SQL (MS SQL) servers are the target of a new campaign that's designed to propagate a category of malware called CLR SqlShell that ultimately facilitates the deployment of cryptocurrency miners and ransomware.

Malware 145

Malware Ransomware Cryptocurrency 145

Schneier on Security

JULY 6, 2020

There's a new ransomware for the Mac called ThiefQuest or EvilQuest. Given that ransomware is so rare on Macs to begin with, this one-two punch is especially noteworthy. But if you're someone who already torrents programs and is used to ignoring Apple's flags, ThiefQuest illustrates the risks of that approach.

Ransomware 212

Ransomware Spyware Cryptocurrency Passwords 212

CyberSecurity Insiders

MARCH 10, 2022

But here’s a news piece that gives details of a ransomware group that paid $6 million in salaries last year and even tried to develop its cryptocurrency. Conti Ransomware group is the hacking group in discussion and is reported to have been led by an individual code named ‘Stern’.

Cryptocurrency 119

Cryptocurrency Ransomware Banking Hacking 119

Krebs on Security

AUGUST 29, 2023

government today announced a coordinated crackdown against QakBot , a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. Qakbot/Qbot was once again the top malware loader observed in the wild in the first six months of 2023.

Hacking 294

Hacking Malware Ransomware Government 294

Krebs on Security

DECEMBER 27, 2019

Synoptek , a California business that provides cloud hosting and IT management services to more than a thousand customer nationwide, suffered a ransomware attack this week that has disrupted operations for many of its clients, according to sources. A now-deleted Tweet from Synoptek on Dec.

Ransomware 192

Ransomware Media Financial Services Retail 192

Security Affairs

JANUARY 2, 2022

North Korea-linked threat actors are behind some of the largest cyberattacks against cryptocurrency exchanges. North Korea-linked APT groups are suspected to be behind some of the largest cyberattacks against cryptocurrency exchanges. billion (2 trillion won) worth of cryptocurrency from multiple exchanges during the past five years.

Cryptocurrency 144

Cryptocurrency Cybercrime Media Government 144

Security Affairs

OCTOBER 13, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Over 300,000!

Malware 131

Malware DDOS Cryptocurrency Education 131

Security Affairs

SEPTEMBER 22, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. UNC1860 and the Temple of Oats: Iran’s Hidden Hand in Middle Eastern Networks Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini

Malware 133

Malware Healthcare IoT Cryptocurrency 133

The Hacker News

NOVEMBER 26, 2021

A new malware campaign has been discovered targeting cryptocurrency, non-fungible token (NFT), and DeFi aficionados through Discord channels to deploy a crypter named "Babadeda" that's capable of bypassing antivirus solutions and stage a variety of attacks. "[T]his

Malware 143

Malware Antivirus Cryptocurrency Ransomware 143

The Hacker News

JUNE 27, 2024

The peer-to-peer malware botnet known as P2PInfect has been found targeting misconfigured Redis servers with ransomware and cryptocurrency miners. With its latest updates to the crypto miner, ransomware payload, and rootkit elements, it demonstrates

Ransomware 134

Ransomware Cryptocurrency Malware 134

Krebs on Security

DECEMBER 4, 2024

In January 2022, KrebsOnSecurity identified a Russian man named Mikhail Matveev as “ Wazawaka ,” a cybercriminal who was deeply involved in the formation and operation of multiple ransomware groups. government indicted Matveev as a top ransomware purveyor a year later, offering $10 million for information leading to his arrest.

Cybercrime 201

Cybercrime Ransomware Cryptocurrency Government 201

Security Affairs

MAY 1, 2021

Taiwanese vendor QNAP is warning its customers of AgeLocker ransomware attacks on their NAS devices. Crooks behind the AgeLocker ransomware operation are targeting QNAP NAS devices, the Taiwanese vendor warns. The malware was designed to abuse NAS resources and mine cryptocurrency. Pierluigi Paganini.

Ransomware 145

Ransomware Cryptocurrency Malware Internet 145

CyberSecurity Insiders

FEBRUARY 5, 2021

A scenario where software is being distributed as a service is being witnessed in the business of ransomware distribution these days. In a similar fashion, those creating ransomware are also seen selling it via a service called RaaS- Ransomware as a service. Meaning, the ransomware variants might be many.

