Malware, Media and Phishing - Cyber Security Informer

FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang

Krebs on Security

JANUARY 31, 2025

The FBI and authorities in The Netherlands this week seized dozens of servers and domains for a hugely popular spam and malware dissemination service operating out of Pakistan. ” Manipulaters advertisement for Office 365 Private Page with Antibot phishing kit sold via Heartsender. Image: DomainTools. ” U.S.

Phishing

Phishing Cybercrime Advertising Malware

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

Krebs on Security

FEBRUARY 28, 2025

Security experts say the Russia-based service provider Prospero OOO (the triple O is the Russian version of “LLC”) has long been a persistent source of malicious software, botnet controllers, and a torrent of phishing websites. A fake browser update page pushing mobile malware. Image: Intrinsec.

Malware

Malware Antivirus Software DDOS

Booking.com Phishers May Leave You With Reservations

Krebs on Security

NOVEMBER 1, 2024

This story examines a recent spear-phishing campaign that ensued when a California hotel had its booking.com credentials stolen. KrebsOnSecurity last week heard from a reader whose close friend received a targeted phishing message within the Booking mobile app just minutes after making a reservation at a California.

Phishing

Phishing Accountability Artificial Intelligence Cybercrime

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

Phishing evolves beyond email to become latest Android app threat

Malwarebytes

FEBRUARY 11, 2025

There are plenty of phish in the sea, and the latest ones have little interest in your email inbox. In 2024, Malwarebytes detected more than 22,800 phishing apps on Android, according to the recent 2025 State of Malware report. These Android phishing apps may sound high-tech, but they are not.

Phishing

Phishing Passwords Mobile Authentication

Fake Booking.com phish uses fake CAPTCHAs to trick hotel staff into downloading malware

Malwarebytes

MARCH 26, 2025

A new phishing campaign that uses the fake CAPTCHA websites we reported about recently is targeting hotel staff in a likely attempt to access customer data, according to research from ThreatDown. Our free Digital Footprint scan searches the dark web, social media, and other online sources, to tell you where your data has been exposed.

Phishing

Phishing Malware Passwords Password Management

Arrest, Raids Tied to ‘U-Admin’ Phishing Kit

Krebs on Security

FEBRUARY 8, 2021

Cyber cops in Ukraine carried out an arrest and several raids last week in connection with the author of a U-Admin , a software package used to administer what’s being called “one of the world’s largest phishing services.” The U-Admin phishing panel interface. Image: fr3d.hk/blog. ” U-Admin, a.k.a.

Phishing

Phishing Scams Banking Mobile

Crazy Evil gang runs over 10 highly specialized social media scams

Security Affairs

FEBRUARY 3, 2025

The Russian-speaking Crazy Evil group runs over 10 social media scams, tricking victims into installing StealC, AMOS, and Angel Drainer malware. Since 2021, the Crazy Evil gang has become a major cybercriminal group, using phishing, identity fraud, and malware to steal cryptocurrency. Victim losses range from $0.10

Scams

Scams Media Cryptocurrency Cybercrime

News alert: CyTwist launches threat detection engine tuned to identify AI-driven malware in minutes

The Last Watchdog

JANUARY 7, 2025

Ramat Gan, Israel, January 7th, 2025, CyberNewswire — CyTwist , a leader in advanced next-generation threat detection solutions, has launched its patented detection engine to combat the insidious rise of AI-generated malware. Evasion: AI-generated threats mimic human behavior, complicating detection for security teams.

Threat Detection

Threat Detection Engineering Malware Artificial Intelligence

News alert: SpyCloud study shows gaps in EDR, antivirus — 66% of malware infections missed

The Last Watchdog

APRIL 7, 2025

Despite advanced AI detection and telemetry analysis offered in todays EDR solutions, modern infostealer malware is designed to evade even the most sophisticated defenses, using tactics like polymorphic malware, memory-only execution, and exploitation of zero-day vulnerabilities or outdated software.

Antivirus

Antivirus Malware Cybercrime Identity Theft

How threat actors can use generative artificial intelligence?

Security Affairs

DECEMBER 1, 2024

From generating deepfakes to enhancing phishing campaigns, GAI is evolving into a tool for large-scale cyber offenses GAI has captured the attention of researchers and investors for its transformative potential across industries. An example of this misuse is the creation of fraudulent social media profiles using GAI.

