2012, Cybercrime, Information Security and Malware

Hacker deposited $1M in a popular cybercrime marketplace to buy zero-day exploits

Security Affairs

JULY 8, 2021

Bitcoins on one of the cybercrime forums, he aims at purchasing zero-day exploits from other forum members. Bitcoins on one of the cybercrime forums with the intent to purchase zero-day Exploits from other forum members, researchers from threat intelligence firm Cyble. SecurityAffairs – hacking, cybercrime).

Cybercrime

Cybercrime Malware Hacking Information Security

Ukrainian national faces up to 20 years in prison for his role in Zeus, IcedID malware schemes

Security Affairs

FEBRUARY 17, 2024

Ukrainian national Vyacheslav Igorevich Penchukov has pleaded guilty to his key roles in the Zeus and IcedID malware operations. Vyacheslav Igorevich Penchukov was a leader of two prolific malware groups that infected thousands of computers with malicious software.

Malware

Malware Cybercrime Banking Hacking

Tank, the leader of the Zeus cybercrime gang, was arrested by the Swiss police

Security Affairs

NOVEMBER 17, 2022

A suspected leader of the Zeus cybercrime gang, Vyacheslav Igorevich Penchukov (aka Tank), was arrested by Swiss police. Swiss police last month arrested in Geneva Vyacheslav Igorevich Penchukov (40), also known as Tank, which is one of the leaders of the JabberZeus cybercrime group. Pierluigi Paganini.

Cybercrime

Cybercrime Banking Identity Theft Hacking

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Yevgeniy Nikulin, Russian hacker behind Dropbox and LinkedIn hacks found guilty

Security Affairs

JULY 11, 2020

The Russian hacker Yevgeniy Nikulin found guilty for LinkedIn, Dropbox, and Formspring data breach back in 2012 and the sale of their users’ data. A jury found Russian hacker Yevgeniy Nikulin guilty for the hack of LinkedIn, Dropbox, and Formspring back in 2012 and for the sale of the stolen data on cybercrime black marketplaces.

Hacking

Hacking Cybercrime Data breaches Advertising

Don’t trust links with known domains: BMW affected by redirect vulnerability

Security Affairs

JANUARY 3, 2024

They were used to access the internal workplace systems for BMW dealers and could have been useful to attackers for spear-phishing campaigns or malware distribution. SAP redirect vulnerability is a security issue that affects web application servers for SAP products (SAP NetWeaver Application Server Java).

Phishing

Phishing Manufacturing Firewall Cybercrime

Russian author of NeverQuest banking malware gets 4 Years in U.S. Prison

Security Affairs

NOVEMBER 22, 2019

The Russian hacker who created and used Neverquest banking malware has finally been sentenced to 4 years in prison by a US District Court. The Russian hacker was suspected of being the author of the Neverquest malware , aka Vawtrak malware, and the person who administrated the control infrastructure. Pierluigi Paganini.

Banking

Banking Malware Advertising Passwords

Law enforcement seized the website selling the NetWire RAT and arrested a Croatian man

Security Affairs

MARCH 10, 2023

The NetWire Remote Access Trojan (RAT) is available for sale on cybercrime forums since 2012, it allows operators to steal sensitive data from the infected systems. DomainTools further shows this email address was used to register one other domain in 2012: wwlabshosting[.]com, ” reads the press release published DoJ.

Malware

Malware Cybercrime Data breaches Internet

Pakistani man sentenced to 12 years of prison for his role in AT&T hacking scheme

Security Affairs

SEPTEMBER 19, 2021

Fahd was the mind behind a criminal scheme that begun in 2012 and that caused more than $200 million in losses to the company, according to DoJ, he continued his activity even after he became aware that law enforcement was investigating. SecurityAffairs – hacking, malware). ” reads the press release published by DoJ.

