SecureList

NOVEMBER 8, 2021

Q3 2021 brought two new DDoS attack vectors, potentially posing a serious threat, including for major web resources. ris , a new botnet capable of carrying out powerful DDoS attacks. For instance, a DDoS attack on a Cloudflare customer (attributed to M?ris) We won't let our #DDoS stop us doing what we love!

DDOS 115

DDOS Marketing Cryptocurrency IoT 115

Krebs on Security

MAY 13, 2024

This post examines the activities of Khoroshev’s many alter egos on the cybercrime forums, and tracks the career of a gifted malware author who has written and sold malicious code for the past 14 years. was used by a Russian-speaking member called Pin on the English-language cybercrime forum Opensc. Dmitry Yuryevich Khoroshev.

Ransomware 244

Ransomware Cybercrime Accountability Malware 244

Security Affairs

MARCH 23, 2024

An operation conducted by the Federal Criminal Police Office in Germany (BKA) and the Frankfurt cybercrime combating unit (ZIT) led to the seizure of the infrastructure of the darknet marketplace Nemesis Market in Germany and Lithuania. The law enforcement confiscated about 94,000 euros worth of cryptocurrencies.

Marketing 92

Marketing Cybercrime DDOS Internet 92

SecureList

JULY 28, 2021

For example, April saw the active distribution of a new DDoS botnet called Simps — the name under which it introduced itself to owners of infected devices. The malware creators promoted their brainchild on a specially set-up YouTube channel and Discord server, where they discussed DDoS attacks.

DDOS 134

DDOS DNS IoT Marketing 134

SecureList

MAY 10, 2021

Botnet operators use infected devices to carry out DDoS attacks or mine cryptocurrency. In Q1 2021, cybercriminals also found a host of new tools for amplifying DDoS attacks. RDP servers listening on UDP port 3389 were used to amplify DDoS attacks. The vendor released a patch when they learned about the problem.

DDOS 103

DDOS Cryptocurrency Media Marketing 103

Security Affairs

NOVEMBER 10, 2023

After ChatGPT, Anonymous Sudan took down the Cloudflare website with a distributed denial-of-service (DDoS) attack. The hacktivist group Anonymous Sudan claimed responsibility for the massive distributed denial-of-service (DDoS) attack that took down the website of Cloudflare. “ To be clear, there was no Cloudflare breach.

DDOS 123

DDOS Cryptocurrency Accountability Media 123

Krebs on Security

DECEMBER 14, 2023

That reporting was based on clues from an early Russian cybercrime forum in which a hacker named Rescator — using the same profile image that Rescator was known to use on other forums — claimed to have originally been known as “Helkern,” the nickname chosen by the administrator of a cybercrime forum called Darklife.

Cybercrime 232

Cybercrime Accountability Advertising Computers and Electronics 232

SecureList

OCTOBER 20, 2021

Having been in the field for so long, we have witnessed some major changes in the cybercrime world’s modus operandi. This report shares our insights into the Russian-speaking cybercrime world and the changes in how it operates that have happened in the past five years. These services, too, have been outsourced.

Cybercrime 140

Cybercrime Banking Malware Ransomware 140

SecureList

NOVEMBER 23, 2021

The COVID-19 pandemic is likely to cause a massive wave of poverty, and that invariably translates into more people resorting to crime, including cybercrime. We should expect more fraud, targeting mostly BTC , because this cryptocurrency is the most popular. Cracking down hard on the cybercrime world.

Cryptocurrency 112

Cryptocurrency Banking Cybercrime Ransomware 112

Security Affairs

JANUARY 4, 2023

Researchers discovered a new Linux malware developed with the shell script compiler ( shc ) that was used to deliver a cryptocurrency miner. “Typical attacks that target Linux SSH servers include brute force attacks and dictionary attacks on systems where account credentials are poorly managed. ” concludes the report.

Malware 90

Malware DDOS Cryptocurrency Firewall 90

Security Affairs

JUNE 15, 2022

Credit card details related to an account balance of up to 5,000 has an average price of $120, which is exactly 50% of the price for the same item observed in 2021. The huge interest in cryptocurrency is keeping high the price of crypto accounts. verified account goes for $170 ($710 in 2021). 50 in 2021). 50 in 2021).