Artificial Intelligence

Artificial Intelligence Phishing Media Cyber threats

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Krebs on Security

NOVEMBER 9, 2024

A review of EDR vendors across many cybercrime forums shows that some fake EDR vendors sell the ability to send phony police requests to specific social media platforms, including forged court-approved documents. “Unfortunately, a lot of this is phishing or malware campaigns,” Donahue said. dot-gov emails get hacked.

Hacking

Hacking Accountability Government Social Engineering

GUEST ESSAY: Advanced tools, tactics required to defend latest attack variant — ‘DeepSea phishing’

The Last Watchdog

JULY 14, 2022

Phishing itself is not a new or a particularly complicated threat. But the emergence of advanced phishing techniques – “DeepSea Phishing” – poses an entirely new challenge for enterprises. The financial impact of phishing attacks quadrupled over the past six years, with the average cost for U.S. companies rising to $14.8

Phishing

Phishing Education Cybersecurity Threat Detection

Iran and China-linked actors used ChatGPT for preparing attacks

Security Affairs

OCTOBER 11, 2024

The group used the chatbot to receive support in Android malware development and to create a scraper for the social media platform Instagram. “This actor used our models to debug malware, for coding assistance in creating a basic scraper for Instagram, and to translate LinkedIn profiles into Persian.

Malware

Malware Social Engineering Engineering Hacking

Operation ForumTroll: APT attack with Google Chrome zero-day exploit chain

SecureList

MARCH 25, 2025

In mid-March 2025, Kaspersky technologies detected a wave of infections by previously unknown and highly sophisticated malware. In all cases, infection occurred immediately after the victim clicked on a link in a phishing email, and the attackers’ website was opened using the Google Chrome web browser. Generic Trojan.Win64.Agent

Malware

Malware Education Technology Media

New AI “agents” could hold people for ransom in 2025

Malwarebytes

FEBRUARY 4, 2025

These agents could even hold people for ransom by matching stolen data online with publicly known email addresses or social media accounts, composing messages and holding entire conversations with victims who believe a human hacker out there has access to their Social Security Number, physical address, credit card info, and more.

Artificial Intelligence

Artificial Intelligence Small Business Malware Technology

Hackers Exploit Zoom's Remote Control Feature in Cryptocurrency Heists

SecureWorld News

APRIL 22, 2025

Attack methodology: a step-by-step breakdown The Elusive Comet campaign begins with cybercriminals impersonating venture capitalists, media representatives, or business partners to lure cryptocurrency professionals into Zoom meetings.

Cryptocurrency

Cryptocurrency Social Engineering Cybercrime Engineering

iNSYNQ Ransom Attack Began With Phishing Email

Krebs on Security

AUGUST 9, 2019

A ransomware outbreak that hit QuickBooks cloud hosting firm iNSYNQ in mid-July appears to have started with an email phishing attack that snared an employee working in sales for the company, KrebsOnSecurity has learned. “The way our system was architected, the malware had spread into the backups as well, at least a little bit.

Phishing

Phishing Backups Ransomware Encryption

Americans urged to use encrypted messaging after large, ongoing cyberattack

Malwarebytes

DECEMBER 5, 2024

Volt Typhoon made headlines earlier this year when the FBI removed their malware from hundreds of routers across the US. We don’t just report on threats – we help protect your social media Cybersecurity risks should never spread beyond a headline.

Encryption

Encryption Identity Theft Media Telecommunications

News alert: SpyCloud operationalizes darknet data, pioneers shift to holistic identity threat protection

The Last Watchdog

FEBRUARY 4, 2025

These sprawling identities, exposed through breaches, infostealer infections, and phishing attacks, create shadow data that traditional tools simply cant address. SpyCloud , a leading identity threat protection company, announced key innovations in its portfolio, pioneering the shift to holistic identity threat protection.

Cybercrime

Cybercrime Accountability Phishing Malware

When Low-Tech Hacks Cause High-Impact Breaches

Krebs on Security

FEBRUARY 26, 2023

Web hosting giant GoDaddy made headlines this month when it disclosed that a multi-year breach allowed intruders to steal company source code, siphon customer and employee login credentials, and foist malware on customer websites. But we do know the March 2020 attack was precipitated by a spear-phishing attack against a GoDaddy employee.

