Security Affairs

APRIL 2, 2025

FIN7 cybercrime group has been linked to Anubis, a Python-based backdoor that provides remote access to compromised Windows systems. The threat actor FIN7 , also known as Savage Ladybug, has developed a new Python-based malware, named Anubis Backdoor, which allows attackers to gain full remote control over infected Windows systems.

Antivirus 124

Antivirus Cybercrime Malware Encryption 124

Security Affairs

JANUARY 10, 2025

In August 2024, Russian crooks advertised a macOS malware called BANSHEE Stealer that can target both x86_64 and ARM64 architectures. The malware authors claimed it can steal a broad range of data from compromised systems, including browser data, cryptocurrency wallets, and around 100 browser extensions.

Malware 119

Malware Advertising Antivirus Cybercrime 119

Security Affairs

MARCH 25, 2025

Researchers warn of a new Android malware that uses.NET MAUI to mimic legit services and evade detection. McAfee researchers warn of Android malware campaigns using.NET MAUI to evade detection. Another malware observed by the experts targets Chinese-speaking users, stealing contacts, SMS, and photos through third-party app stores.

Malware 72

Malware Encryption Banking Cyber threats 72

Security Affairs

OCTOBER 20, 2024

CISA adds Microsoft Windows Kernel, Mozilla Firefox and SolarWinds Web Help Desk bugs to its Known Exploited Vulnerabilities catalog GitHub addressed a critical vulnerability in Enterprise Server A new Linux variant of FASTCash malware targets financial systems WordPress Jetpack plugin critical flaw impacts 27 million sites Pokemon dev Game Freak discloses (..)

Data breaches 115

Data breaches Cybercrime Cyber Insurance Marketing 115

Security Affairs

APRIL 13, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Lazarus Expands Malicious npm Campaign: 11 New Packages Add Malware Loaders and Bitbucket Payloads BadBazaar: iOS and Android Surveillanceware by Chinas APT15 Used to Target Tibetans and Uyghurs GOFFEE continues to attack (..)

Malware 68

Malware Spyware Government Mobile 68

Krebs on Security

JANUARY 27, 2021

and Bulgarian authorities this week seized the darkweb site used by the NetWalker ransomware cybercrime group to publish data stolen from its victims. million last summer in exchange for a digital key needed to unlock files encrypted by the ransomware. For example, the University of California, San Francisco paid $1.4

Ransomware 335

Ransomware Cybercrime Antivirus Encryption 335

Security Affairs

APRIL 20, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malicious NPM Packages Targeting PayPal Users New Malware Variant Identified: ResolverRAT Enters the Maze Nice chatting with you: what connects cheap Android smartphones, WhatsApp and cryptocurrency theft?

Malware 62

Malware Cryptocurrency Engineering Encryption 62

Security Affairs

NOVEMBER 26, 2024

Banshee Stealer, a MacOS Malware-as-a-Service, shut down after its source code leaked online. In August 2024, Russian hackers promoted BANSHEE Stealer, a macOS malware targeting x86_64 and ARM64, capable of stealing browser data, crypto wallets, and more. The code is now available on GitHub. concludes the report.

Malware 143

Malware Cryptocurrency Encryption Passwords 143

SecureList

FEBRUARY 5, 2025

In March 2023, researchers at ESET discovered malware implants embedded into various messaging app mods. The campaign, which targeted Android and Windows users, saw the malware spread through unofficial sources. The campaign, which targeted Android and Windows users, saw the malware spread through unofficial sources.

Malware 143

Malware Encryption Mobile Cryptocurrency 143

Security Affairs

APRIL 26, 2024

As cryptocurrencies have grown in popularity, there has also been growing concern about cybercrime involvement in this sector Cryptocurrencies have revolutionized the financial world, offering new investment opportunities and decentralized transactions. Compromised websites and malware are often at the root of these types of attacks.

Cryptocurrency 128

Cryptocurrency Cybercrime Education Scams 128

Security Affairs

MARCH 23, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Decrypting Encrypted files from Akira Ransomware (Linux/ESXI variant 2024) using a bunch of GPUs Jaguar Land Rover Breached by HELLCAT Ransomware Group Using Its Infostealer PlaybookThen a Second Hacker Strikes ClearFakes (..)

