2007, Cryptocurrency, Malware and Phishing

U.S. Hacks QakBot, Quietly Removes Botnet Infections

Krebs on Security

AUGUST 29, 2023

government today announced a coordinated crackdown against QakBot , a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. Emerging in 2007 as a banking trojan, QakBot (a.k.a. Qakbot/Qbot was once again the top malware loader observed in the wild in the first six months of 2023.

Hacking

Hacking Malware Ransomware Government

Lazarus malware delivered to South Korean users via supply chain attacks

Security Affairs

NOVEMBER 16, 2020

The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems.

Malware

Malware Software Cryptocurrency Financial Services

Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack

Krebs on Security

SEPTEMBER 17, 2020

The government alleges the men used malware-laced phishing emails and “supply chain” attacks to steal data from companies and their customers. APT41 was known to hide its malware inside fake resumes that were sent to targets. APT41 was known to hide its malware inside fake resumes that were sent to targets.

Antivirus

Antivirus Hacking Government Software

North Korea-linked Lazarus APT targets the COVID-19 research

Security Affairs

DECEMBER 25, 2020

The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems.

Cryptocurrency

Cryptocurrency Malware Hacking Phishing

Financially motivated Earth Lusca threat actors targets organizations worldwide

Security Affairs

JANUARY 18, 2022

Trend Micro researchers spotted an elusive threat actor, called Earth Lusca, that targets organizations worldwide via spear-phishing and watering hole attacks. . The Winnti group was first spotted by Kaspersky in 2013, but according to the researchers the gang has been active since 2007. Both clusters served as a C&C server.

Cryptocurrency

Cryptocurrency Social Engineering Media Phishing

The Scammers’ Playbook: How Cybercriminals Get Ahold of Your Data

eSecurity Planet

SEPTEMBER 14, 2022

As a matter of fact, the most-reported crime in the 2021 Internet Crime Report report was phishing , a social engineering scam wherein the victim receives a deceptive message from someone in an attempt to get the victim to reveal personal information or account credentials or to trick them into downloading malware. since Q3 of 2007.

Social Engineering

Social Engineering Energy and Utilities Phishing Scams

North Korea-linked Lazarus APT targets defense industry with ThreatNeedle backdoor

Security Affairs

FEBRUARY 25, 2021

The attack chain starts with COVID19-themed spear-phishing messages that contain either a malicious Word attachment or a link to one hosted on company servers. . “Once the malicious document is opened, the malware is dropped and proceeds to the next stage of the deployment process.

Malware

Malware Cryptocurrency Password Management Encryption

Vietnam-linked Bismuth APT leverages coin miners to stay under the radar

Security Affairs

DECEMBER 1, 2020

Microsoft warns of Vietnam-linked Bismuth group that is deploying cryptocurrency miner while continues its cyberespionage campaigns. Researchers from Microsoft reported that the Vietnam-linked Bismuth group, aka OceanLotus , Cobalt Kitty , or APT32 , is deploying cryptocurrency miners while continues its cyberespionage campaigns.

Cryptocurrency

Cryptocurrency Antivirus Manufacturing Government

North Korean Lazarus APT stole credit card data from US and EU stores

Security Affairs

JULY 6, 2020

In the past, the APT targeted banks and cryptocurrency exchanges , according to the experts the overall operations allowed the group to earn $2 billion. Researchers were investigating e-skimming attacks when noticed that the malicious code was loaded from domains that were involved in spear-phishing campaign attributed to the Lazarus APT.

Retail

Retail Advertising Malware Cryptocurrency

North Korea-linked Lazarus APT hides malicious code within BMP image to avoid detection

Security Affairs

APRIL 20, 2021

BMP) image files in a recent spear-phishing campaign targeting entities in South Korea. . Experts from Malwarebytes have uncovered a spear-phishing attack conducted by a North Korea-linked Lazarus APT group that obfuscated a malicious code within a bitmap (.BMP) North Korea-linked Lazarus APT group is abusing bitmap (.BMP)

Phishing

Phishing Hacking Cryptocurrency Malware

APT trends report Q1 2024

SecureList

MAY 9, 2024

Careto is a highly sophisticated threat actor that has been seen targeting various high-profile organizations since at least 2007. Our private report provided a detailed description of these activities, focusing on how the actor performed the initial infections, lateral movement, malware execution, and data exfiltration activities.

Malware

Malware Government DDOS Cryptocurrency

Cyber Security Informer

U.S. Hacks QakBot, Quietly Removes Botnet Infections

Lazarus malware delivered to South Korean users via supply chain attacks

Trending Sources

Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack

North Korea-linked Lazarus APT targets the COVID-19 research

Financially motivated Earth Lusca threat actors targets organizations worldwide

The Scammers’ Playbook: How Cybercriminals Get Ahold of Your Data

North Korea-linked Lazarus APT targets defense industry with ThreatNeedle backdoor

Vietnam-linked Bismuth APT leverages coin miners to stay under the radar

North Korean Lazarus APT stole credit card data from US and EU stores

North Korea-linked Lazarus APT hides malicious code within BMP image to avoid detection

APT trends report Q1 2024

Stay Connected