2014, Cryptocurrency, Cybercrime and Ransomware

Ransomware Gangs and the Name Game Distraction

Krebs on Security

AUGUST 5, 2021

It’s nice when ransomware gangs have their bitcoin stolen, malware servers shut down, or are otherwise forced to disband. Indeed, some of the most destructive and costly ransomware groups are now in their third incarnation. Indeed, some of the most destructive and costly ransomware groups are now in their third incarnation.

Ransomware

Ransomware Cybercrime Malware System Administration

Who is Alleged Medibank Hacker Aleksandr Ermakov?

Krebs on Security

JANUARY 26, 2024

33-year-old Aleksandr Ermakov allegedly stole and leaked the Medibank data while working with one of Russia’s most destructive ransomware groups, but little more is shared about the accused. government says Ermakov and the other actors behind the Medibank hack are believed to be linked to the Russia-backed cybercrime gang REvil.

Cybercrime

Cybercrime Ransomware Retail Insurance

New XBash malware combines features from ransomware, cryptocurrency miners, botnets, and worms

Security Affairs

SEPTEMBER 17, 2018

Palo Alto Network researchers discovered a new malware, tracked as XBash, that combines features from ransomware, cryptocurrency miners, botnets, and worms. The malicious code combines features from different families of malware such as ransomware, cryptocurrency miners, botnets, and worms.

Cryptocurrency

Cryptocurrency Malware Ransomware Cybercrime

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

U.S. Indicts North Korean Hackers in Theft of $200 Million

Krebs on Security

FEBRUARY 17, 2021

Secret Service and Department of Homeland Security told reporters on Wednesday the trio’s activities involved extortion, phishing, direct attacks on financial institutions and ATM networks, as well as malicious applications that masqueraded as software tools to help people manage their cryptocurrency holdings.

Cryptocurrency

Cryptocurrency Financial Services Banking Government

REvil Ransomware member win the auction for KPot stealer source code

Security Affairs

NOVEMBER 4, 2020

The source code for the KPot information stealer was put up for auction and the REvil ransomware operators want to acquire it. The authors of KPot information stealer have put its source code up for auction , and the REvil ransomware operators will likely be the only group to bid. KPOT source code up for sale! Pierluigi Paganini.

Ransomware

Ransomware Malware Advertising Cybercrime

Sodinokibi Ransomware crew chooses Monero for ransom payments

Security Affairs

APRIL 13, 2020

The crew behind the Sodinokibi Ransomware plans to stop accepting Bitcoin and switched on Monero cryptocurrency to hide the money trail. The gang behind the Sodinokibi Ransomware has started accepting the Monero cryptocurrency instead of Bitcoin to make it harder investigation by law enforcement agencies.

Ransomware

Ransomware Cryptocurrency Advertising Hacking

Happy 13th Birthday, KrebsOnSecurity!

Krebs on Security

DECEMBER 29, 2022

Here’s a look at some of the more notable cybercrime stories from the past year, as covered by KrebsOnSecurity and elsewhere. Super Bowl Sunday watchers are treated to no fewer than a half-dozen commercials for cryptocurrency investing. I will also continue to post on LinkedIn about new stories in 2023. agencies].

Cryptocurrency

Cryptocurrency Cybercrime Computers and Electronics Scams

Ten Years Later, New Clues in the Target Breach

Krebs on Security

DECEMBER 14, 2023

Rescator, advertising a new batch of cards stolen in a 2014 breach at P.F. Investigators would later determine that a variant of the malware used in the Target breach was used in 2014 to steal 56 million payment cards from Home Depot customers. Chang’s.

Cybercrime

Cybercrime Accountability Advertising Computers and Electronics

Ukraine police and Binance dismantled a cyber gang behind $42M money laundering

Security Affairs

AUGUST 18, 2020

Ukrainian authorities arrested the members of a cybercrime gang who ran 20 cryptocurrency exchanges involved in money laundering. Police in Ukraine announced the arrest of the members of a cybercrime gang composed of three individuals who ran 20 cryptocurrency exchanges used in money laundering activities.

