Security Affairs

FEBRUARY 3, 2025

The Russian-speaking Crazy Evil group runs over 10 social media scams, tricking victims into installing StealC, AMOS, and Angel Drainer malware. Since 2021, the Crazy Evil gang has become a major cybercriminal group, using phishing, identity fraud, and malware to steal cryptocurrency.

Scams 83

Scams Media Cryptocurrency Cybercrime 83

Krebs on Security

JANUARY 31, 2025

The FBI and authorities in The Netherlands this week seized dozens of servers and domains for a hugely popular spam and malware dissemination service operating out of Pakistan. The proprietors of the service, who use the collective nickname “ The Manipulaters ,” have been the subject of three stories published here since 2015.

Phishing 254

Phishing Cybercrime Advertising Malware 254

Krebs on Security

NOVEMBER 1, 2024

” “That said, the phishing attacks stem from partners’ machines being compromised with malware, which has enabled them to also gain access to the partners’ accounts and to send the messages that your reader has flagged,” they continued. A scan of social media networks showed this is not an uncommon scam.

Phishing 263

Phishing Accountability Artificial Intelligence Cybercrime 263

Krebs on Security

APRIL 18, 2023

For the past seven years, a malware-based proxy service known as “ Faceless ” has sold anonymity to countless cybercriminals. The proxy lookup page inside the malware-based anonymity service Faceless. as a media sharing device on a local network that was somehow exposed to the Internet. Image: spur.us.

Malware 295

Malware Passwords Accountability Advertising 295

Malwarebytes

JANUARY 3, 2025

The Nova Stealer and the Ageo Stealer are a Malware-as-a-Service (MaaS) stealer where criminals rent out the malware and the infrastructure to other criminals. Another campaign uses blogspot to host their malware. Protect your social media accounts by using Malwarebytes Identity Theft Protection. fr leyamor[.]com

Scams 140

Scams Identity Theft Media Accountability 140

Security Affairs

OCTOBER 11, 2024

The group used the chatbot to receive support in Android malware development and to create a scraper for the social media platform Instagram. “This actor used our models to debug malware, for coding assistance in creating a basic scraper for Instagram, and to translate LinkedIn profiles into Persian.

Malware 136

Malware Social Engineering Engineering Hacking 136

Security Affairs

OCTOBER 29, 2024

RedLine and META targeted millions of victims worldwide, according to Eurojust it was one of the largest malware platforms globally. Authorities discovered that over 1 200 servers in dozens of countries were running the malware. ESET released a free online scanner for Redline and META that can help users detect and remove malware.

Identity Theft 124

Identity Theft Passwords Malware Banking 124

Schneier on Security

SEPTEMBER 19, 2024

The FBI has shut down a botnet run by Chinese hackers: The botnet malware infected a number of different types of internet-connected devices around the world, including home routers, cameras, digital video recorders, and NAS drives.

Telecommunications 299

Telecommunications Media Malware Internet 299

Security Affairs

MARCH 2, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 62

Malware Architecture IoT Ransomware 62

Malwarebytes

MARCH 26, 2025

Our free Digital Footprint scan searches the dark web, social media, and other online sources, to tell you where your data has been exposed. Sure, its more convenient to get sites to remember your card details for you, but we highly recommend not storing that information. Find out what information is already out there.

Phishing 109

Phishing Malware Passwords Password Management 109

Security Affairs

MARCH 27, 2025

Cybercriminals are exploiting the popularity of DeepSeek by using fake sponsored Google ads to distribute malware. While DeepSeek is rising in popularity, threat actors are attempting to exploit it by using fake sponsored Google ads to distribute malware, Malwarebytes researchers warn. ” reads the alert published by Malwarebytes.

Malware 67

Malware Data collection Advertising Media 67

SecureList

MARCH 25, 2025

In mid-March 2025, Kaspersky technologies detected a wave of infections by previously unknown and highly sophisticated malware. Our research is still ongoing, but judging by the functionality of the sophisticated malware used in the attack, it seems the attackers’ goal was espionage. Generic Trojan.Win64.Agent Agent Trojan.Win64.Convagent.gen

Malware 127

Malware Education Technology Media 127

Malwarebytes

DECEMBER 5, 2024

Volt Typhoon made headlines earlier this year when the FBI removed their malware from hundreds of routers across the US. We don’t just report on threats – we help protect your social media Cybersecurity risks should never spread beyond a headline.