Identity Theft 90

Identity Theft Accountability DDOS Cybercrime 90

Security Affairs

AUGUST 27, 2023

military procurement system Spoofing an Apple device and tricking users into sharing sensitive data Israel and US to Invest $3.85 Million in projects for critical infrastructure protection through the BIRD Cyber Program N.

Cybercrime 74

Cybercrime Hacking Cryptocurrency Ransomware 74

Security Affairs

AUGUST 12, 2023

Lolek Hosted is a bulletproof hosting service provider used to facilitate the distribution of information-stealing malware, and also to launch DDoS (distributed denial of service) attacks, manage fictitious online shops, manage botnet servers and distribute spam messages worldwide. A joint operation conducted by European and U.S.

Cybercrime 72

Cybercrime DDOS Ransomware Cryptocurrency 72

Security Affairs

JULY 30, 2018

Security experts from Kaspersky Lab have spotted a new cryptocurrency miner dubbed PowerGhost that can spread leveraging a fileless infection technique. Then the malware uses the Mimikatz tool to get the user account credentials from the machine and use it to attempt lateral movements inside the target network. “ Propagation.

Cryptocurrency 43

Cryptocurrency DDOS Advertising Malware 43

Security Affairs

SEPTEMBER 25, 2022

builder Over 39K unauthenticated Redis services on the internet targeted in cryptocurrency campaign Hackers stole $160 Million from Crypto market maker Wintermute U.S. gov adds more Chinese Telecom firms to the Covered List Imperva blocked a record DDoS attack with 25.3

Cryptocurrency 79

Cryptocurrency Data breaches DNS DDOS 79

Security Affairs

MAY 20, 2020

The man is known in the cybercrime underground for selling billions of stolen credentials. Sanix has been active on the cybercrime underground at least since 2018, he focuses in the sale of stolen data from organizations. The popular hacker Sanix has been arrested by the Ukrainian Secret Service (SSU).

Cybercrime 59

Cybercrime Passwords Advertising Hacking 59

Security Boulevard

JANUARY 25, 2022

Folks, Who wants to dive deep into some of my latest commercially available research and stay on the top of their OSINT/cybercrime research and threat intelligence gathering game that also includes their team and organization? Dancho Danchev’s “Intell on the Criminal Underground – Who’s Who in Cybercrime for ” Presentation – [PDF].

Cybercrime 96

Cybercrime Hacking Scams Ransomware 96

Security Affairs

JUNE 4, 2021

A person’s credit card details and account balance are sold for 150 USD if the account balance is under 1000 USD, but 240 if it is under 5000 USD. Stolen Paypal account details, Neteller, PerfectMoney, TransferGo, and other payment services are also on the list. An American Express, though, is 35 USD. What about services?

Accountability 106

Accountability Marketing Hacking Cryptocurrency 106

Security Affairs

MARCH 19, 2023

Kaspersky released a new decryptor for Conti-based ransomware US govt agencies released a joint alert on the Lockbit 3.0 Kaspersky released a new decryptor for Conti-based ransomware US govt agencies released a joint alert on the Lockbit 3.0

DDOS 76

DDOS Ransomware Phishing Cryptocurrency 76

Security Affairs

OCTOBER 20, 2020

Group-IB assisted Paxful, an international peer-to-peer cryptocurrency marketplace, in countering web-bot and social engineering attacks. They are a big headache for eCommerce businesses today, with cybercriminals using them to steal money, brute-force user credentials or carry out DDoS attacks.

Cryptocurrency 57

Cryptocurrency Social Engineering eCommerce Engineering 57

Threatpost

FEBRUARY 18, 2020

Scam threatens to flood sites using Google’s banner-ad program with bot and junk traffic if owners don’t pay $5K in bitcoin.

Accountability 101

Accountability Scams DDOS Cryptocurrency 101

Security Affairs

NOVEMBER 20, 2021

U.S. (..)

