The Hacker News

APRIL 17, 2023

A new strain of malware developed by threat actors likely affiliated with the FIN7 cybercrime group has been put to use by the members of the now-defunct Conti ransomware gang, indicating collaboration between the two crews.

Cybercrime 92

Cybercrime Malware Ransomware 92

Security Affairs

SEPTEMBER 2, 2022

Researchers attribute the Raspberry Robin malware to the Russian cybercrime group known as Evil Corp group. IBM Security X-Force researchers discovered similarities between a component used in the Raspberry Robin malware and a Dridex malware loader, which was part of the malicious operations of the cybercrime gang Evil Corp.

Cybercrime 108

Cybercrime Malware Backups Manufacturing 108

Krebs on Security

JUNE 21, 2023

If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or “crypt” your malware so that it appears benign to antivirus and security products. This story explores the history and identity behind Cryptor[.]biz WHO RUNS CRYPTOR[.]BIZ?

Malware 226

Malware Antivirus Cybercrime Hacking 226

Krebs on Security

OCTOBER 31, 2022

A 26-year-old Ukrainian man is awaiting extradition from The Netherlands to the United States on charges that he acted as a core developer for Raccoon , a popular “malware-as-a-service” offering that helped paying customers steal passwords and financial data from millions of cybercrime victims.

Malware 298

Malware Identity Theft Cybercrime Accountability 298

Security Affairs

NOVEMBER 23, 2023

Threat actors spread Atomic Stealer (AMOS) macOS information stealer via a bogus web browser update as part of the ClearFake campaign. Atomic Stealer (AMOS) macOS information stealer is now being delivered via a fake browser update chain tracked as ClearFake, Malwarebytes researchers warn.

Social Engineering 117

Social Engineering Passwords Malware Engineering 117

Krebs on Security

JUNE 15, 2021

Department of Justice (DOJ) last week announced the arrest of a 55-year-old Latvian woman who’s alleged to have worked as a programmer for Trickbot , a malware-as-a-service platform responsible for infecting millions of computers and seeding many of those systems with ransomware. Alla Witte’s personal website — allawitte[.]nl

Cybercrime 319

Cybercrime Ransomware Passwords Banking 319

Krebs on Security

JULY 25, 2023

Now new findings reveal that AVrecon is the malware engine behind a 12-year-old service called SocksEscort , which rents hacked residential and small business devices to cybercriminals looking to hide their true location online. ” According to Kilmer, AVrecon is the malware that gives SocksEscort its proxies.

Malware 209

Malware VPN Internet Internet 209

SecureWorld News

JULY 27, 2023

A new study from Uptycs has uncovered an increase in the distribution of information stealing malware. The 17-page report has a wealth of information, including the impact of stealers, the lifecycle of a stealer, the workflow of a stealer, and statistics around the stealers trending in 2023.

Malware 67

Malware Social Engineering Passwords Spyware 67

Bleeping Computer

JUNE 18, 2023

A new information-stealing malware named 'Mystic Stealer,' has been promoted on hacking forums and darknet markets since April 2023, quickly gaining traction in the cybercrime community. [.]

Malware 118

Malware Cybercrime Marketing Hacking 118

Krebs on Security

MAY 28, 2020

The United Kingdom’s anti-cybercrime agency is running online ads aimed at young people who search the Web for services that enable computer crimes, specifically trojan horse programs and DDoS-for-hire services. law enforcement agents in connection with various cybercrime investigations. FLATTENING THE CURVE.

Cybercrime 243

Cybercrime DDOS Advertising Hacking 243

Security Affairs

NOVEMBER 22, 2022

Researchers warn of threat actors employing a new Go-based malware dubbed Aurora Stealer in attacks in the wild. Aurora Stealer is an info-stealing malware that was first advertised on Russian-speaking underground forums in April 2022. Aurora was offered as Malware-as-a-Service (MaaS) by a threat actor known as Cheshire.

Cybercrime 96

Cybercrime Malware Cryptocurrency Advertising 96

SecureWorld News

AUGUST 16, 2023

Having your personal information involved in some type of cybersecurity incident or data breach is never fun. But how would you feel if those same hackers that exposed your information suddenly had theirs exposed? Hudson Rock's research delved deep into the underbelly of the cyber world, focusing on the top 100 cybercrime forums.

Cybercrime 72

Cybercrime Passwords Data collection Data breaches 72

Malwarebytes

SEPTEMBER 15, 2023

The report follows the Internet Organized Crime Assessment (IOCTA), Europol’s assessment of the cybercrime landscape and how it has changed over the last 24 months. These groups work closely with other malware-as-a-service groups to compromise high-revenue targets and post huge ransom demands, running into millions of Euros.

