2007, Cryptocurrency, Hacking and Malware

U.S. Hacks QakBot, Quietly Removes Botnet Infections

Krebs on Security

AUGUST 29, 2023

government today announced a coordinated crackdown against QakBot , a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. Emerging in 2007 as a banking trojan, QakBot (a.k.a. Qakbot/Qbot was once again the top malware loader observed in the wild in the first six months of 2023.

Hacking

Hacking Malware Ransomware Government

Lazarus APT continues to target cryptocurrency businesses with Mac malware

Security Affairs

MARCH 28, 2019

The activity of the Lazarus Group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks and experts that investigated on the crew consider it highly sophisticated. The group is considered responsible for the massive WannaCry ransomware attack, a string of SWIFT attacks in 2016, and the Sony Pictures hack.

Cryptocurrency

Cryptocurrency Malware Advertising Antivirus

US officials charge two Chinese men for laundering cryptocurrency for North Korea

Security Affairs

MARCH 3, 2020

The Department of Justice has charged the two Chinese nationals for laundering cryptocurrency for North Korea-linked APT groups. for helping North Korea-linked hackers in laundering cryptocurrency. The cryptocurrency have been stolen by the APT groups from two cryptocurrency exchanges. and Li Jiadong (???),

Cryptocurrency

Cryptocurrency Banking Hacking Accountability

Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack

Krebs on Security

SEPTEMBER 17, 2020

Justice Department this week indicted seven Chinese nationals for a decade-long hacking spree that targeted more than 100 high-tech and online gaming companies. The government alleges the men used malware-laced phishing emails and “supply chain” attacks to steal data from companies and their customers. Image: FBI.

Antivirus

Antivirus Hacking Government Software

Lazarus malware delivered to South Korean users via supply chain attacks

Security Affairs

NOVEMBER 16, 2020

The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems.

Malware

Malware Software Cryptocurrency Financial Services

North Korea-linked Lazarus APT targets the COVID-19 research

Security Affairs

DECEMBER 25, 2020

The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems.

Cryptocurrency

Cryptocurrency Malware Hacking Phishing

North Korea-linked Lazarus APT targets defense industry with ThreatNeedle backdoor

Security Affairs

FEBRUARY 25, 2021

. “Once the malicious document is opened, the malware is dropped and proceeds to the next stage of the deployment process. The ThreatNeedle malware used in this campaign belongs to a malware family known as Manuscrypt, which belongs to the Lazarus group and has previously been seen attacking cryptocurrency businesses.”

Malware

Malware Cryptocurrency Password Management Encryption

Financially motivated Earth Lusca threat actors targets organizations worldwide

Security Affairs

JANUARY 18, 2022

According to the security firm, the group is financially motivated, its cyberespionage campaign hit high value targets such as government and educational institutions, religious movements, pro-democracy and human rights organisations in Hong Kong, Covid-19 research organisations, gambling and cryptocurrency companies, and the media.

Cryptocurrency

Cryptocurrency Social Engineering Media Phishing

Vietnam-linked Bismuth APT leverages coin miners to stay under the radar

Security Affairs

DECEMBER 1, 2020

Microsoft warns of Vietnam-linked Bismuth group that is deploying cryptocurrency miner while continues its cyberespionage campaigns. Researchers from Microsoft reported that the Vietnam-linked Bismuth group, aka OceanLotus , Cobalt Kitty , or APT32 , is deploying cryptocurrency miners while continues its cyberespionage campaigns.

Cryptocurrency

Cryptocurrency Antivirus Manufacturing Government

The US Treasury placed sanctions on North Korea linked APT Groups

Security Affairs

SEPTEMBER 13, 2019

The US Treasury placed sanctions on three North Korea-linked hacking groups, the Lazarus Group, Bluenoroff, and Andarial. The US Treasury sanctions on three North Korea-linked hacking groups, the Lazarus Group , Bluenoroff , and Andarial. SecurityAffairs – North Korea, hacking). ” continues the US Treasury. .