Hacking

Hacking Social Engineering Phishing Scams

News Alert: Perception Point reports rates of ‘BEC,’ phishing attacks climb in the first half of 2023

The Last Watchdog

JULY 27, 2023

In its H1 2023 Report: Cybersecurity Trends & Insights , Perception Point reported an overall increase in social engineering attacks, including a 20% growth in the prevalence of Business Email Compromise (BEC) attacks along with a 41% surge in phishing attacks from H2 2022 to H1 2023.

Phishing

Phishing Social Engineering Engineering Media

Law enforcement seized the domains of HeartSender cybercrime marketplaces

Security Affairs

FEBRUARY 2, 2025

The HeartSender group has sold phishing tools to criminals since 2020, causing over $3 million in U.S. The Saim Raza group run multiple marketplaces that advertised and facilitated the sale of hacking and fraud tools, including malware, phishing kits and email extractors.

Cybercrime

Cybercrime Advertising Phishing Hacking

Security Affairs Malware Newsletter – Round 5

Security Affairs

AUGUST 4, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware

Malware Spyware Media Phishing

Financial cyberthreats in 2024

SecureList

MARCH 25, 2025

Note that for mobile banking malware, we retrospectively revised the 2023 numbers to provide more accurate statistics. We also changed the methodology for PC banking malware by removing obsolete families that no longer use Trojan banker functionality, hence the sharp drop in numbers against 2023. million detections compared to 5.84

Phishing

Phishing Banking Scams Mobile

News alert: SpyCloud study shows Darknet identity exploitation arising to become a primary cyber risk

The Last Watchdog

MARCH 19, 2025

Attackers now have access to extensive identity data from multiple sourcesincluding data breaches, infostealer malware infections, phishing campaigns, and combolistsposing a challenge for organizations whose security measures have not yet adapted to address the full scope of interconnected identity exposures holistically.

Cyber Risk

Cyber Risk Risk Phishing Cybercrime

Drained Wallets: How to Protect Your Assets From Advanced Phishing Scams

IT Security Guru

APRIL 25, 2025

Phishing is a great example of this, with it evolving from simple email scams to more malicious and carefully thought-out attacks. As more people shift to online financial platforms or cryptocurrencies, digital wallets have become a common target for phishing scams.

Scams

Scams Phishing Cryptocurrency Cyber threats

Phishing attacks target mobile users via progressive web applications (PWA)

Security Affairs

AUGUST 23, 2024

ESET researchers detailed a phishing campaign against mobile users that uses Progressive Web Applications (PWAs). The technique allows the installation of a phishing application from a third-party website without requiring the user to enable third-party app installations. ” reads the report published by ESET.

Phishing

Phishing Mobile Banking Social Engineering

Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack

Krebs on Security

SEPTEMBER 17, 2020

The government alleges the men used malware-laced phishing emails and “supply chain” attacks to steal data from companies and their customers. APT41 was known to hide its malware inside fake resumes that were sent to targets. APT41’s activities span from the mid-2000s to the present day.

Antivirus

Antivirus Hacking Software Government

Think You Can Spot a Phishing Scam? Think Again.

Approachable Cyber Threats

MARCH 12, 2025

Category Awareness, Social Enginering Risk Level Phishing emails are getting harder to detect. What is phishing, and why is it such a big deal?" Phishing is one of the oldest tricks in the hacker playbook - but its also one of the most effective. Alright, but cant I just spot and delete phishing emails?"

Phishing

Phishing Scams Social Engineering Artificial Intelligence

Homographic Hacking: What It Is and How It Works

Adam Levin

MARCH 29, 2020

Homographic-based phishing “lures” are a powerful tool in today’s phishing campaigns. . If a hacker registers a domain name that looks like a legit one, it’s not difficult to create a spoof version of that website to access user credentials entered at login, or to funnel malware onto the user’s computer. .

Hacking

Hacking Phishing Media Banking

China-linked BlackTech APT uses new Flagpro malware in recent attacks

Security Affairs

DECEMBER 29, 2021

China-linked BlackTech cyberespionage group was targeting Japanese companies using new malware tracked as ‘Flagpro’. Researchers from NTT Security reported that China-linked BlackTech cyberespionage group targeted Japanese companies using new malware tracked as ‘Flagpro’. “It means that they are actively developing new malwares.