Cybercrime 114

Cybercrime Ransomware DDOS Backups 114

Krebs on Security

MARCH 12, 2020

Recently, however, cybercrooks have started disseminating real-time, accurate information about global infection rates tied to the Coronavirus/COVID-19 pandemic in a bid to infect computers with malicious software. As long as this pandemic remains front-page news, malware purveyors will continue to use it as lures to snare the unwary.

Malware 364

Malware Passwords Cybercrime Software 364

Security Affairs

OCTOBER 22, 2023

Researchers linked Vietnamese threat actors to the string of DarkGate malware attacks on entities in the U.K., WithSecure researchers linked the recent attacks using the DarkGate malware to a Vietnamese cybercrime group previously known for the usage of Ducktail stealer. ” reads the report published by WithSecure.

Malware 110

Malware Cybercrime Hacking Information Security 110

Krebs on Security

MAY 18, 2020

Almost daily now there is news about flaws in commercial software that lead to computers getting hacked and seeded with malware. Here’s a look at one long-lived malware vulnerability testing service that is used and run by some of the Dark Web’s top cybercriminals. is cybercrime forum.

Malware 320

Malware Cybercrime Ransomware Marketing 320

SecureList

JUNE 28, 2023

Introduction Andariel, a part of the notorious Lazarus group, is known for its use of the DTrack malware and Maui ransomware in mid-2022. Their campaign introduced several new malware families, such as YamaBot and MagicRat, but also updated versions of NukeSped and, of course, DTrack.

Malware 141

Malware Cybercrime Phishing Ransomware 141

Krebs on Security

SEPTEMBER 13, 2023

In December 2022, KrebsOnSecurity broke the news that a cybercriminal using the handle “ USDoD ” had infiltrated the FBI ‘s vetted information sharing network InfraGard , and was selling the contact information for all 80,000 members. But on Sept. defense contractors. But on Sept. defense contractors.

Cybercrime 293

Cybercrime Passwords Authentication Malware 293

Krebs on Security

AUGUST 2, 2022

Compounding the problem, several remaining malware-based proxy services have chosen to block new registrations to avoid swamping their networks with a sudden influx of customers. com , a malware-based proxy network that has been in existence since at least 2010. Last week, a seven-year-old proxy service called 911[.]re

Malware 263

Malware Cybercrime Internet Internet 263

Security Affairs

AUGUST 20, 2022

TA558 cybercrime group is behind a malware campaign targeting hospitality, hotel, and travel organizations in Latin America. Researchers from Proofpoint are monitoring a malware campaign conducted by a cybercrime group, tracked as TA558, that is targeting hospitality, hotel, and travel organizations in Latin America.

Cybercrime 94

Cybercrime Malware Phishing Internet 94

Krebs on Security

NOVEMBER 16, 2022

A financial cybercrime group calling itself the Disneyland Team has been making liberal use of visually confusing phishing domains that spoof popular bank brands using Punycode , an Internet standard that allows web browsers to render domain names with non-Latin alphabets like Cyrillic. com — which was created to phish U.S.

Malware 279

Malware Banking Phishing DDOS 279

CyberSecurity Insiders

JUNE 26, 2023

AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. In recent months, a cybercrime group known as Blacktail has begun to make headlines as they continue to target organizations around the globe. The content of this post is solely the responsibility of the author.

Cybercrime 100

Cybercrime Social Engineering Ransomware Phishing 100

Security Affairs

APRIL 15, 2022

ZingoStealer is a new information-stealer developed by a threat actor known as Haskers Gang who released it for free after they attempted to sell the source code for $500. The cybercrime gang has been active since at least January 2020. SecurityAffairs – hacking, cybercrime). ” concludes the experts. Pierluigi Paganini.

Cybercrime 88

Cybercrime Malware Cryptocurrency Hacking 88

The Hacker News

OCTOBER 20, 2023

A new information stealer named ExelaStealer has become the latest entrant to an already crowded landscape filled with various off-the-shelf malware designed to capture sensitive data from compromised Windows systems.

Cybercrime 122

Cybercrime Malware 122

CyberSecurity Insiders

JANUARY 3, 2023

The use of “wiper” malware will proliferate, erasing data from government and critical infrastructure systems as well as mobile phones. Originally intended to help companies erase data from company devices – a security technology – wiper software has morphed into wiper malware.