Hacking

Hacking Malware Cybercrime Information Security

Belarusian authorities seized XakFor, one of the largest Russian-speaking hacker sites

Security Affairs

SEPTEMBER 8, 2019

net), a popular hacking forum a place frequented by hackers, malware authors, scammers and cybercriminals. XakFor has been active since 2012, most of its visitors were Russian-speaking hackers and crooks. Not all the malware were authentic, some of them were cracked versions, while other s were backdoored. Pierluigi Paganini.

Advertising

Advertising Malware Cybercrime Hacking

Microsoft disrupted US-Based Infrastructure of the Necurs botnet

Security Affairs

MARCH 10, 2020

Necurs botnet is one of the largest spam botnet , it has been active since at least 2012 and was involved in massive campaigns spreading malware such as the Locky ransomware , the Scarab ransomware , and the Dridex banking Trojan. SecurityAffairs – malware, Necurs botnet). million spam messages to more than 40.6

Advertising

Advertising Malware Cybercrime Government

Lockbit ransomware gang claims to have breached the Italian Revenue Agency

Security Affairs

JULY 25, 2022

“From 1 December 2012 the Revenue Agency incorporated the Territory Agency (article 23-quater of Legislative Decree 95/2012).” The introduction of the bug bounty program made the headlines, it is the first ransomware gang asking cyber security experts to submit bugs in their malware to improve it.

Ransomware

Ransomware Government Scams Hacking

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

FBI spoofs 2012 – 2013. It surfaced in November 2012 and was making thousands of victims a day. Balaban This ransomware was doing the rounds over spam generated by the Gameover ZeuS botnet, which had been originally launched in 2011 as a toolkit for stealing victim’s banking credentials and was repurposed for malware propagation.

Ransomware

Ransomware Hacking Encryption Penetration Testing

A new Adwind variant involved in attacks on US petroleum industry

Security Affairs

OCTOBER 1, 2019

The malware is distributed via a malspam campaign, the spam messages come with malicious attachments or include URL to malicious content. Adwind is could infect all the major operating systems, including Windows, Mac, Linux, and Android, it is available in the cybercrime underground as a malware-as-a-service (MaaS) model.

Malware

Malware Advertising DDOS Cybercrime

Mirai V3G4 botnet exploits 13 flaws to target IoT devices

Security Affairs

FEBRUARY 16, 2023

Below is the list of vulnerabilities exploited by V3G4: CVE-2012-4869 : FreePBX Elastix Remote Command Execution Vulnerability Gitorious Remote Command Execution Vulnerability CVE-2014-9727 : FRITZ!Box Upon execution, the bot prints xXxSlicexXxxVEGA. to the console. If a botnet process already exists, the botnet client will and exit.

IoT

IoT DDOS Encryption Malware

Security Affairs newsletter Round 355

Security Affairs

FEBRUARY 28, 2022

Researchers shared technical details of NSA Equation Group’s Bvp47 backdoor Sophos linked Entropy ransomware to Dridex malware. Are both linked to Evil Corp? worth of NFTs from tens of OpenSea users Trickbot operation is now controlled by Conti ransomware.

Ransomware

Ransomware Malware Encryption Phishing

New Version of Meduza Stealer Released in Dark Web

Security Affairs

DECEMBER 29, 2023

Presently, Meduza password stealer supports Windows Server 2012/2016/2019/2022 and Windows 10/11. Atom, Comodo Dragon, Torch, Comodo, Slimjet, 360Browser, 360 Secure Browser, Maxthon3, Maxthon5, Maxthon, QQBrowser, K-Meleon, Xpom, Lenovo Browser, Xvast, Go!

Password Management

Password Management Cryptocurrency Passwords Authentication

New Cyber Attack Campaign Leverages the COVID-19 Infodemic

Security Affairs

FEBRUARY 26, 2020

Researchers from Cybaze Yoroi ZLab have spotted a new campaign exploiting the interest in coronavirus (COVID-19) evolution to spread malware. It is not new for cyber-crooks to exploit social phenomena to spread malware in order to maximize the impact and dissemination of a malicious campaign. Introduction. Technical Analysis.

