Security Affairs

MARCH 15, 2025

Pirated software seekers are targeted by the new MassJacker clipper malware, according to CyberArk researchers. A new malware campaign spreading a new clipper malware dubbed MassJacker targets users searching for pirated software, Cyberark users warn. com) distributing pirated software that also spreads malware.

Software 117

Software Cryptocurrency Malware Encryption 117

Webroot

OCTOBER 31, 2024

This year has seen ransomware groups adapt and innovate, pushing the boundaries of their malicious capabilities and evasiveness from law enforcement. In our annual “Nastiest Malware” report, now in its sixth year, we’ve observed a steady increase in both the number and sophistication of malware attacks.

Malware 104

Malware Ransomware Passwords Healthcare 104

Krebs on Security

NOVEMBER 14, 2024

Shefel asserts he and his team were responsible for developing the card-stealing malware that Golubov’s hackers installed on Target and Home Depot payment terminals, and that at the time he was technical director of a long-running Russian cybercrime community called Lampeduza. “I’m also godfather of his second son.”

Retail 248

Retail Advertising Cryptocurrency Marketing 248

Krebs on Security

JUNE 2, 2020

The criminal group behind the REvil ransomware enterprise has begun auctioning off sensitive data stolen from companies hit by its malicious software. Over the past 24 hours, the crooks responsible for spreading the ransom malware “REvil” (a.k.a. A partial screenshot from the REvil ransomware group’s Dark Web blog.

Ransomware 337

Ransomware Backups Encryption Internet 337

Krebs on Security

JANUARY 28, 2022

In December 2021, researchers discovered a new ransomware-as-a-service named ALPHV (a.k.a. “ BlackCat “), considered to be the first professional cybercrime group to create and use a ransomware strain written in the Rust programming language. Image: Varonis. Image: Varonis. The upshot? ” Meanwhile, the U.S.

Ransomware 322

Ransomware Accountability Cybercrime Malware 322

Security Affairs

MARCH 23, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Decrypting Encrypted files from Akira Ransomware (Linux/ESXI variant 2024) using a bunch of GPUs Jaguar Land Rover Breached by HELLCAT Ransomware Group Using Its Infostealer PlaybookThen a Second Hacker Strikes ClearFakes (..)

Malware 64

Malware Threat Detection Cryptocurrency Ransomware 64

eSecurity Planet

DECEMBER 21, 2021

There are few guarantees in the IT industry, but one certainty is that as the world steps into 2022, ransomware will continue to be a primary cyberthreat. The dangers from ransomware have risen sharply since WannaCry and NotPetya hit the scene in 2017, and this year has been no different. Cryptocurrency Fuels Ransomware.

Cryptocurrency 140

Cryptocurrency Ransomware Cybercrime Social Engineering 140

Security Affairs

DECEMBER 21, 2024

Romanian national was sentenced to 20 years in prison for his role in NetWalker ransomware attacks, pleading guilty to fraud charges in June. Romanian national Daniel Christian Hulea, 30, was sentenced to 20 years in prison for his role in NetWalker ransomware attacks. in cryptocurrency obtained from ransom payments.

Ransomware 107

Ransomware Healthcare Government Cryptocurrency 107

Krebs on Security

OCTOBER 31, 2022

A 26-year-old Ukrainian man is awaiting extradition from The Netherlands to the United States on charges that he acted as a core developer for Raccoon , a popular “malware-as-a-service” offering that helped paying customers steal passwords and financial data from millions of cybercrime victims. According to the U.S.

Malware 334

Malware Identity Theft Cybercrime Accountability 334

Security Affairs

MARCH 2, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 63

Malware Architecture IoT Ransomware 63

Krebs on Security

JULY 8, 2019

The crooks behind an affiliate program that paid cybercriminals to install the destructive and wildly successful GandCrab ransomware strain announced on May 31, 2019 they were terminating the program after allegedly having earned more than $2 billion in extortion payouts from victims. Image: Malwarebytes. The GandCrab identity on Exploit[.]in

Ransomware 276

Ransomware Accountability Cybercrime Passwords 276

Schneier on Security

JULY 6, 2020

There's a new ransomware for the Mac called ThiefQuest or EvilQuest. Given that ransomware is so rare on Macs to begin with, this one-two punch is especially noteworthy. But if you're someone who already torrents programs and is used to ignoring Apple's flags, ThiefQuest illustrates the risks of that approach.

