Security Affairs

NOVEMBER 11, 2018

Researchers from Trend Micro spotted a new cryptocurrency miner that leverages a rootkit component to hide its presence on the infected systems. Cryptocurrency malware continues to be a privileged choice for crooks and the number of victims is rapidly growing. Security Affairs – Linux cryptocurrency miner, hacking).

Cryptocurrency 89

Cryptocurrency Malware Advertising Media 89

Security Affairs

SEPTEMBER 16, 2020

A threat actor is launching brute-force attacks on MSSQL servers in the attempt to access them to install a new crypto-mining malware dubbed MrbMiner. A group of hackers is launching brute-force attacks on MSSQL servers with the intent to compromise them and install crypto-mining malware dubbed MrbMiner. Mining process.”

Malware 137

Malware Cryptocurrency Advertising Accountability 137

Security Affairs

SEPTEMBER 17, 2018

Palo Alto Network researchers discovered a new malware, tracked as XBash, that combines features from ransomware, cryptocurrency miners, botnets, and worms. Security researchers at Palo Alto Networks have discovered a new piece of malware, dubbed XBash piece that is targeting both Linux and Microsoft Windows servers.

Cryptocurrency 90

Cryptocurrency Malware Ransomware Cybercrime 90

Security Affairs

MARCH 3, 2020

The Department of Justice has charged the two Chinese nationals for laundering cryptocurrency for North Korea-linked APT groups. for helping North Korea-linked hackers in laundering cryptocurrency. The cryptocurrency have been stolen by the APT groups from two cryptocurrency exchanges. and Li Jiadong (???),

Cryptocurrency 98

Cryptocurrency Banking Hacking Accountability 98

The Last Watchdog

JUNE 20, 2018

Cryptojacking, as defined by the Federal Trade Commission , is the use of JavaScript code to capture cryptocurrencies in users’ browsers without asking permission. Bilogorskiy: Before 2013 a lot of malware was focused on spam, DDoS and monetizing through malicious advertising and ad fraud. Bilogorskiy: Exactly. It was insane.

Cryptocurrency 176

Cryptocurrency Passwords Ransomware Malware 176

Security Affairs

JANUARY 9, 2020

In the last 18 months, North Korea-linked Lazarus APT group has continued to target cryptocurrency exchanges evolving its TTPs. Kaspersky researchers have analyzed the attacks carried out by North Korea-linked Lazarus APT group in the past 18 months and confirmed their interest in banks and cryptocurrency exchanges.

Cryptocurrency 60

Cryptocurrency Malware Advertising Encryption 60

Security Affairs

MARCH 12, 2020

Cybercriminals continue to exploit the fear in the coronavirus outbreak to spread malware and steal sensitive data from victims. Experts from cybersecurity Reason reported cybercrimnals are using new coronavirus -themed attacks to deliver malware. To make sure the malware can persist and keep operating, it uses the “Task Scheduler”.”

Malware 136

Malware Advertising Passwords Cryptocurrency 136

Security Affairs

MAY 13, 2020

The United States Cyber Command (USCYBERCOM) has uploaded five new North Korean malware samples to VirusTotal. The United States Cyber Command (USCYBERCOM) has shared five new malware samples attributed to the North Korea-linked Lazarus APT , it has uploaded the malicious code to VirusTotal. ” reads the DHS CISA’s advisory.

Malware 116

Malware Advertising Government Cryptocurrency 116

Security Affairs

JANUARY 31, 2019

Palo Alto Networks discovered a piece of Mac malware dubbed CookieMiner that is targeting browser cookies associated with cryptocurrency exchanges and wallet service websites. The malware targets cookies associated with cryptocurrency exchanges such as Binance , Coinbase, Poloniex, Bittrex, Bitstamp, and MyEtherWallet.

Malware 86

Malware Cryptocurrency Authentication Advertising 86

Security Affairs

OCTOBER 18, 2020

Multiple members of QQAAZZ multinational cybercriminal gang were charged for providing money-laundering services to high-profile malware operations. According to law enforcement bodies, the gang provides services to multiple malware operations, including Dridex , GozNym , and Trickbot. ” . ” states the DoJ.

Malware 107

Malware Banking Cryptocurrency Cybercrime 107

Security Affairs

MAY 1, 2023

The previously undetected LOBSHOT malware is distributed using Google ads and gives operators VNC access to Windows devices. Threat actors are using an elaborate scheme of fake websites through Google Ads to spread their malware, the backdoors are embedded in installers for apparently legitimate applications, such as AnyDesk.

Malware 87

Malware Cybercrime Banking Software 87

Security Affairs

APRIL 15, 2020

Google has removed 49 new Chrome browser extensions from its official Web Store that hide the code to hijack cryptocurrency wallets. Google has removed 49 new Chrome browser extensions from its official Web Store that contain the code to steal sensitive information and hijack cryptocurrency wallets. Pierluigi Paganini.