Cyber Attacks

Cyber Attacks Malware Social Engineering Advertising

Google provides rules to detect tens of cracked versions of Cobalt Strike

Security Affairs

NOVEMBER 21, 2022

The experts were able to locate versions of the Cobalt Strike JAR file starting with version 1.44 (which was released in 2012) up to the latest version at the time of publishing the analysis, Cobalt Strike 4.7. The researchers noticed that each Cobalt Strike version contains approximately 10 to 100 attack template binaries.

Penetration Testing

Penetration Testing Hacking Cybersecurity Cybercrime

US CISA appointed Kiersten Todt as new chief of staff

Security Affairs

SEPTEMBER 14, 2021

Between 2012 and 2016 she served as president and managing partner at cyber consulting firm Liberty Group Ventures. .” reads CISA’s announcement. Todt has been directing the Cyber Readiness Institute (CRI), a non-profit focused on developing cybersecurity tools for small businesses.

Small Business

Small Business Government Cybersecurity Hacking

Growing Cyber Threats to the Energy and Industrial Sectors

NopSec

DECEMBER 7, 2016

Remember Shamoon, the malware that disabled some 35,000 computers at one of the world’s largest oil companies in 2012? When the malware hit Saudi Aramco four years ago, it propelled the company into a technological dark age, forcing the company to rely on typewriters and faxes while it recovered.

Cyber threats

Cyber threats Cyber Attacks Ransomware Manufacturing

A study on malicious plugins in WordPress Marketplaces

Security Affairs

AUGUST 30, 2022

The experts studied the evolution of CMS plugins in the production web servers dating back to 2012, to do this they developed an automated framework named YODA to detect malicious plugins. Post-deployment attacks infected $834K worth of previously benign plugins with malware.” Among these, $41.5K ” reads the research paper.

Backups

Backups Malware Technology Hacking

DeathStalker cyber-mercenary group targets the financial sector

Security Affairs

AUGUST 26, 2020

A hack-for-hire group, tracked as DeathStalker, has been targeting organizations in the financial sector since 2012 Kaspersky researchers say. DeathStalker is a hack-for-hire group discovered by Kaspersky, it has been targeting organizations worldwide, mainly law firms and financial entities, since 2012. ” continues the report.

Malware

Malware Hacking Advertising Cybercrime

Cyber Security Informer

Hacker deposited $1M in a popular cybercrime marketplace to buy zero-day exploits

Ukrainian national faces up to 20 years in prison for his role in Zeus, IcedID malware schemes

Webinars

Trending Sources

Tank, the leader of the Zeus cybercrime gang, was arrested by the Swiss police

Webinars

Yevgeniy Nikulin, Russian hacker behind Dropbox and LinkedIn hacks found guilty

Don’t trust links with known domains: BMW affected by redirect vulnerability

Russian author of NeverQuest banking malware gets 4 Years in U.S. Prison

Law enforcement seized the website selling the NetWire RAT and arrested a Croatian man

Pakistani man sentenced to 12 years of prison for his role in AT&T hacking scheme

Belarusian authorities seized XakFor, one of the largest Russian-speaking hacker sites

Microsoft disrupted US-Based Infrastructure of the Necurs botnet

Lockbit ransomware gang claims to have breached the Italian Revenue Agency

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

A new Adwind variant involved in attacks on US petroleum industry

Mirai V3G4 botnet exploits 13 flaws to target IoT devices

Security Affairs newsletter Round 355

New Version of Meduza Stealer Released in Dark Web

New Cyber Attack Campaign Leverages the COVID-19 Infodemic

Google provides rules to detect tens of cracked versions of Cobalt Strike

US CISA appointed Kiersten Todt as new chief of staff

Growing Cyber Threats to the Energy and Industrial Sectors

A study on malicious plugins in WordPress Marketplaces

DeathStalker cyber-mercenary group targets the financial sector

Stay Connected