Encryption 141

Encryption Identity Theft Media Telecommunications 141

Malwarebytes

FEBRUARY 4, 2025

These agents could even hold people for ransom by matching stolen data online with publicly known email addresses or social media accounts, composing messages and holding entire conversations with victims who believe a human hacker out there has access to their Social Security Number, physical address, credit card info, and more.

Artificial Intelligence 143

Artificial Intelligence Small Business Malware Technology 143

Security Affairs

AUGUST 4, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 139

Malware Spyware Media Phishing 139

Krebs on Security

NOVEMBER 28, 2022

But that story omitted an important historical detail about Pushwoosh: In 2013, one of its developers admitted to authoring the Pincer Trojan , malware designed to surreptitiously intercept and forward text messages from Android mobile devices. But Reuters found that while Pushwoosh’s social media and U.S.

Mobile 288

Mobile Malware Technology Government 288

Krebs on Security

NOVEMBER 9, 2024

A review of EDR vendors across many cybercrime forums shows that some fake EDR vendors sell the ability to send phony police requests to specific social media platforms, including forged court-approved documents. “Unfortunately, a lot of this is phishing or malware campaigns,” Donahue said. dot-gov emails get hacked.

Hacking 281

Hacking Accountability Government Social Engineering 281

Krebs on Security

NOVEMBER 5, 2024

404 Media reports that at a court hearing in Ontario this morning, Moucka called in from a prison phone and said he was seeking legal aid to hire an attorney. “Most of my ops involve malware [because] credential access burns too fast,” Judische explained. prosecutors and federal law enforcement agencies.

Cybercrime 277

Cybercrime Mobile Media Hacking 277

The Hacker News

APRIL 10, 2024

Cybersecurity researchers have discovered a new Raspberry Robin campaign wave that propagates the malware through malicious Windows Script Files (WSFs) since March 2024.

Malware 138

Malware Media Cybersecurity 138

Schneier on Security

JUNE 23, 2021

To evade detection, the malware makes use of the company’s so-called “invisible low stealth technology” and its Android product is advertised as having “low data and battery consumption” to prevent people from suspecting their phone or tablet has been infected.

Manufacturing 296

Manufacturing Spyware Surveillance Marketing 296

Krebs on Security

SEPTEMBER 17, 2020

The government alleges the men used malware-laced phishing emails and “supply chain” attacks to steal data from companies and their customers. APT41 was known to hide its malware inside fake resumes that were sent to targets. APT41’s activities span from the mid-2000s to the present day.

Antivirus 363

Antivirus Hacking Software Government 363

The Hacker News

FEBRUARY 2, 2025

A Russian-speaking cybercrime gang known as Crazy Evil has been linked to over 10 active social media scams that leverage a wide range of tailored lures to deceive victims and trick them into installing malware such as StealC, Atomic macOS Stealer (aka AMOS), and Angel Drainer.

Malware 128

Malware Cryptocurrency Scams Cybercrime 128

Security Affairs

NOVEMBER 1, 2024

LightSpy can steal files from multiple popular applications like Telegram, QQ, and WeChat, as well as personal documents and media stored on the device. Destructive plugin: capable of deleting media files from the device PushMessage 1.0.0 Destructive plugin: capable of deleting media files from the device PushMessage 1.0.0

Spyware 142

Spyware Media Malware Hacking 142

Adam Levin

MARCH 31, 2022

Backups are inherently fallible, and can fall prey to malware, ransomware, power surges, and hardware failure. The only way to make sure your data is truly secured is by having backups of your backups.

Backups 293

Backups Media Malware Internet 293

Malwarebytes

MARCH 10, 2025

But mshta will fetch the malicious media file from the specified domain and run it. The name of the media file may look perfectly fine. For a while, the malware we were seeing downloaded was almost exclusively the Lumma Stealer infostealer, but recently we’ve also found campaigns that use the same method to spread the SecTopRAT.