Technology 135

Technology Cybercrime Artificial Intelligence Government 135

Krebs on Security

APRIL 18, 2023

For the past seven years, a malware-based proxy service known as “ Faceless ” has sold anonymity to countless cybercriminals. The proxy lookup page inside the malware-based anonymity service Faceless. MrMurza’s Faceless advertised on the Russian-language cybercrime forum ProCrd. Image: spur.us.

Malware 241

Malware Passwords Accountability Advertising 241

Security Affairs

OCTOBER 9, 2023

A threat actor has leaked the source code for the first version of the HelloKitty ransomware on a Russian-speaking cybercrime forum. The availability of the source in the cybercrime ecosystem can allow threat actors to develop their own version of the Hello Kitty ransomware.

Cybercrime 121

Cybercrime Ransomware DDOS Encryption 121

Security Affairs

APRIL 27, 2024

ThreatFabric researchers identified a new Android malware called Brokewell, which implements a wide range of device takeover capabilities. ThreatFabric researchers uncovered a new mobile malware named Brokewell, which is equipped with sophisticated device takeover features. ” reads the report published by ThreatFabric.

Malware 111

Malware Spyware Authentication Mobile 111

SecureWorld News

MARCH 29, 2024

Malvertising acts as a vessel for malware propagation. Scammers and malware operators are increasingly adept at mimicking popular brands in their ad snippets, which makes it problematic for the average user to tell the wheat from the chaff. A stepping stone to impactful cybercrime This tactic has tangible real-world implications.

Cybercrime 86

Cybercrime Advertising Engineering Antivirus 86

Security Affairs

NOVEMBER 27, 2021

HAEICHI-II: Interpol arrested 1,003 individuals charged for several cybercrimes, including romance scams, investment frauds, and online money laundering. The INTERPOL published more than 20 notices were published based on information relating to Operation HAECHI-II and identified 10 new fraudulent schemes. Pierluigi Paganini.

Cybercrime 112

Cybercrime Scams Banking Malware 112

Security Affairs

OCTOBER 16, 2023

Researchers uncovered an ongoing campaign abusing popular messaging platforms Skype and Teams to distribute the DarkGate malware. The threat actors abused popular messaging platforms such as Skype and Teams to deliver a script used as a loader for a second-stage payload, which was an AutoIT script containing the DarkGate malware.

Malware 109

Malware Cryptocurrency Accountability Cybercrime 109

CSO Magazine

APRIL 18, 2023

Security researchers warn of a new malware loader that's used as part of the infection chain for the Aurora information stealer. The Aurora infostealer is written in Go and is operated as a malware-as-a-service platform that's advertised on Russian-language cybercrime forums.

Malware 120

Malware Cryptocurrency Cybercrime Advertising 120

Identity IQ

MAY 15, 2023

Juice Jacking: The Latest Cyber Threat to Your Personal Information and Devices IdentityIQ Juice jacking, a new cybercrime trend, is targeting people who charge their phones or tablets at public charging stations. To execute juice jacking, cybercriminals install malware or other malicious software on a public charging station.

Cyber threats 98

Cyber threats Identity Theft Malware Insurance 98

Heimadal Security

NOVEMBER 23, 2022

Threat actors are increasingly using a new information stealer known as “Aurora”, written in the Go programming language to exfiltrate data directly from disks, load additional payloads and steal sensitive information from browsers and crypto apps.

Malware 92

Malware Cybercrime Cybersecurity 92

Security Affairs

APRIL 12, 2024

TA547 group is targeting dozens of German organizations with an information stealer called Rhadamanthys, Proofpoint warns. Proofpoint researchers observed a threat actor, tracked as TA547, targeting German organizations with an email campaign delivering the Rhadamanthys malware.

Malware 105

Malware Social Engineering Retail Engineering 105

The Hacker News

DECEMBER 26, 2022

The pay-per-install (PPI) malware downloader service known as PrivateLoader is being used to distribute a previously documented information-stealing malware dubbed RisePro. A C++-based malware,

Malware 91

Malware Cybercrime Marketing 91

Heimadal Security

OCTOBER 26, 2022

A recent federal indictment charges Mark Sokolovsky, a Ukrainian national, for partaking in the Raccoon Infostealer worldwide cybercrime operation, which corrupted millions of computers around the world with malware. Raccoon Stealer is a Trojan that steals information, deployed using the MaaS (malware-as-a-service) approach.

Malware 112

Malware Cybercrime Cybersecurity 112