Security Affairs

FEBRUARY 23, 2022

The code of the recently-emerged Entropy ransomware has similarities with the one of the infamous Dridex malware. The recently-emerged Entropy ransomware has code similarities with the popular Dridex malware. The post Sophos linked Entropy ransomware to Dridex malware. ” reads a report published by Sophos. .

Ransomware 115

Ransomware Malware Cybercrime Banking 115

Security Affairs

OCTOBER 21, 2021

Evil Corp cybercrime gang is using a new ransomware called Macaw Locker to evade US sanctions that prevent victims from paying the ransom. The malware drops ransom notes ( macaw_recover.txt ) in each folder, the ransom note includes the link to a unique victim negotiation page. macaw extension to the file name of the encrypted files.

Ransomware 143

Ransomware Cybercrime Banking Encryption 143

SecureList

JUNE 26, 2023

We then ran these software names against Kaspersky Security Network (KSN)* telemetry to find out how much malware and unwanted software was distributed under the guise of these applications. They can run other malware on the system, elevate the attackers’ privileges, cause the target application to crash and so on.

Cybercrime 121

Cybercrime Phishing Banking Malware 121

Security Affairs

OCTOBER 27, 2021

The Evil Corp cybercrime group (aka the Dridex gang Indrik Spider , the Dridex gang, and TA505 ) has been active in cybercrime activities since 2007. Evil Corp has recently launched a new ransomware called Macaw Locker to evade US sanctions that prevent victims from making ransom payments.

Ransomware 141

Ransomware Banking Cybercrime Hacking 141

Threatpost

DECEMBER 9, 2019

Since 2007, the two allegedly operated a cybercrime ring called "Bayrob Group.".

Cybercrime 57

Cybercrime Malware Government Hacking 57

Security Affairs

APRIL 14, 2019

The malware was developed to steal credentials, financial data, personal information, then the crooks offered them on the dark web marketplaces. The crooks used malicious emails purporting to be legitimate from such entities as Western Union, Norton AntiVirus and the IRS to spread the malware. Gaughan in the Northern District of Ohio.

Cryptocurrency 111

Cryptocurrency Identity Theft Advertising Accountability 111

Security Affairs

OCTOBER 24, 2020

Researchers from the NCC Group’s report and later Symantec confirmed that malware was developed by the Russian cybercrime crew known as Evil Corp , which was behind the Dridex Trojan , and multiple ransomware like Locky , Bart, Jaff , and BitPaymer. This group has been active since at least 2007, in December 2019, the U.S.

Ransomware 126

Ransomware Telecommunications Banking Advertising 126

Security Affairs

NOVEMBER 3, 2020

“As reflected in court documents, from 2007 through 2019, Brovko worked closely with other cybercriminals to monetize vast troves of data that had been stolen by “botnets,” or networks of infected computers. Brovko was involved in the illegal practice between 2007 and 2019. ” reads the press release published by the DoJ.

Accountability 124

Accountability Banking Advertising Data collection 124

CyberSecurity Insiders

NOVEMBER 8, 2022

BitDefender Mobile Security feature assists customers in protecting against malware spread and phishing scams. NOTE 1- Sold with the name as SOFTWIN between 1996 to 2001, the software company was renamed as Bitdefender in the year 2007.

Mobile 101

Mobile Antivirus VPN IoT 101

Quick Heal Antivirus

NOVEMBER 11, 2022

QBot, also known as Qakbot, QuackBot, and Pinkslipbot, is a Banking Trojan that was first observed in 2007. The post QBOT – A HTML Smuggling technique to target victims appeared first on Quick Heal Blog | Latest computer security news, tips, and advice.

Banking 111

Banking Phishing Cybercrime Ransomware 111

Security Affairs

DECEMBER 1, 2020

The experts warn that nation-state actors are adopting TTPs associated with cybercrime gangs to make it hard the attack attribution. ” According to Microsoft, the APT group started using the crypto-mining malware to trick the defense staff of the targets into believing their attacks are not highly targeted intrusions. .