Malware 64

Malware Threat Detection Cryptocurrency Ransomware 64

Security Affairs

MARCH 15, 2025

Pirated software seekers are targeted by the new MassJacker clipper malware, according to CyberArk researchers. A new malware campaign spreading a new clipper malware dubbed MassJacker targets users searching for pirated software, Cyberark users warn. com) distributing pirated software that also spreads malware.

Software 105

Software Cryptocurrency Malware Encryption 105

Krebs on Security

JULY 25, 2023

Now new findings reveal that AVrecon is the malware engine behind a 12-year-old service called SocksEscort , which rents hacked residential and small business devices to cybercriminals looking to hide their true location online. ” According to Kilmer, AVrecon is the malware that gives SocksEscort its proxies.

Malware 238

Malware VPN Internet Internet 238

Krebs on Security

AUGUST 19, 2021

Apparently now that includes emailing employees directly and asking them to unleash the malware inside their employer’s network in exchange for a percentage of any ransom amount paid by the victim company. Image: Abnormal Security. billion in 2020. Image: FBI. For example, the Lockbit 2.0

Ransomware 363

Ransomware Social Engineering Cybercrime Scams 363

Security Affairs

FEBRUARY 16, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 66

Malware Data breaches Mobile Encryption 66

Security Affairs

FEBRUARY 9, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 67

Malware Scams Banking Ransomware 67

Krebs on Security

MAY 13, 2024

This post examines the activities of Khoroshev’s many alter egos on the cybercrime forums, and tracks the career of a gifted malware author who has written and sold malicious code for the past 14 years. was used by a Russian-speaking member called Pin on the English-language cybercrime forum Opensc. Image: treasury.gov.

Ransomware 297

Ransomware Cybercrime Accountability Malware 297

Security Affairs

MARCH 8, 2025

The Akira ransomware gang exploited an unsecured webcam to bypass EDR and launch encryption attacks on a victim’s network. The ransomware group used an unsecured webcam to encrypt systems within atarget’s network, bypassing Endpoint Detection and Response (EDR). Akira successfully encrypted files across the network.

Ransomware 128

Ransomware IoT Encryption Passwords 128

Security Affairs

JANUARY 12, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 59

Malware Scams Phishing Encryption 59

Security Affairs

MARCH 9, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 66

Malware DDOS Hacking Ransomware 66

Security Affairs

JANUARY 19, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 64

Malware Artificial Intelligence DNS Ransomware 64

Security Affairs

NOVEMBER 17, 2024

Agency Warns Employees About Phone Use Amid Ongoing China Hack APT Actors Embed Malware within macOS Flutter Applications The Botnet is Back: SSC STRIKE Team Uncovers a Renewed Cyber Threat Iranian “Dream Job” Campaign 11.24

Cryptocurrency 111

Cryptocurrency Malware Hacking Ransomware 111

Krebs on Security

OCTOBER 8, 2020

But judging from the proliferation of help-wanted ads for offensive pentesters in the cybercrime underground, today’s attackers have exactly zero trouble gaining that initial intrusion: The real challenge seems to be hiring enough people to help everyone profit from the access already gained. THE DOCTOR IS IN. ” WHO IS DR. SAMUIL?

Cybercrime 350

Cybercrime Malware VPN Ransomware 350

Krebs on Security

JANUARY 27, 2021

Authorities across Europe on Tuesday said they’d seized control over Emotet , a prolific malware strain and cybercrime-as-service operation. Investigators say the action could help quarantine more than a million Microsoft Windows systems currently compromised with malware tied to Emotet infections. The U.S.

Malware 311

Malware Cybercrime Ransomware Banking 311

Security Affairs

OCTOBER 13, 2024

The Mexican Drug Cartels Want You Casio: Notice of Partial Service Outage and Information Leak Caused by Ransomware Attack He founded a “startup” to access sanctioned Russian websites: the cyber police of Khmelnytskyi region exposed the hacker Hacked ‘AI Girlfriend’ Data Shows Prompts Describing Child Sexual Abuse Malware Over 300,000!