Cryptocurrency

Cryptocurrency Computers and Electronics Cybercrime Digital transformation

Sodinokibi ransomware gang launches auction site to sell stolen data

Security Affairs

JUNE 3, 2020

REvil /Sodinokibi ransomware operators launch an auction site to sell data stolen from victims that have chosen to not pay the ransom. The Sodinokibi ransomware operators have launched an eBay-like auction site for stolen data where they plan to sell data stolen from the victims. SecurityAffairs – ransomware, cybersecurity).

Ransomware

Ransomware Advertising Cryptocurrency Malware

Police dismantled bulletproof hosting service provider Lolek Hosted

Security Affairs

AUGUST 12, 2023

and “no-log policy,” they were accepting payments in cryptocurrencies. This latest success in the fight against cybercrime follows a complex investigation supported by Europol and the US Federal Bureau of Investigation (FBI).” According to the DoJ, the service was used also by NetWalker ransomware operators.

Cybercrime

Cybercrime DDOS Ransomware Cryptocurrency

Three North Korean hackers charged for financial and revenge-motivated hacks

SC Magazine

FEBRUARY 17, 2021

billion in currency and cryptocurrency and further other strategic interests for the North Korean government. The charges captures years-worth of North Korean hacking, including the widely publicized 2014 Sony hack, the 2016 hack of the Central Bank of Bangladesh, the 2017 WannaCry ransomware attack and others.

Hacking

Hacking Cryptocurrency Banking Malware

Alexander Vinnik, the popular cyber criminal goes on trial in Paris

Security Affairs

OCTOBER 19, 2020

The Russian citizen Alexander Vinnik goes on trial in Paris for having defrauded nearly 200 victims across the world of 135 million euros using ransomware. The Russian man Alexander Vinnik goes on trial in Paris for having defrauded nearly 200 victims across the world of 135M euros using ransomware. million withdrawn.

Advertising

Advertising Cybercrime Hacking Cryptocurrency

Sodinokibi gang hacked law firm of the celebrities and threatens to release the docs

Security Affairs

MAY 9, 2020

The Sodinokibi ransomware gang stolen gigabytes of legal documents from the law firm of the stars, Grubman Shire Meiselas & Sacks (GSMLaw). The Sodinokibi ransomware gang has published a screenshot of the folders they have stolen from the law firm. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Hacking

Hacking Ransomware Advertising Cryptocurrency

U.S. DoJ charges Iranian duo over SamSam Ransomware activity

Security Affairs

NOVEMBER 29, 2018

DoJ charges two Iranian men over their alleged role in creating and spreading the infamous SamSam ransomware. Two Iranian men, Faramarz Shahi Savandi (34) and Mohammad Mehdi Shah Mansouri (27) have been charged by DoJ for their role in creating and distributing the dreaded SamSam ransomware. ” reads the DoJ indictment. .

Ransomware

Ransomware Encryption Advertising Backups

Documents Unsealed: North Korea's Global Hacking Campaign

SecureWorld News

FEBRUARY 18, 2021

And the targets in this case are widespread: banks, ATMs, cryptocurrency exchanges, online casinos, movie studios such as Sony Pictures, and theater chains such as AMC. Ransomware and Cyber-Enabled Extortion: Creation of the destructive WannaCry 2.0 million from an Indonesian cryptocurrency company in September 2018; and $11.8

Hacking

Hacking Cryptocurrency Computers and Electronics Banking

Crooks exploit Oracle WebLogic flaw to deliver Sodinokibi Ransomware

Security Affairs

MAY 1, 2019

Threat actors are exploiting a recently patched critical Oracle WebLogic Server vulnerability to deliver the Sodinokibi ransomware to organizations. Talos also noted that threat actors were exploiting the flaw to deliver the popular Gandcrab ransomware. “We Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware Advertising Cryptocurrency Malware

Security Affairs newsletter Round 283

Security Affairs

SEPTEMBER 27, 2020

fitness chains Town Sports leaked online Group-IB detects a series of ransomware attacks by OldGremlin HOW DO PROVIDERS IMPLEMENT INTERNET BLOCKING IN BELARUS? fitness chains Town Sports leaked online Group-IB detects a series of ransomware attacks by OldGremlin HOW DO PROVIDERS IMPLEMENT INTERNET BLOCKING IN BELARUS?