Cryptocurrency 138

Cryptocurrency Antivirus Manufacturing Government 138

Security Affairs

OCTOBER 21, 2022

A new variant of the popular Ursnif malware is used as a backdoor to deliver next-stage payloads and steal sensitive data. Mandiant researchers warn of a significant shift from Ursnif ‘s original purpose, the malware initially used in banking frauds is now used to deliver next-stage payloads and steal sensitive data.

Banking 98

Banking Malware Hacking Ransomware 98

Security Affairs

AUGUST 6, 2023

.” Once the investigation will be completed, CDHE will notify impacted by mail or email. CDHE provides free access to the identify theft monitoring Experian IdentityWorks SM for 24 months. At the time of this writing, no ransomware group has claimed responsibility for the security breach.

Education 98

Education Data breaches Ransomware Hacking 98

Security Affairs

JULY 20, 2023

The APT41 group, aka Winnti , Axiom, Barium , Blackfly, HOODOO) is a China-linked cyberespionage group that has been active since at least 2007. Both malware relies on modules that are downloaded after the apps are installed to exfiltrate data from the infected devices. government. ” reads the report published by Lookout.

Spyware 98

Spyware Surveillance Mobile Malware 98

SecureList

NOVEMBER 26, 2021

The PyInstaller module for Windows contains a script named “Guard” Interestingly, this malware was developed for both Windows and macOS operating systems. The malware tries to spread to other hosts on the network by infecting USB drives. After this, they were tricked into downloading previously unknown malware.

Malware 134

Malware Banking Energy and Utilities Accountability 134

eSecurity Planet

SEPTEMBER 14, 2022

Cybercrime is a growth industry like no other. since Q3 of 2007. Malware like SharkBot can record your keystrokes and browser cookies to steal logins, ransomware can block access to data until victims pay the hackers their requested fee, hijack Internet browsers, and so much more. billion in reported losses. Business targets.

Social Engineering 120

Social Engineering Energy and Utilities Phishing Internet 120

Malwarebytes

OCTOBER 24, 2022

Threat hunting is all about nipping stealthy attackers (and malware) in the bud. Hiep has been threat hunting for a while—since 2007, in fact. That includes SOC work, forensics, malware analysis, and more, each of which Hiep feels has over the years given him a leg-up in the world of threat hunting. More MDR resources.

Cyber threats 89

Cyber threats Cybersecurity Antivirus Technology 89

Krebs on Security

APRIL 2, 2019

Canadian police last week raided the residence of a Toronto software developer behind “ Orcus RAT ,” a product that’s been marketed on underground forums and used in countless malware attacks since its creation in 2015. An advertisement for Orcus RAT. According to Rezvesz himself, he is no stranger to the Canadian legal system.

Advertising 267

Advertising Malware Software Marketing 267

Malwarebytes

JULY 21, 2021

In the context of cybercrime though, ZeuS (aka the Zbot Trojan) is a once-prolific malware that could easily be described as one of a handful of information stealers ahead of its time. Collectively, this malware and its variants infected millions of systems and stole billions of dollars worldwide. Is ZeuS dead?

Banking 133

Banking Malware Encryption Ransomware 133

ForAllSecure

JULY 6, 2022

Mikko Hypponen joins The Hacker Mind to discuss cybercrime unicorns, the fog of cyber war that surrounds the Ukrainian war with its much larger neighbor, and of course Mikko’s new book, If it’s Smart, it’s Vulnerable. Hypponen: Alright, original sea change for monetizing malware was 2003.

Cybercrime 40

Cybercrime Government Ransomware Hacking 40

Security Affairs

FEBRUARY 18, 2025

Threat actors targeted Japanese companies in the manufacturing, materials, and energy sectors and used an enhanced version of “Winnti malware.” ” The APT group was first spotted by Kaspersky in 2013, but according to the researchers,the gang has been active since 2007. ” reads the report.

Malware 126

Malware Manufacturing Engineering Encryption 126