Ransomware 233

Ransomware Spyware Cryptocurrency Passwords 233

Security Affairs

MARCH 13, 2025

The Medusa ransomware operation hit over 300 organizations in critical infrastructure sectors in the United States until February 2025. The FBI, CISA, and MS-ISAC have issued a joint advisory detailing Medusa ransomware tactics, techniques, and indicators of compromise (IOCs) based on FBI investigations as recent as February 2025.

Ransomware 70

Ransomware Encryption Cryptocurrency Insurance 70

Security Affairs

MARCH 14, 2025

The US Justice Department announced that the LockBit ransomware developer Rostislav Panev was extradited from Israel to the U.S. The US Justice Department announced that one of the LockBit ransomware developer, Rostislav Panev (51), has been extradited to the United States. reads the press release published by DoJ.

Ransomware 64

Ransomware Cryptocurrency Small Business Malware 64

CSO Magazine

SEPTEMBER 21, 2021

The Biden administration has introduced new sanctions against cryptocurrency exchange Suex to stifle revenue for ransomware groups. Suex, which has been accused by US officials of doing business with ransomware actors in the past, has had its access to US markets cut off as a result.

Cryptocurrency 125

Cryptocurrency Ransomware CSO Marketing 125

Security Affairs

NOVEMBER 3, 2024

Chinese threat actors use Quad7 botnet in password-spray attacks FBI arrested former Disney World employee for hacking computer menus and mislabeling allergy info Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide PTZOptics cameras zero-days actively exploited in the wild New LightSpy spyware (..)

Cryptocurrency 109

Cryptocurrency Hacking Phishing Cyber Attacks 109

Krebs on Security

DECEMBER 27, 2019

Synoptek , a California business that provides cloud hosting and IT management services to more than a thousand customer nationwide, suffered a ransomware attack this week that has disrupted operations for many of its clients, according to sources. A now-deleted Tweet from Synoptek on Dec.

Ransomware 220

Ransomware Media Financial Services Retail 220

Security Affairs

APRIL 26, 2024

As cryptocurrencies have grown in popularity, there has also been growing concern about cybercrime involvement in this sector Cryptocurrencies have revolutionized the financial world, offering new investment opportunities and decentralized transactions.

Cryptocurrency 130

Cryptocurrency Cybercrime Education Scams 130

The Hacker News

MAY 15, 2023

Poorly managed Microsoft SQL (MS SQL) servers are the target of a new campaign that's designed to propagate a category of malware called CLR SqlShell that ultimately facilitates the deployment of cryptocurrency miners and ransomware.

Malware 144

Malware Ransomware Cryptocurrency 144

Security Affairs

MARCH 8, 2021

Experts warn of ongoing attacks targeting QNAP network-attached storage (NAS) devices to abuse them in cryptocurrency mining. Researchers at 360Netlab are warning of a cryptocurrency malware campaign targeting unpatched QNAP network-attached storage (NAS) devices. Unity is an XMRig cryptocurrency miner. and Quick.tar.gz.

Cryptocurrency 140

Cryptocurrency Firmware Malware Threat Detection 140

Security Affairs

OCTOBER 13, 2024

The Mexican Drug Cartels Want You Casio: Notice of Partial Service Outage and Information Leak Caused by Ransomware Attack He founded a “startup” to access sanctioned Russian websites: the cyber police of Khmelnytskyi region exposed the hacker Hacked ‘AI Girlfriend’ Data Shows Prompts Describing Child Sexual Abuse Malware Over 300,000!

Data breaches 116

Data breaches Cryptocurrency Artificial Intelligence Cybercrime 116

CyberSecurity Insiders

MARCH 10, 2022

But here’s a news piece that gives details of a ransomware group that paid $6 million in salaries last year and even tried to develop its cryptocurrency. Conti Ransomware group is the hacking group in discussion and is reported to have been led by an individual code named ‘Stern’.

Cryptocurrency 119

Cryptocurrency Ransomware Banking Hacking 119

Malwarebytes

FEBRUARY 19, 2025

These findings come from the 2025 State of Malware report. Unlike ransomware, which is deployed against large businesses that cybercriminals hope can pay hefty ransoms, info stealers can deliver illicit gains no matter the target. But the variety of information that these pieces of malware can steal makes them particularly dangerous.

Malware 131

Malware Software Passwords Cryptocurrency 131

SecureList

NOVEMBER 29, 2024

More than 90,000 users experienced ransomware attacks. Nearly 18% of all victims published on ransomware gangs’ data leak sites (DLSs) had been hit by RansomHub. According to the UK’s National Crime Agency (NCA), this individual also was behind the infamous Reveton ransomware Trojan spread in 2012 — 2014.