Malware

Malware Phishing Passwords Media

Security Affairs newsletter Round 497 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

NOVEMBER 10, 2024

Mazda Connect flaws allow to hack some Mazda vehicles Veeam Backup & Replication exploit reused in new Frag ransomware attack Texas oilfield supplier Newpark Resources suffered a ransomware attack Palo Alto Networks warns of potential RCE in PAN-OS management interface iPhones in a law enforcement forensics lab mysteriously rebooted losing their (..)

Ransomware

Ransomware Cybercrime Phishing Banking

Social Media Malvertising Campaign Promotes Fake AI Editor Website for Credential Theft

Trend Micro

JULY 31, 2024

We uncovered a malvertising campaign where the threat actor hijacks social media pages, renames them to mimic popular AI photo editors, then posts malicious links to fake websites.

Media

Media Cyber threats Phishing Malware

How Security Teams Collect the Data They Need for Threat Intelligence

SecureWorld News

APRIL 14, 2025

With these insights, security personnel know which attack vectors to watch more closely, how to orchestrate the defenses, and what new phishing and social engineering trends to warn employees about. They amass data from websites, social media networks, news sources, public databases, and domain registries.

Media

Media Social Engineering Malware Financial Services

Intercepting 2FA: Over 1200 man-in-the-middle phishing toolkits detected

Malwarebytes

JANUARY 6, 2022

Academics from Stony Brook University and Palo Alto Networks—namely Brian Kondracki, Babak Amin Azad, Nick Nikiforakis, and Oleksii Starov—have found at least 1,200 phishing kits online capable of capturing or intercepting 2FA security codes. Illustration of what a MiTM phishing would look like. Source: Kondracki, et al).

Phishing

Phishing Authentication Accountability Data breaches

Meet the new Flagpro malware developed by Chinese

CyberSecurity Insiders

JANUARY 4, 2022

A new malware developed by China is on the prowl on the web and is seen targeting Japanese companies for now. According to a research carried out by NTT Security, Flagpro is in the wild from Oct’20 and was found targeting companies operating in defense technologies, media and communication sectors.

Malware

Malware Manufacturing Media Phishing

Your Company’s Executives Are in the Crosshairs of Whaling. Are They Ready?

SecureWorld News

DECEMBER 19, 2024

Phishing has been striking dread into the hearts of IT security teams all over the world almost since email came into use, with the term first appearing in 1995. Since then, phishing attacks have increased, become more widespread and frequent, and developed more sophisticated methods. However, there are no shortcuts.

Phishing

Phishing Passwords Accountability Cybersecurity

What threatens corporations in 2023: media blackmail, fake leaks and cloud attacks

SecureList

JANUARY 18, 2023

The threat landscape is constantly updated through new malware and spyware, advanced phishing methods, and new social engineering techniques. The media routinely report incidents and leaks of data that end up publicly accessible on the dark web. Malware-as-a-service: a greater number of cookie-cutter attacks, more complex tools.

Media

Media Social Engineering Ransomware Hacking

Macs targeted by info stealers in new era of cyberthreats

Malwarebytes

FEBRUARY 19, 2025

These findings come from the 2025 State of Malware report. The threat of info stealers Info stealers are a type of malware that do exactly as they saythey steal information from peoples devices. But the variety of information that these pieces of malware can steal makes them particularly dangerous.

Malware

Malware Software Passwords Cryptocurrency

Digital life protection: How Webroot keeps you safe in a constantly changing world

Webroot

FEBRUARY 21, 2025

Phishing scams, ransomware attacks, data breaches, and identity theft are part of a growing list of online dangers that are a daily reality. It combines multiple security capabilities into one easy-to-use package that includes: Antivirus protection Detects and neutralizes viruses, malware , spyware , and ransomware.

Antivirus

Antivirus Identity Theft Cyber threats Phishing

IT threat evolution Q3 2024

SecureList

NOVEMBER 29, 2024

The malware utilizes cloud resources for its C2 (command and control) servers, which it accesses via APIs using authentication tokens. While the modus operandi of the threat actor is reminiscent of the CloudWizard APT that we reported on in 2023, the malware code is completely different.