Ransomware 142

Ransomware Cryptocurrency Malware Marketing 142

Security Affairs

SEPTEMBER 22, 2022

The gap is being abused for malicious cryptocurrency mining.” “If left unremedied and successfully exploited, this vulnerability could be used for multiple and more malicious attacks, such as a complete domain takeover of the infrastructure and the deployment information stealers, remote access trojans (RATs), and ransomware.”

Cryptocurrency 141

Cryptocurrency Firewall Malware Hacking 141

SecureList

JUNE 12, 2023

Introduction Stealing cryptocurrencies is nothing new. Attackers such as those behind the Coinvault ransomware were after your Bitcoin wallets , too. Since then, stealing cryptocurrencies has continued to occupy cybercriminals. Victims & Attribution We found several pieces of Russian text in the malware.

Cryptocurrency 123

Cryptocurrency Encryption Malware Ransomware 123

CyberSecurity Insiders

AUGUST 11, 2021

Accenture that offers professional services was reportedly hit by a ransomware attack launched by LockBit group. And reports are in that none of the servers were hit by the malware as proactive cybersecurity measures taken by the company paid well.

Ransomware 141

Ransomware Backups Malware Cryptocurrency 141

Security Affairs

JANUARY 7, 2021

The Ryuk ransomware had a disruptive impact on multiple industries around the world, operators already earned more than $150 million. The Ryuk ransomware gang is one of the most prolific criminal operations that caused destruction in multiple industries around the world. ” concludes the report.

Ransomware 145

Ransomware Cryptocurrency Antivirus Banking 145

Security Affairs

JUNE 18, 2024

Over the last few years, ransomware attacks have become one of the most prevalent and expensive forms of cybercrime. Today, this tactic has evolved, where ransomware operators in nearly every case first exfiltrate sensitive data and then threaten to publicly expose it if a ransom demand is not paid.

Ransomware 144

Ransomware Cryptocurrency Insurance Cybercrime 144

Krebs on Security

MAY 13, 2024

and Australia in sanctioning and charging a Russian man named Dmitry Yuryevich Khoroshev as the leader of the infamous LockBit ransomware group. This user said they specialize in developing malware, creating computer worms, and crafting new ways to hijack Web browsers. Last week, the United States joined the U.K. “P.S.

Ransomware 277

Ransomware Cybercrime Accountability Malware 277

CyberSecurity Insiders

SEPTEMBER 23, 2022

For this reason, some hacking groups who were into ransomware attacks have set up a separate sect of threat actors who are being assigned the job of target corporate networks and corrupt files. Technically, it is proving easy and cannot be red-lined by anti-malware solutions, as they cannot term it as a suspicious activity.

Ransomware 142

Ransomware Encryption Cryptocurrency Malware 142

Security Affairs

MARCH 20, 2024

security flaws in JetBrains TeamCity to deploy multiple malware families and gain administrative control over impacted systems. They are then able to perform RCE and TeamCity-related processes, such as spawning a command and scripting interpreter (including PowerShell) to download additional malware or perform discovery commands.”

Malware 141

Malware Authentication Cryptocurrency Ransomware 141

CyberSecurity Insiders

AUGUST 6, 2021

Gangs spreading LockBit ransomware are reportedly bribing employees of corporate companies to enter their computer network and compromise it with file encrypting malware. ransomware spreading gang seems to go employing craze techniques to keep their money counters ringing. As LockBit 2.0

Ransomware 144

Ransomware VPN Encryption Cryptocurrency 144

Krebs on Security

JUNE 15, 2021

Department of Justice (DOJ) last week announced the arrest of a 55-year-old Latvian woman who’s alleged to have worked as a programmer for Trickbot , a malware-as-a-service platform responsible for infecting millions of computers and seeding many of those systems with ransomware.

Cybercrime 335

Cybercrime Ransomware Passwords Banking 335

Security Affairs

OCTOBER 30, 2023

A sophisticated malware tracked as StripedFly remained undetected for five years and infected approximately one million devices. Researchers from Kaspersky discovered a sophisticated malware, dubbed StripedFly, that remained under the radar for five years masquerading as a cryptocurrency miner. “What was the real purpose?

Malware 142

Malware Cryptocurrency Ransomware Hacking 142

Security Affairs

APRIL 19, 2021

XCSSET, a Mac malware targeting Xcode developers, was now re-engineered and employed in a campaign aimed at Apple’s new M1 chips. Experts from Trend Micro have uncovered a Mac malware campaign targeting Xcode developers that employed a re-engineered version of the XCSSET malware to support Apple’s new M1 chips.

