Cryptocurrency, DDOS, DNS and Malware - Cyber Security Informer

DirtyMoe botnet infected 100,000+ Windows systems in H1 2021

Security Affairs

JUNE 22, 2021

Experts defined DirtyMoe as a complex malware that has been designed as a modular system. The Windows botnet has been active since late 2017, it was mainly used to mine cryptocurrency, but it was also involved in DDoS attacks in 2018. “Both PurpleFox and DirtyMoe are still active malware and gaining strength.”

DNS

DNS Cryptocurrency Internet Internet

Security Affairs newsletter Round 385

Security Affairs

SEPTEMBER 25, 2022

builder Over 39K unauthenticated Redis services on the internet targeted in cryptocurrency campaign Hackers stole $160 Million from Crypto market maker Wintermute U.S. gov adds more Chinese Telecom firms to the Covered List Imperva blocked a record DDoS attack with 25.3

Cryptocurrency

Cryptocurrency Data breaches DNS DDOS

FreakOut botnet target 3 recent flaws to compromise Linux devices

Security Affairs

JANUARY 19, 2021

The attacks aimed at compromising the tarted systems to create an IRC botnet, which can later be used to conduct several malicious activities, including DDoS attacks and crypto-mining campaign. Supports UDP and TCP packets, but also application layer protocols such as HTTP, DNS, SSDP, and SNMP Protocol packing support created by the attacker.

DDOS

DDOS DNS Malware Internet

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Security Affairs newsletter Round 364 by Pierluigi Paganini

Security Affairs

MAY 8, 2022

If you want to also receive for free the newsletter with the international press subscribe here.

IoT

IoT DNS Antivirus DDOS

Threat actors continue to exploit Log4j flaws in their attacks, Microsoft Warns

Security Affairs

JANUARY 5, 2022

Threat actors continue to attempt to exploit Apache Log4J vulnerabilities in their campaigns to deploy malware on target systems, Microsoft warns. We have observed many existing attackers adding exploits of these vulnerabilities in their existing malware kits and tactics, from coin miners to hands-on-keyboard attacks.”

DNS

DNS Malware DDOS Cryptocurrency

DDoS attacks in Q2 2021

SecureList

JULY 28, 2021

For example, April saw the active distribution of a new DDoS botnet called Simps — the name under which it introduced itself to owners of infected devices. The malware creators promoted their brainchild on a specially set-up YouTube channel and Discord server, where they discussed DDoS attacks. The bug was named TsuNAME.

DDOS

DDOS DNS IoT Marketing

Ramnit is back and contributes in creating a massive proxy botnet, tracked as ‘Black’ botnet

Security Affairs

AUGUST 8, 2018

Ramnit is one of the most popular banking malware families in existence today, it was first spotted in 2010 as a worm, in 2011, its authors improved it starting from the leaked Zeus source code turning the malware into a banking Trojan. DDoS attacks, ransomware-based campaigns, cryptocurrency mining campaigns).

Malware

Malware DNS Encryption Banking

DDoS attacks in Q4 2020

SecureList

FEBRUARY 16, 2021

The DTLS (Datagram Transport Layer Security) protocol is used to establish secure connections over UDP, through which most DNS queries, as well as audio and video traffic, are sent. While the resource was down, cryptocurrency newbies were invited to download a copy of Bitcoin Core via a torrenting service.

DDOS

DDOS Cryptocurrency Marketing Internet

DDoS attacks in Q4 2021

SecureList

FEBRUARY 10, 2022

Q4 2021 saw the appearance of several new DDoS botnets. In October, the botnet was upgraded with DDoS functionality. This is further evidence that the same botnets are often used for mining and DDoS. In some cases, DNS amplification was also used. The channel was created in June and went live in August 2021.

DDOS

DDOS Cryptocurrency Marketing Accountability

Types of Malware & Best Malware Protection Practices

eSecurity Planet

FEBRUARY 16, 2021

Malware, short for “malicious software,” is any unwanted software on your computer that, more often than not, is designed to inflict damage. Since the early days of computing, a wide range of malware types with varying functions have emerged. Best Practices to Defend Against Malware. Jump ahead: Adware. RAM scraper.

Malware

Malware Adware Spyware Antivirus

TeamTNT group uses Hildegard Malware to target Kubernetes Systems

Security Affairs

FEBRUARY 5, 2021

The TeamTNT hacker group has been employing a new piece of malware, dubbed Hildegard, to target Kubernetes installs. The hacking group TeamTNT has been employing a new piece of malware, dubbed Hildegard, in a series of attacks targeting Kubernetes systems. The malware deploys the XMRig mining tool to mine Monero cryptocurrency.

Malware

Malware DNS Cryptocurrency Internet

IT threat evolution Q1 2022

SecureList

MAY 27, 2022

Our analysis of the rogue firmware, and other malicious artefacts from the target’s network, revealed that the threat actor behind it had tampered with the firmware to embed malware that we call MoonBounce. The campaign has two goals: gathering information and stealing cryptocurrency. Roaming Mantis reaches Europe.

Phishing

Phishing Spyware Firmware Malware

APT trends report Q1 2022

SecureList

APRIL 27, 2022

Disclaimer: when referring to APT groups as Russian-speaking, Chinese-speaking or other-“speaking” languages, we refer to various artefacts used by the groups (such as malware debugging strings, comments found in scripts, etc.) Subsequently, DDoS attacks hit several government websites.

Malware

Malware Firmware Government Phishing

A week in security (April 12 – 18)

Malwarebytes

APRIL 19, 2021

Source: TechRadar) Cryptocurrency rewards platform Celsius Network disclosed a security breach exposing customer information that led to a phishing attack. Source: BleepingComputer) Threat analysts have been tracking activity where contact forms published on websites are abused to deliver malicious links to IcedID malware.

Artificial Intelligence

Artificial Intelligence Scams DDOS DNS

IT threat evolution in Q3 2022. Non-mobile statistics

SecureList

NOVEMBER 18, 2022

Attempts to run malware for stealing money from online bank accounts were stopped on the computers of 99,989 unique users. Number of users attacked by banking malware. In Q3 2022, Kaspersky solutions blocked the launch of at least one piece of banking malware on the computers of 99,989 unique users. Financial threats.

Mobile

Mobile Malware Ransomware IoT

Cyber Security Informer

DirtyMoe botnet infected 100,000+ Windows systems in H1 2021

Security Affairs newsletter Round 385

Webinars

Trending Sources

FreakOut botnet target 3 recent flaws to compromise Linux devices

Webinars

Security Affairs newsletter Round 364 by Pierluigi Paganini

Threat actors continue to exploit Log4j flaws in their attacks, Microsoft Warns

DDoS attacks in Q2 2021

Ramnit is back and contributes in creating a massive proxy botnet, tracked as ‘Black’ botnet

DDoS attacks in Q4 2020

DDoS attacks in Q4 2021

Types of Malware & Best Malware Protection Practices

TeamTNT group uses Hildegard Malware to target Kubernetes Systems

IT threat evolution Q1 2022

APT trends report Q1 2022

A week in security (April 12 – 18)

IT threat evolution in Q3 2022. Non-mobile statistics

Stay Connected