Cyber Attacks

Cyber Attacks Cryptocurrency Hacking Banking

Romanian duo convicted of fraud Scheme infecting 400,000 computers

Security Affairs

APRIL 14, 2019

The malware was developed to steal credentials, financial data, personal information, then the crooks offered them on the dark web marketplaces. The crooks used malicious emails purporting to be legitimate from such entities as Western Union, Norton AntiVirus and the IRS to spread the malware. Gaughan in the Northern District of Ohio.

Cryptocurrency

Cryptocurrency Identity Theft Advertising Accountability

North Korean Lazarus APT stole credit card data from US and EU stores

Security Affairs

JULY 6, 2020

In the past, the APT targeted banks and cryptocurrency exchanges , according to the experts the overall operations allowed the group to earn $2 billion. “Sansec has found proof of global skimming activity that has multiple, independent links to previously documented, North Korea attributed hacking operations. Pierluigi Paganini.

Retail

Retail Advertising Malware Cryptocurrency

FBI/DHS MAR report details HOPLIGHT Trojan used by Hidden Cobra APT

Security Affairs

APRIL 11, 2019

The activity of the Lazarus Group (aka BlueNoroff and Hidden Cobra ) surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks and experts that investigated on the crew consider it highly sophisticated. Seven of these files are proxy applications that mask traffic between the malware and the remote operators.

Malware

Malware Advertising Cryptocurrency Passwords

North Korea-linked Lazarus APT hides malicious code within BMP image to avoid detection

Security Affairs

APRIL 20, 2021

The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems.

Phishing

Phishing Hacking Cryptocurrency Malware

Experts link attack on Chilean interbank network Redbanc NK Lazarus APT

Security Affairs

JANUARY 16, 2019

The activity of the Lazarus Group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks and experts that investigated on the crew consider it highly sophisticated. The group is considered responsible for the massive WannaCry ransomware attack, a string of SWIFT attacks in 2016, and the Sony Pictures hack.

Malware

Malware Banking Media Advertising

North Korea-linked APT group BeagleBoyz targets banks

Security Affairs

AUGUST 29, 2020

The BeagleBoyz APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems.

Banking

Banking Malware Advertising Hacking

North Korea-linked Lazarus APT uses first Mac malware in cryptocurrency exchange attack

Security Affairs

AUGUST 24, 2018

North Korea-linked Lazarus APT group leveraged for the first time on a MacOS variant of the Fallchill malware in a cryptocurrency exchange attack. According to Kaspersky, the North Korea-linked Lazarus group used a macOS malware to target a cryptocurrency exchange in a recent attack.

Cryptocurrency

Cryptocurrency Malware Advertising Software

APT trends report Q1 2024

SecureList

MAY 9, 2024

Careto is a highly sophisticated threat actor that has been seen targeting various high-profile organizations since at least 2007. Our private report provided a detailed description of these activities, focusing on how the actor performed the initial infections, lateral movement, malware execution, and data exfiltration activities.

Malware

Malware Government DDOS Cryptocurrency

Cyber Security Informer

U.S. Hacks QakBot, Quietly Removes Botnet Infections

Lazarus APT continues to target cryptocurrency businesses with Mac malware

Trending Sources

US officials charge two Chinese men for laundering cryptocurrency for North Korea

Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack

Lazarus malware delivered to South Korean users via supply chain attacks

North Korea-linked Lazarus APT targets the COVID-19 research

North Korea-linked Lazarus APT targets defense industry with ThreatNeedle backdoor

Financially motivated Earth Lusca threat actors targets organizations worldwide

Vietnam-linked Bismuth APT leverages coin miners to stay under the radar

The US Treasury placed sanctions on North Korea linked APT Groups

Romanian duo convicted of fraud Scheme infecting 400,000 computers

North Korean Lazarus APT stole credit card data from US and EU stores

FBI/DHS MAR report details HOPLIGHT Trojan used by Hidden Cobra APT

North Korea-linked Lazarus APT hides malicious code within BMP image to avoid detection

Experts link attack on Chilean interbank network Redbanc NK Lazarus APT

North Korea-linked APT group BeagleBoyz targets banks

North Korea-linked Lazarus APT uses first Mac malware in cryptocurrency exchange attack

APT trends report Q1 2024

Stay Connected