Social Engineering 138

Social Engineering Media Scams Malware 138

Trend Micro

JULY 31, 2024

We uncovered a malvertising campaign where the threat actor hijacks social media pages, renames them to mimic popular AI photo editors, then posts malicious links to fake websites.

Media 122

Media Cyber threats Phishing Malware 122

Security Affairs

NOVEMBER 5, 2024

” UNC5537 used stolen credentials obtained via infostealer malware. Independent news outlet 404 Media also confirmed Krebs’s findings 404 Media in September 2024. This led to extensive data theft, with the attackers later attempting to extort victims and sell stolen data on criminal forums.

Unstructured Data 120

Unstructured Data Media Cybercrime Hacking 120

The Hacker News

MARCH 10, 2025

The Middle East and North Africa have become the target of a new campaign that delivers a modified version of a known malware called AsyncRAT since September 2024.

Malware 108

Malware Media Technology 108

Joseph Steinberg

NOVEMBER 30, 2021

Initiate contact with a charity via its website/listed phone number/physical address/official social media accounts; never send payment details to anyone who initiates contact with you and claims to represent a charity. Also, keep in mind that image links could point to malware-spreading sites. Always use outbound communications.

Scams 363

Scams Artificial Intelligence Media Cryptocurrency 363

SecureList

NOVEMBER 29, 2024

Kaspersky solutions worldwide detected this type of malware on 297,485 unique user devices. This malware also possessed the capability to install a backdoor on compromised systems. User-generated content platforms, such as forums, and compromised legitimate websites are both susceptible to malware infection. 2 Tajikistan 1.63

Mobile 106

Mobile Adware Ransomware Malware 106

Security Affairs

OCTOBER 13, 2024

The Mexican Drug Cartels Want You Casio: Notice of Partial Service Outage and Information Leak Caused by Ransomware Attack He founded a “startup” to access sanctioned Russian websites: the cyber police of Khmelnytskyi region exposed the hacker Hacked ‘AI Girlfriend’ Data Shows Prompts Describing Child Sexual Abuse Malware Over 300,000!

Data breaches 116

Data breaches Cryptocurrency Artificial Intelligence Cybercrime 116

Schneier on Security

MAY 17, 2023

The BlackLotus bootkit is the first-known real-world malware that can bypass Secure Boot protections, allowing for the execution of malicious code before your PC begins loading Windows and its many security protections. Microsoft is currently patching a zero-day Secure-Boot bug.

Media 298

Media Malware Software 298

Krebs on Security

APRIL 20, 2023

Researchers at ESET say this job offer from a phony HSBC recruiter on LinkedIn was North Korean malware masquerading as a PDF file. Mandiant found the compromised 3CX software would download malware that sought out new instructions by consulting encrypted icon files hosted on GitHub. Image: Mandiant.

Malware 330

Malware Software Technology Accountability 330

Krebs on Security

APRIL 9, 2024

Only three of April’s vulnerabilities earned Microsoft’s most-dire “critical” rating, meaning they can be abused by malware or malcontents to take remote control over unpatched systems with no help from users. Tempering the sheer volume of this month’s patches is the middling severity of many of the bugs.

DNS 305

DNS Social Engineering Malware Media 305

Security Affairs

JANUARY 27, 2025

The vulnerability is a privilege escalation vulnerability that impacts the Core Media framework. The Apple Core Media framework supports multimedia tasks like playback, recording, and manipulation of audio and video on iOS and macOS devices. “A malicious application may be able to elevate privileges.

Spyware 119

Spyware Surveillance Media Hacking 119

Malwarebytes

FEBRUARY 19, 2025

These findings come from the 2025 State of Malware report. The threat of info stealers Info stealers are a type of malware that do exactly as they saythey steal information from peoples devices. But the variety of information that these pieces of malware can steal makes them particularly dangerous.

Malware 121

Malware Software Passwords Cryptocurrency 121

The Last Watchdog

FEBRUARY 4, 2025

Malware reverse engineering to combat ransomware: SpyCloud specializes in the tracking and analyzing of malware with deep insights into pervasive infostealers such as Lumma C2 , Redline Stealer, Vidar, and more as they are often a precursor to ransomware.

Cybercrime 124

Cybercrime Phishing Accountability Malware 124