Cryptocurrency 92

Cryptocurrency Advertising Phishing Passwords 92

Security Affairs

MARCH 13, 2019

Security experts at 360 Total Security have discovered a new modular cryptocurrency malware that implements worm capabilities to spread. The Monero cryptocurrency miner uses a worm module (Systemctl.exe) dubbed PsMiner written in the Go language which includes exploit modules used to hack into vulnerable servers.

Malware 77

Malware Cryptocurrency Advertising Passwords 77

Security Affairs

FEBRUARY 24, 2020

Raccoon Malware is a recently discovered infostealer that can extract sensitive data from about 60 applications on a targeted system. Racoon malware , Legion, Mohazo, and Racealer, is an infostealer that recently appeared in the threat landscape that is advertised in hacking forums. ” reads the report published by CyberArk.

Cybercrime 89

Cybercrime Malware Cryptocurrency Advertising 89

Security Affairs

JUNE 20, 2019

Researchers discovered that recently patched Firefox zero-day (CVE-2019-11707) has been exploited to deliver Windows and Mac malware to cryptocurrency exchanges. According to Martin, other cryptocurrency organizations were hit by similar attacks. CVE-2019-11707 is a type confusion vulnerability in Array.pop.

Cryptocurrency 73

Cryptocurrency Malware Advertising Passwords 73

Security Affairs

FEBRUARY 22, 2021

Researchers spotted a new Office malware builder, tracked as APOMacroSploit, that was employed in a campaign targeting more than 80 customers worldwide. Researchers from security firm Check Point uncovered a new Office malware builder called APOMacroSploit, which was employed in attacks that targeted more than 80 customers worldwide.

Malware 111

Malware Antivirus Phishing Cryptocurrency 111

Security Affairs

SEPTEMBER 29, 2019

Experts at Juniper Threat Labs have discovered a new piece of malware dubbed Masad Stealer that exfiltrate s cryptocurrency wallet files via Telegram. Security researchers at the Juniper Threat Labs discovered a strain of malware dubbed Masad Stealer that is actively distributed.

Malware 76

Malware Cryptocurrency Advertising Marketing 76

Security Affairs

AUGUST 8, 2019

Avast spotted a new strain of Clipsa malware that is used to mine and steal cryptocurrencies along with carrying out brute-force attacks on WordPress sites. Clipsa is a malware that is well known to cyber security community is able to steal cryptocurrency via clipoard hijacking and mine cryptocurrency after installing a miner. .

Malware 88

Malware Cryptocurrency Passwords Internet 88

Security Affairs

JULY 16, 2020

Researchers spotted a new Android banking trojan dubbed BlackRock malware that steals credentials and credit card data from hundreds of apps. The BlackRock malware borrows the code from the Xerxes banking malware, which is a strain of the popular LokiBot Android trojan. Coinbase, BitPay, and Coinbase), and banks (i.e.

Malware 88

Malware Banking Mobile Spyware 88

Security Affairs

SEPTEMBER 2, 2020

Experts warn of the KryptoCibule Windows malware that has been active since late 2018 and has targeted users in the Czech Republic and Slovakia. Security researchers from ESET have shared technical detailts of a new piece of Windows malware tracked as KryptoCibule. ” reads the report. Pierluigi Paganini.

Cryptocurrency 134

Cryptocurrency Antivirus Malware Advertising 134

Security Affairs

MARCH 28, 2019

Security experts at Group-IB have detected the activity of Gustuff a mobile Android Trojan, which includes potential targets of customers in leading international banks, users of cryptocurrency services, popular ecommerce websites and marketplaces. Gustuff has previously never been reported.

Banking 89

Banking Cryptocurrency Mobile Advertising 89

Security Affairs

NOVEMBER 16, 2020

The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. According to a report published by Kaspersky Lab in January 2020, in the two years the North Korea-linked APT group has continued to target cryptocurrency exchanges evolving its TTPs.

Malware 103

Malware Software Cryptocurrency Financial Services 103

Security Affairs

JULY 29, 2020

Experts spotted an undetectable Linux malware that exploits undocumented techniques to evade detection and targets publicly accessible Docker servers. ” The botnet is scanning the Internet for misconfigured Docker API endpoints, Experts noticed that the Ngrok malware has already infected many vulnerable servers.

Cryptocurrency 137

Cryptocurrency Malware Advertising VPN 137

Security Affairs

JULY 28, 2018

Google has updated the Play Store Developer Policy page to ban mobile mining apps that mine cryptocurrencies using the computational resources of the devices. Due to the surge in cryptocurrency prices, many legitimate websites and mobile apps are increasingly using cryptocurrency miners. Pierluigi Paganini.

Cryptocurrency 48

Cryptocurrency Mobile Advertising Malware 48

Security Affairs

NOVEMBER 20, 2018

Security experts at F-Secure have recently spotted a small spam campaign aimed at Mac users that use Exodus cryptocurrency wallet. The malware poses itself as a fake Exodus update, it is using the subject “Update 1.64.1 Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. update.zip.”