IoT

IoT Banking Advertising Ransomware

Xwo Malware scans the Internet for Exposed Services, Default Passwords

Security Affairs

APRIL 5, 2019

.” Xwo code is similar to that the MongoLock, a family of ransomware that hit MongoDB servers and wipe their content, then demands the payment a ransom to recover the data. The malicious code combines features from different families of malware such as ransomware, cryptocurrency miners, botnets, and worms.

Internet

Internet Internet Passwords Malware

Russian Alexander Vinnik sentenced in Paris to five years in prison for money laundering

Security Affairs

DECEMBER 8, 2020

The man went on trial in Paris for having defrauded nearly 200 victims across the world of 135M euros using ransomware. The French court acquitted Vinnik of charges of extortion and association with a cybercrime organization. The authorities reported that since 2011, 7 million Bitcoin went into the BTC-e exchange and 5.5

Cryptocurrency

Cryptocurrency Hacking Ransomware Cybercrime

New Lobshot hVNC malware spreads via Google ads

Security Affairs

MAY 1, 2023

While investigating the malware distribution, the researchers noticed the use of an infrastructure known to belong to cybercrime group TA505. Russian TA505 hacking group , aka Evil Corp , has been active since 2014 focusing on Retail and banking sectors. ” reads the report published by Elastic Security Labs.

Malware

Malware Cybercrime Banking Software

The new DOJ Law Enforcement Crypto Reports (TL;DR)

Security Boulevard

SEPTEMBER 20, 2022

Despite the Executive Order, it is important to note that the Department of Justice did not need the urging of the White House to establish procedures for addressing Cryptocurrency. That original report characterized the illicit uses of cryptocurrency into three broad categories of criminality: .

Cryptocurrency

Cryptocurrency Marketing Cybercrime Banking

Security Affairs newsletter Round 240

Security Affairs

NOVEMBER 17, 2019

Boardriders and its subsidiarities QuikSilver and Billabong infected with ransomware. Major ASP.NET hosting provider SmarterASP hit by ransomware attack. Buran ransomware-as-a-service continues to improve. Mexican state-owned oil company Pemex hit by ransomware. TA505 Cybercrime targets system integrator companies.

DDOS

DDOS Spyware Advertising Ransomware

Ransomware Revival: Troldesh becomes a leader by the number of attacks

Security Affairs

NOVEMBER 19, 2019

Ransomware accounted for over half of all malicious mailings in H1 2019, Troldesh aka Shade being the most popular tool among cybercriminals. The report’s findings reveal that email remains the main method of delivering ransomware, banking Trojans, and backdoors. The revival of ransomware. Pierluigi Paganini.

Ransomware

Ransomware Antivirus Malware Banking

Hackers abuse BitBucket to infect 500K+ hosts with arsenal of malware

Security Affairs

FEBRUARY 5, 2020

The arsenal of attackers includes data stealers, cryptocurrency miners, and ransomware, that literally hit victims from all sides. “ Cybereason is following an active campaign to deliver an arsenal of malware that is able to steal data, mine for cryptocurrency , and deliver ransomware to victims all over the world.

Malware

Malware Cryptocurrency Ransomware Advertising

Cybersecurity CEO: Security Awareness is An Ongoing Commitment

Herjavec Group

OCTOBER 27, 2020

According to Cybersecurity Ventures – cybercrime will cost the world $6 trillion annually by 2021 ! Cybercrime will cost the world $6 trillion annually by 2021 , up from $3 trillion in 2015. Ransomware, the fastest growing type of cybercrime, cost the world $11.5 Cyber Primer for the C-Suite.