Mobile 106

Mobile Adware Ransomware Malware 106

Krebs on Security

AUGUST 29, 2023

government today announced a coordinated crackdown against QakBot , a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. Qakbot/Qbot was once again the top malware loader observed in the wild in the first six months of 2023.

Hacking 302

Hacking Malware Ransomware Government 302

Security Affairs

JANUARY 2, 2022

North Korea-linked threat actors are behind some of the largest cyberattacks against cryptocurrency exchanges. North Korea-linked APT groups are suspected to be behind some of the largest cyberattacks against cryptocurrency exchanges. billion (2 trillion won) worth of cryptocurrency from multiple exchanges during the past five years.

Cryptocurrency 142

Cryptocurrency Cybercrime Media Government 142

The Hacker News

JUNE 27, 2024

The peer-to-peer malware botnet known as P2PInfect has been found targeting misconfigured Redis servers with ransomware and cryptocurrency miners. With its latest updates to the crypto miner, ransomware payload, and rootkit elements, it demonstrates

Ransomware 133

Ransomware Cryptocurrency Malware 133

Krebs on Security

MAY 13, 2024

and Australia in sanctioning and charging a Russian man named Dmitry Yuryevich Khoroshev as the leader of the infamous LockBit ransomware group. This user said they specialize in developing malware, creating computer worms, and crafting new ways to hijack Web browsers. Last week, the United States joined the U.K. “P.S.

Ransomware 290

Ransomware Cybercrime Accountability Malware 290

The Hacker News

NOVEMBER 26, 2021

A new malware campaign has been discovered targeting cryptocurrency, non-fungible token (NFT), and DeFi aficionados through Discord channels to deploy a crypter named "Babadeda" that's capable of bypassing antivirus solutions and stage a variety of attacks. "[T]his

Malware 140

Malware Antivirus Cryptocurrency Ransomware 140

Security Affairs

SEPTEMBER 22, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. UNC1860 and the Temple of Oats: Iran’s Hidden Hand in Middle Eastern Networks Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini

Malware 125

Malware IoT Healthcare Cryptocurrency 125

Security Affairs

MAY 1, 2021

Taiwanese vendor QNAP is warning its customers of AgeLocker ransomware attacks on their NAS devices. Crooks behind the AgeLocker ransomware operation are targeting QNAP NAS devices, the Taiwanese vendor warns. The malware was designed to abuse NAS resources and mine cryptocurrency. Pierluigi Paganini.

Ransomware 144

Ransomware Cryptocurrency Malware Internet 144

Krebs on Security

JUNE 15, 2021

Department of Justice (DOJ) last week announced the arrest of a 55-year-old Latvian woman who’s alleged to have worked as a programmer for Trickbot , a malware-as-a-service platform responsible for infecting millions of computers and seeding many of those systems with ransomware.

Cybercrime 351

Cybercrime Ransomware Passwords Banking 351

CyberSecurity Insiders

FEBRUARY 5, 2021

A scenario where software is being distributed as a service is being witnessed in the business of ransomware distribution these days. In a similar fashion, those creating ransomware are also seen selling it via a service called RaaS- Ransomware as a service. Meaning, the ransomware variants might be many.

Ransomware 142

Ransomware Cryptocurrency Malware Marketing 142

CyberSecurity Insiders

AUGUST 11, 2021

Accenture that offers professional services was reportedly hit by a ransomware attack launched by LockBit group. And reports are in that none of the servers were hit by the malware as proactive cybersecurity measures taken by the company paid well.

Ransomware 141

Ransomware Backups Malware Cryptocurrency 141

Security Affairs

JANUARY 7, 2021

The Ryuk ransomware had a disruptive impact on multiple industries around the world, operators already earned more than $150 million. The Ryuk ransomware gang is one of the most prolific criminal operations that caused destruction in multiple industries around the world. ” concludes the report.

Ransomware 145

Ransomware Cryptocurrency Antivirus Banking 145

CyberSecurity Insiders

SEPTEMBER 23, 2022

For this reason, some hacking groups who were into ransomware attacks have set up a separate sect of threat actors who are being assigned the job of target corporate networks and corrupt files. Technically, it is proving easy and cannot be red-lined by anti-malware solutions, as they cannot term it as a suspicious activity.

Ransomware 142

Ransomware Encryption Cryptocurrency Malware 142

CyberSecurity Insiders

AUGUST 6, 2021

Gangs spreading LockBit ransomware are reportedly bribing employees of corporate companies to enter their computer network and compromise it with file encrypting malware. ransomware spreading gang seems to go employing craze techniques to keep their money counters ringing. As LockBit 2.0

Ransomware 144

Ransomware VPN Encryption Cryptocurrency 144