Cryptocurrency 69

Cryptocurrency Spyware Advertising Surveillance 69

Krebs on Security

APRIL 7, 2022

The DOJ said it did not seek to disinfect compromised devices; instead, it obtained court orders to remove the Cyclops Blink malware from its “command and control” servers — the hidden machines that allowed the attackers to orchestrate the activities of the botnet. energy facilities. ” HYDRA. . ” HYDRA. .

Marketing 247

Marketing Energy and Utilities Malware Ransomware 247

Security Affairs

APRIL 12, 2019

Hackers are using the EternalBlue exploit and leveraging advantage of Living off the Land ( LotL ) obfuscated PowerShell-based scripts to deliver malware and a Monero cryptocurrency. “The malware also uses the pass the hash method, wherein it authenticates itself to remote servers using the user’s hashed password.

Malware 77

Malware Cryptocurrency Passwords Advertising 77

Security Affairs

APRIL 5, 2019

Researchers at AT&T Alien Labs have spotted a malware called Xwo that is actively scanning the Internet for exposed web services and default passwords. Experts at AT&T Alien Labs discovered a new piece of malware called Xwo that is actively scanning the Internet for exposed web services and default passwords. Www backup paths.

Internet 89

Internet Internet Passwords Malware 89

Security Affairs

OCTOBER 17, 2019

European airport systems were infected with a Monero cryptocurrency miner that was linked to the Anti-CoinMiner campaign discovered this summer by Zscaler researchers. . “The malware we found was first discovered by Zscaler more than a year ago,” continues Cyberbit. ” reads the analysis published by Cyberbit.

Cryptocurrency 59

Cryptocurrency Antivirus Advertising Malware 59

Security Affairs

SEPTEMBER 24, 2020

Security researchers spotted a new strain of Android malware, dubbed Alien, that implements multiple features allowing it to steal credentials from 226 apps. Alien first appeared in the threat landscape early this year, its model of sale is Malware-as-a-Service (MaaS) and is advertised on several underground hacking forums.

Banking 86

Banking Malware Advertising Architecture 86

Security Affairs

NOVEMBER 26, 2019

Microsoft revealed that the new Dexphot cryptocurrency miner has already infected more than 80,000 computers worldwide. Security experts at Microsoft analyzed a new strain of cryptocurrency miner tracked as Dexphot that has been active since at least October 2018. The malware also uses scheduled tasks to achieve persistence.

Cryptocurrency 121

Cryptocurrency Malware Encryption Advertising 121

Security Affairs

JULY 29, 2018

New Underminer exploit kit delivers a bootkit that infects the system’s boot sectors as well as a cryptocurrency miner dubbed Hidden Mellifera. “Underminer delivers a bootkit that infects the system’s boot sectors as well as a cryptocurrency-mining malware named Hidden Mellifera.” ” concludes Trend Micro.

Cryptocurrency 45

Cryptocurrency Advertising Malware Encryption 45

Security Affairs

MAY 8, 2019

Threat actors are exploiting a Jenkins vulnerability (CVE-2018-1000861) disclosed in 2018 to deliver a cryptocurrency miner using the Kerberods dropper. In the absence of root permissions, the malware created a cron job to ensure persistence. The malware also search for other vulnerable Jenkins servers on the internet.

Malware 86

Malware Cryptocurrency Advertising Internet 86

Security Affairs

JULY 30, 2018

Security experts from Kaspersky Lab have spotted a new cryptocurrency miner dubbed PowerGhost that can spread leveraging a fileless infection technique. “The malware, which we dubbed PowerGhost, is capable of stealthily establishing itself in a system and spreading across large corporate networks infecting both workstations and servers.”

Cryptocurrency 44

Cryptocurrency DDOS Advertising Malware 44

Security Affairs

AUGUST 27, 2019

Security experts from Kaspersky spotted a malware in the free version of the popular PDF creator application CamScanner app. Experts from Kaspersky have discovered malware in the free Android version of the CamScanner app that could be used by attackers to remotely hack Android devices and steal targets’ data.

Malware 97

Malware Advertising Mobile Hacking 97

Security Affairs

NOVEMBER 4, 2020

KPOT Stealer is a “stealer” malware that focuses on exfiltrating account information and other data from web browsers, instant messengers, email, VPN, RDP, FTP, cryptocurrency, and gaming software. The KPOT Stealer was written in C/C++, it was offered in the cybercrime underground as a Malware-as-a-Service (MaaS).

Ransomware 136

Ransomware Malware Advertising Cybercrime 136

SC Magazine

FEBRUARY 17, 2021

billion in currency and cryptocurrency and further other strategic interests for the North Korean government. The charges captures years-worth of North Korean hacking, including the widely publicized 2014 Sony hack, the 2016 hack of the Central Bank of Bangladesh, the 2017 WannaCry ransomware attack and others.

Hacking 103

Hacking Cryptocurrency Banking Malware 103