Security Awareness

Security Awareness Cybersecurity Cybercrime Education

Security Affairs newsletter Round 203 – News of the week

Security Affairs

MARCH 3, 2019

B0r0nt0K ransomware demands $75,000 ransom to the victims. CoinHive Cryptocurrency Mining Service will shut down on March 8, 2019. Ransomware, Trojan and Miner together against PIK-Group. Analyzing the evolution of MageCart cybercrime groups TTPs. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Wireless

Wireless Banking Advertising Cybercrime

U.S. offers up to $5 Million rewards for info on North Korea-linked operations

Security Affairs

APRIL 16, 2020

and UN sanctions, the DPRK has increasingly relied on illicit activities – including cybercrime – to generate revenue for its weapons of mass destruction and ballistic missile programs.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Under the pressure of robust U.S. ” reads the advisory.

Cyber threats

Cyber threats Banking Government Advertising

Security Affairs newsletter Round 236

Security Affairs

OCTOBER 20, 2019

Alabama Hospital chain paid ransom to resume operations after ransomware attack. Global Shipping and mailing services firm Pitney Bowes hit by ransomware attack. Chinese-speaking cybercrime gang Rocke changes tactics. Cryptocurrency miners infected more than 50% of the European airport workstations. Pierluigi Paganini.

Data breaches

Data breaches Advertising Ransomware Manufacturing

Security Affairs newsletter Round 181 – News of the week

Security Affairs

SEPTEMBER 23, 2018

New XBash malware combines features from ransomware, cryptocurrency miners, botnets, and worms. Magecart cybercrime group stole customers credit cards from Newegg electronics retailer. Hackers stole $60 Million worth of cryptocurrencies from Japanese Zaif exchange. Sustes Malware: CPU for Monero. Ngrok Mining Botnet.

Computers and Electronics

Computers and Electronics Cryptocurrency Spyware Data breaches

TA505 Group adds new ServHelper Backdoor and FlawedGrace RAT to its arsenal

Security Affairs

JANUARY 13, 2019

The group carried out a large number of campaigns using weaponized Office and PDF documents to deliver notorious malware, including the Dridex banking trojan , tRAT RAT, FlawedAmmy RAT, Philadelphia ransomware, GlobeImposter and Locky ransomware. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware

Malware DNS Financial Services Retail

ZombieBoy, a new Monero miner that allows to earn $1,000 on a monthly basis

Security Affairs

AUGUST 5, 2018

Unlike MassMiner cryptocurrency miner, ZombieBoy leverages WinEggDrop instead of MassScan to search for new hosts to infect. The cryptocurrency uses Simplified Chinese language, which suggests that its author is a Chinese coder. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Cryptocurrency

Cryptocurrency Advertising Malware Ransomware

A new sophisticated version of the AZORult Spyware appeared in the wild

Security Affairs

JULY 30, 2018

Malware researchers at Proofpoint spotted a new version of the AZORult Spyware in the wild, it was involved in a large email campaign on July 18, just 24 hours it appeared in cybercrime forums on the Dark Web. The experts attributed the campaign to the TA516 threat actor that was focused on cryptocurrencies. ransomware.

Spyware

Spyware Cryptocurrency Passwords Malware

Security Affairs newsletter Round 174 – News of the week

Security Affairs

AUGUST 4, 2018

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Cryptocurrency

Cryptocurrency Data breaches Spyware Surveillance

What makes North Korean hacking groups more creative?

SC Magazine

MAY 20, 2021

Many countries have incorporated offensive cyber operations into their overall geopolitical strategies, but North Korea was among the first nations to leverage its government hacking capabilities in the cybercrime arena.

Hacking

Hacking Media Malware Cryptocurrency

Security Affairs newsletter Round 173 – News of the week

Security Affairs

JULY 29, 2018

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. .

Cryptocurrency

Cryptocurrency Banking Advertising Ransomware

French Police remotely disinfected 850,000 PCs from RETADUP bot

Security Affairs

AUGUST 28, 2019

The Retadup bot has been around since at least 2015, it was involved in several malicious campaigns aimed at delivering malware such as information stealers, ransomware and miners. In recent campaigns, the Retadup worm was observed delivering Monero cryptocurrency miners in Latin America. Pierluigi Paganini.