Energy and Utilities

Energy and Utilities Ransomware Malware Government

Sendgrid Under Siege from Hacked Accounts

Krebs on Security

AUGUST 28, 2020

Email service provider Sendgrid is grappling with an unusually large number of customer accounts whose passwords have been cracked, sold to spammers, and abused for sending phishing and email malware attacks. ”

Accountability

Accountability Hacking Authentication Marketing

WhatsApp Mods are caught distributing malware

CyberSecurity Insiders

OCTOBER 13, 2022

Researchers from Kaspersky have discovered that those using YoWhatsApp are being targeted with trojan malware named Triada having capabilities of stealing data from mobile phone and indulging in espionage. Usually, such malware is circulated as apps like Snaptube, that promise video downloads from Facebook, YouTube and Instagram all for free.

Malware

Malware Mobile Media Encryption

Lumma Stealer – Tracking distribution channels

SecureList

APRIL 21, 2025

Introduction The evolution of Malware-as-a-Service (MaaS) has significantly lowered the barriers to entry for cybercriminals, with information stealers becoming one of the most commercially successful categories in this underground economy. The attackers also use social media posts to lure victims to these channels.

Malware

Malware Cryptocurrency Software Phishing

FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

Webinars

Trending Sources

Booking.com Phishers May Leave You With Reservations

Webinars

Phishing evolves beyond email to become latest Android app threat

Fake Booking.com phish uses fake CAPTCHAs to trick hotel staff into downloading malware

Arrest, Raids Tied to ‘U-Admin’ Phishing Kit

Crazy Evil gang runs over 10 highly specialized social media scams

News alert: CyTwist launches threat detection engine tuned to identify AI-driven malware in minutes

News alert: SpyCloud study shows gaps in EDR, antivirus — 66% of malware infections missed

How threat actors can use generative artificial intelligence?

FBI: Spike in Hacked Police Emails, Fake Subpoenas

GUEST ESSAY: Advanced tools, tactics required to defend latest attack variant — ‘DeepSea phishing’

Iran and China-linked actors used ChatGPT for preparing attacks

Operation ForumTroll: APT attack with Google Chrome zero-day exploit chain

New AI “agents” could hold people for ransom in 2025

Hackers Exploit Zoom's Remote Control Feature in Cryptocurrency Heists

iNSYNQ Ransom Attack Began With Phishing Email

Americans urged to use encrypted messaging after large, ongoing cyberattack

News alert: SpyCloud operationalizes darknet data, pioneers shift to holistic identity threat protection

When Low-Tech Hacks Cause High-Impact Breaches

News Alert: Perception Point reports rates of ‘BEC,’ phishing attacks climb in the first half of 2023

Law enforcement seized the domains of HeartSender cybercrime marketplaces

Security Affairs Malware Newsletter – Round 5

Financial cyberthreats in 2024

News alert: SpyCloud study shows Darknet identity exploitation arising to become a primary cyber risk

Drained Wallets: How to Protect Your Assets From Advanced Phishing Scams

Phishing attacks target mobile users via progressive web applications (PWA)

Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack

Think You Can Spot a Phishing Scam? Think Again.

Homographic Hacking: What It Is and How It Works

China-linked BlackTech APT uses new Flagpro malware in recent attacks

Security Affairs newsletter Round 497 by Pierluigi Paganini – INTERNATIONAL EDITION

Social Media Malvertising Campaign Promotes Fake AI Editor Website for Credential Theft

How Security Teams Collect the Data They Need for Threat Intelligence

Intercepting 2FA: Over 1200 man-in-the-middle phishing toolkits detected

Meet the new Flagpro malware developed by Chinese

Your Company’s Executives Are in the Crosshairs of Whaling. Are They Ready?

What threatens corporations in 2023: media blackmail, fake leaks and cloud attacks

Macs targeted by info stealers in new era of cyberthreats

Digital life protection: How Webroot keeps you safe in a constantly changing world

IT threat evolution Q3 2024

Sendgrid Under Siege from Hacked Accounts

WhatsApp Mods are caught distributing malware

Lumma Stealer – Tracking distribution channels

Stay Connected