Banking 65

Banking Small Business Data breaches Firmware 65

SecureList

NOVEMBER 23, 2023

Cybercriminals continued targeting gamers’ accounts filled with valuable in-game items or giving access to games on several devices, and often used in-game currency to lure victims to participate in their scams. There are two main reasons for that: political pressure and DDoS attacks.

VPN 97

VPN Scams Education Internet 97

SiteLock

AUGUST 27, 2021

This makes stealthy attacks incredibly popular in the cybercrime community. If your site experiences a URL redirect — which accounts for 17% of all malware infections — you might see a brief decrease in traffic as your visitors land on another site. Cybercriminals won’t become complacent, and that means you shouldn’t, either.

Small Business 98

Small Business Cybersecurity Phishing DDOS 98

Security Affairs

JANUARY 23, 2022

from the Lympo NTF platform.

VPN 74

VPN Ransomware Spyware DDOS 74

SecureList

MAY 27, 2022

In January, we reported a malicious campaign targeting companies that work with cryptocurrencies, smart contracts, decentralized finance and blockchain technology: the attackers are interested in fintech in general. The campaign has two goals: gathering information and stealing cryptocurrency. Lapsus$ group hacks Okta.

Phishing 110

Phishing Spyware Firmware Malware 110

eSecurity Planet

NOVEMBER 2, 2022

In July 2001, the Code Red Worm attempted to subject the entire Internet to a distributed denial of service (DDoS) attack. Eventually, the infected computers were all directed to attempt a DDoS specifically on whitehouse.gov, though the White House managed to sidestep the assault. Welcome to [link] Hacked By Chinese!”.

Malware 140

Malware Ransomware Antivirus Internet 140

Security Affairs

APRIL 4, 2021

If you want to receive the complete weekly Security Affairs Newsletter for free, including the international press, subscribe here.

Ransomware 68

Ransomware Hacking DDOS Cryptocurrency 68

SecureList

JULY 28, 2022

We found links to previously observed cybercrime activities, new, formerly unknown samples used by the attackers during post-exploitation activities, a wealth of recent information about C2 infrastructure and the latest samples distributed to compromise victims. Based on the domain naming scheme, we call this campaign NaiveCopy.

Malware 136

Malware Firmware Phishing Cryptocurrency 136

SecureList

MAY 12, 2021

Botmasters and account resellers are tasked with providing initial access inside the victim’s network. Finally, negotiations with the victims may be handled by yet another team and when the ransom is paid out, a whole new set of skills is needed to launder the cryptocurrency obtained. Access sellers. Through the market lanes.

Ransomware 129

Ransomware Encryption Malware Cybercrime 129

SecureList

NOVEMBER 14, 2023

Using a malicious script, the attackers redirected their targets’ incoming email to an email address controlled by the attackers, gathering data from the compromised accounts. Although there was a public report of drones used to hack a Wi-Fi network in 2022, there are no accounts of similar events happening in 2023.

Hacking 109

Hacking Energy and Utilities Media Malware 109

Malwarebytes

MAY 21, 2023

ChatGPT can be trained to identify and mitigate network security threats like DDoS attacks when used in conjunction with other technologies. One user commanded the AI to destroy humanity, and it planned a nuclear winter , all while maintaining its own Twitter account, which was ultimately suspended.

Cybersecurity 77

Cybersecurity Artificial Intelligence Social Engineering Engineering 77

Security Boulevard

MAY 10, 2022

Data supporting the idea that Moscow employs troll farms and fake social media accounts to push specific anti-Western/anti-Ukranian narratives, as it previously did during the annexation of Crimea and a US Presidential election. ( 1 ). ( 9 ). Outcome #5: Russia Co-ops Cybercriminal Organization to Fundraise.

Government 52

Government Media Technology Cybercrime 52

eSecurity Planet

OCTOBER 21, 2022

This note will provide instructions on how to pay the ransom, usually through difficult-to-trace means like cryptocurrency. The Ransom Note: The ransomware notifies its victims of the infection via a.txt file on the infected device or a pop-up.

Malware 75

Malware Adware Spyware Antivirus 75