Data breaches 116

Data breaches Cryptocurrency Artificial Intelligence Cybercrime 116

Krebs on Security

JUNE 16, 2021

First debuting in early 2019, CLOP is one of several ransomware groups that hack into organizations, launch ransomware that encrypts files and servers, and then demand an extortion payment in return for a digital key needed to unlock access. ? /.

Ransomware 358

Ransomware Cybercrime Malware Encryption 358

Krebs on Security

MARCH 28, 2021

New data suggests someone has compromised more than 21,000 Microsoft Exchange Server email systems worldwide and infected them with malware that invokes both KrebsOnSecurity and Yours Truly by name. “web shells”) that various cybercrime groups worldwide have been using to commandeer any unpatched Exchange servers.

Hacking 363

Hacking Cybercrime DNS Internet 363

Krebs on Security

JANUARY 7, 2025

” Perm is the current administrator of Star Fraud , one of the more consequential cybercrime communities on Telegram and one that has emerged as a foundry of innovation in voice phishing attacks. That is why I am not worried as we see criminals migrate to various ‘encrypted’ platforms that promise to ignore thepolice.

Phishing 336

Phishing Cryptocurrency Accountability Social Engineering 336

Security Affairs

JANUARY 5, 2025

PLAYFULGHOST is a new malware family with capabilities including keylogging, screen and audio capture, remote shell access, and file transfer/execution. The backdoor is distributed through: Phishing emails with themes such as code of conduct to trick users into downloading the malware. ” reads the report published by Google.

Malware 129

Malware Encryption Phishing Hacking 129

Krebs on Security

JULY 1, 2020

Emboldened by their successes, several ransomware gangs recently have started demanding two ransoms : One payment to secure a digital key that can unlock files, folders and directories encrypted by their malware, and a second to avoid having any stolen information published or shared with others. Maybe you disagree, dear readers?

Ransomware 350

Ransomware Cybercrime Encryption Malware 350

Security Affairs

JULY 6, 2022

Hive ransomware operators have improved their file-encrypting module by migrating to Rust language and adopting a more sophisticated encryption method. ” These upgrades prove that Hive is one of the fastest evolving ransomware families in the cybercrime ecosystem. . ” reads the post published by Microsoft.

Encryption 138

Encryption Ransomware Cybercrime Malware 138

Security Affairs

OCTOBER 9, 2023

A threat actor has leaked the source code for the first version of the HelloKitty ransomware on a Russian-speaking cybercrime forum. The availability of the source in the cybercrime ecosystem can allow threat actors to develop their own version of the Hello Kitty ransomware.

Cybercrime 140

Cybercrime Ransomware DDOS Encryption 140

Security Affairs

NOVEMBER 24, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Android Malware Detection Based on Behavioral-Level Features with Graph Convolutional Networks.

Malware 62

Malware Spyware Antivirus VPN 62

Security Affairs

MARCH 21, 2025

Law Enforcement and Cybercrime Control Russian authorities may want to monitor criminal organizations, opposition groups, or foreign entities using Telegram. Given Telegrams end-to-end encryption and widespread use, an exploit that bypasses its security could be a game-changer for cyber espionage. continues the announcement.

Government 144

Government Surveillance Mobile Hacking 144

Security Affairs

FEBRUARY 13, 2025

The researchers pointed out that tools belonging to the arsenal of China-linked APT groups are often shared resources, however, many arent publicly available and arent usually associated with cybercrime activity. The attack used a Toshiba executable to sideload PlugX malware.

Ransomware 116

Ransomware Software Cybercrime Encryption 116

SecureList

APRIL 18, 2022

Kaspersky experts have found a vulnerability in the Yanluowang encryption algorithm and created a free decryptor to help victims of this ransomware with recovering their files. This is necessary to make files used by other programs available for encryption. The encryption code for big files. Yanluowang description.

Encryption 145

Encryption Ransomware Backups VPN 145

SecureList

APRIL 18, 2022

Kaspersky experts have found a vulnerability in the Yanluowang encryption algorithm and created a free decryptor to help victims of this ransomware with recovering their files. This is necessary to make files used by other programs available for encryption. The encryption code for big files. Yanluowang description.

Encryption 145

Encryption Ransomware Backups VPN 145