Malware 142

Malware Cryptocurrency Architecture Engineering 142

CyberSecurity Insiders

APRIL 30, 2021

Nitro Ransomware, a new variant of file encrypting malware is shaking up the internet by demanding Discord Nitro Gift Cards from victims instead of cryptocurrency. But with Nitro Ransomware the situation seems to be different. In this malware attack, hackers indulge in data stealing and encryption as usual.

Ransomware 142

Ransomware Encryption Cryptocurrency Internet 142

Security Affairs

NOVEMBER 4, 2020

The source code for the KPot information stealer was put up for auction and the REvil ransomware operators want to acquire it. The authors of KPot information stealer have put its source code up for auction , and the REvil ransomware operators will likely be the only group to bid. SecurityAffairs – hacking, malware).

Ransomware 145

Ransomware Malware Advertising Cybercrime 145

Krebs on Security

APRIL 7, 2022

and Germany moved to decapitate “ Hydra ,” a billion-dollar Russian darknet drug bazaar that also helped to launder the profits of multiple Russian ransomware groups. That amount included roughly $8 million in ransomware proceeds laundered through Hydra on behalf of multiple ransomware groups, including Ryuk and Conti.

Marketing 287

Marketing Energy and Utilities Malware Ransomware 287

Security Affairs

NOVEMBER 19, 2024

Russian Phobos ransomware operator Evgenii Ptitsyn, accused of managing attacks, was extradited from South Korea to the US to face cybercrime charges. Russian Phobos ransomware operator Evgenii Ptitsyn, suspected of playing a key role in the ransomware operations, was extradited from South Korea to the US to face cybercrime charges.

Cybercrime 123

Cybercrime Ransomware Healthcare Education 123

Malwarebytes

SEPTEMBER 19, 2023

The German police in cooperation with the US Secret Service have executed search warrants against suspected members of the DoppelPaymer ransomware group in Germany and Ukraine. Cryptocurrency investigators use specialized strategies to track down criminals. Although cryptocurrency is anonymous, that doesn't mean it's untraceable.

Ransomware 142

Ransomware Backups Cryptocurrency Cybercrime 142

Security Affairs

OCTOBER 16, 2023

Researchers uncovered an ongoing campaign abusing popular messaging platforms Skype and Teams to distribute the DarkGate malware. The threat actors abused popular messaging platforms such as Skype and Teams to deliver a script used as a loader for a second-stage payload, which was an AutoIT script containing the DarkGate malware.

Malware 142

Malware Cryptocurrency Accountability Cybercrime 142

Malwarebytes

FEBRUARY 17, 2023

The tag-team campaign serves up ransomware known as Mortal Kombat, which borrows the name made famous by the video game, and Laplas Clipper malware, a clipboard stealer. The email is cryptocurrency themed, and claims that a payment of yours has “timed out” and will need resending.

Ransomware 97

Ransomware Malware Cryptocurrency Encryption 97

Security Affairs

JULY 23, 2022

DoJ seized $500,000 worth of Bitcoin from North Korea-linked threat actors who are behind the Maui ransomware. Department of Justice (DoJ) has seized $500,000 worth of Bitcoin from North Korean threat actors who used the Maui ransomware to target several organizations worldwide. reads the advisory published by US authorties.

Ransomware 145

Ransomware Healthcare Cryptocurrency Encryption 145

CyberSecurity Insiders

JULY 21, 2021

Oil Company Saudi Aramco that produces oil and fossil fuel through drilling technologies has confirmed that a ransomware group infiltrated the servers of one of its contractors last month and got hold of over 1TB data that is now on the dark web for sale. Note- Usually, a ransomware gang encrypts data until a ransom is paid.

Ransomware 139

Ransomware Encryption Cryptocurrency Cyber Attacks 139

CyberSecurity Insiders

OCTOBER 24, 2022

United States Cybersecurity and Infrastructure Security Agency(CISA) has issued an advisory to all hospitals and healthcare providers about a new ransomware dubbed ‘Daixin Team’ doing rounds on the internet. The post CISA says hospitals should be wary of new Daixin Team Ransomware appeared first on Cybersecurity Insiders.

Ransomware 140

Ransomware Healthcare Cryptocurrency Malware 140