Malware

Malware Advertising Antivirus Cryptocurrency

Dutch police arrested the author of Dryad and Rubella Macro Builders

Security Affairs

JULY 19, 2019

.” The man was also promoting a variety of different products and services, ranging from stolen credit card data, a malware to steal funds from crypto wallets and a malicious loader software to a newly pitched product called Tantalus ransomware-as-a-service. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware

Malware Social Engineering Advertising Antivirus

Phishers turning hard-working: CERT-GIB records upsurge of phishing resource blockages as duration of attacks grows

Security Affairs

MAY 8, 2020

H2 2019 has proved the tendency of past several years: mail remains the main method of delivering ransomware, spyware, backdoors and other malware, being used by cyber crooks in 94 percent of cases. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Balance of power. Malware delivery: what’s on the menu?

Phishing

Phishing Spyware Banking Malware

Ramnit is back and contributes in creating a massive proxy botnet, tracked as ‘Black’ botnet

Security Affairs

AUGUST 8, 2018

In 2014 it reached the pinnacle of success, becoming the fourth largest botnet in the world. DDoS attacks, ransomware-based campaigns, cryptocurrency mining campaigns). Security Affairs – cybercrime, Ramnit botnet). Bot-A creates new connection to Server-X and works as relay between Server-X and Bot-B.

Malware

Malware DNS Encryption Banking

Ransomware Gangs and the Name Game Distraction

Who is Alleged Medibank Hacker Aleksandr Ermakov?

Webinars

Trending Sources

New XBash malware combines features from ransomware, cryptocurrency miners, botnets, and worms

Webinars

U.S. Indicts North Korean Hackers in Theft of $200 Million

REvil Ransomware member win the auction for KPot stealer source code

Sodinokibi Ransomware crew chooses Monero for ransom payments

Happy 13th Birthday, KrebsOnSecurity!

Ten Years Later, New Clues in the Target Breach

Ukraine police and Binance dismantled a cyber gang behind $42M money laundering

Sodinokibi ransomware gang launches auction site to sell stolen data

Police dismantled bulletproof hosting service provider Lolek Hosted

Three North Korean hackers charged for financial and revenge-motivated hacks

Alexander Vinnik, the popular cyber criminal goes on trial in Paris

Sodinokibi gang hacked law firm of the celebrities and threatens to release the docs

U.S. DoJ charges Iranian duo over SamSam Ransomware activity

Documents Unsealed: North Korea's Global Hacking Campaign

Crooks exploit Oracle WebLogic flaw to deliver Sodinokibi Ransomware

Security Affairs newsletter Round 283

Xwo Malware scans the Internet for Exposed Services, Default Passwords

Russian Alexander Vinnik sentenced in Paris to five years in prison for money laundering

New Lobshot hVNC malware spreads via Google ads

The new DOJ Law Enforcement Crypto Reports (TL;DR)

Security Affairs newsletter Round 240

Ransomware Revival: Troldesh becomes a leader by the number of attacks

Hackers abuse BitBucket to infect 500K+ hosts with arsenal of malware

Cybersecurity CEO: Security Awareness is An Ongoing Commitment

Security Affairs newsletter Round 203 – News of the week

U.S. offers up to $5 Million rewards for info on North Korea-linked operations

Security Affairs newsletter Round 236

Security Affairs newsletter Round 181 – News of the week

TA505 Group adds new ServHelper Backdoor and FlawedGrace RAT to its arsenal

ZombieBoy, a new Monero miner that allows to earn $1,000 on a monthly basis

A new sophisticated version of the AZORult Spyware appeared in the wild

Security Affairs newsletter Round 174 – News of the week

What makes North Korean hacking groups more creative?

Security Affairs newsletter Round 173 – News of the week

French Police remotely disinfected 850,000 PCs from RETADUP bot

Dutch police arrested the author of Dryad and Rubella Macro Builders

Phishers turning hard-working: CERT-GIB records upsurge of phishing resource blockages as duration of attacks grows

Ramnit is back and contributes in creating a massive proxy botnet, tracked as ‘Black’ botnet

Stay Connected