2014, Cryptocurrency and Ransomware - Cyber Security Informer

U.S. Offered $10M for Hacker Just Arrested by Russia

Krebs on Security

DECEMBER 4, 2024

In January 2022, KrebsOnSecurity identified a Russian man named Mikhail Matveev as “ Wazawaka ,” a cybercriminal who was deeply involved in the formation and operation of multiple ransomware groups. government indicted Matveev as a top ransomware purveyor a year later, offering $10 million for information leading to his arrest.

Cybercrime

Cybercrime Ransomware Cryptocurrency Government

An Interview With the Target & Home Depot Hacker

Krebs on Security

NOVEMBER 14, 2024

In December 2023, KrebsOnSecurity revealed the real-life identity of Rescator , the nickname used by a Russian cybercriminal who sold more than 100 million payment cards stolen from Target and Home Depot between 2013 and 2014. Shefel claims his Sugar ransomware affiliate program was a bust, and never generated any profits.

Advertising

Advertising Retail Cryptocurrency Cybercrime

Hackers Exploit Zoom's Remote Control Feature in Cryptocurrency Heists

SecureWorld News

APRIL 22, 2025

A sophisticated cybercrime campaign, dubbed Elusive Comet , has been uncovered, in which North Korean threat actors are exploiting Zoom's remote control feature to infiltrate the systems of cryptocurrency professionals. The research behind the discovery was released by Security Alliance , which tracked and analyzed the campaign.

Cryptocurrency

Cryptocurrency Social Engineering Cybercrime Engineering

U.S. Indicts North Korean Hackers in Theft of $200 Million

Krebs on Security

FEBRUARY 17, 2021

Secret Service and Department of Homeland Security told reporters on Wednesday the trio’s activities involved extortion, phishing, direct attacks on financial institutions and ATM networks, as well as malicious applications that masqueraded as software tools to help people manage their cryptocurrency holdings.

Cryptocurrency

Cryptocurrency Financial Services Banking Government

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

Krebs on Security

SEPTEMBER 26, 2024

The government also indicted and sanctioned a top Russian cybercriminal known as Taleon , whose cryptocurrency exchange Cryptex has evolved into one of Russia’s most active money laundering networks. A 2016 screen shot of the Joker’s Stash homepage. The links have been redacted. A screenshot of a website reviewing PM2BTC.

Cryptocurrency

Cryptocurrency Cybercrime Government Retail

Will cryptocurrency mining soon saturate AWS, Microsoft Azure and Google Cloud?

The Last Watchdog

JUNE 20, 2018

Cryptojacking, as defined by the Federal Trade Commission , is the use of JavaScript code to capture cryptocurrencies in users’ browsers without asking permission. Related: Why cryptojacking is more insidious than ransomware. LW: So cryptocurrency got discovered as the ideal payment vehicle for ransomware.

Cryptocurrency

Cryptocurrency Ransomware Passwords Malware

Sodinokibi Ransomware crew chooses Monero for ransom payments

Security Affairs

APRIL 13, 2020

The crew behind the Sodinokibi Ransomware plans to stop accepting Bitcoin and switched on Monero cryptocurrency to hide the money trail. The gang behind the Sodinokibi Ransomware has started accepting the Monero cryptocurrency instead of Bitcoin to make it harder investigation by law enforcement agencies.

Ransomware

Ransomware Cryptocurrency Advertising Hacking

US officials charge two Chinese men for laundering cryptocurrency for North Korea

Security Affairs

MARCH 3, 2020

The Department of Justice has charged the two Chinese nationals for laundering cryptocurrency for North Korea-linked APT groups. for helping North Korea-linked hackers in laundering cryptocurrency. The cryptocurrency have been stolen by the APT groups from two cryptocurrency exchanges. and Li Jiadong (???),

Cryptocurrency

Cryptocurrency Banking Hacking Accountability

New XBash malware combines features from ransomware, cryptocurrency miners, botnets, and worms

Security Affairs

SEPTEMBER 17, 2018

Palo Alto Network researchers discovered a new malware, tracked as XBash, that combines features from ransomware, cryptocurrency miners, botnets, and worms. The malicious code combines features from different families of malware such as ransomware, cryptocurrency miners, botnets, and worms. ” continues the report.

Cryptocurrency

Cryptocurrency Malware Ransomware Cybercrime

The G7 expresses its concern over ransomware attacks

Security Affairs

OCTOBER 14, 2020

G7 Finance ministers expressed concern on Tuesday over the rise in ransomware attacks during the Covid-19 pandemic, including some involving cryptocurrencies. G7 Finance ministers warn of ransomware attacks that have been growing in scale, sophistication, and frequency over the past two years. ” continues the statement.

Ransomware

Ransomware Cryptocurrency Financial Services Banking

Attackers use a new CoronaVirus Ransomware to cover Kpot Infostealer infections

Security Affairs

MARCH 17, 2020

Coronavirus -themed attacks continue to increase, experts observed new Coronavirus ransomware that acts as a cover for Kpot Infostealer. In this campaign, crooks are exploiting the interest in the Coronavirus (COVID-19) outbreak to deliver a couple of malware, the CoronaVirus Ransomware and the Kpot information-stealing Trojan.

Ransomware

Ransomware Cryptocurrency Advertising Malware

Actions Target Russian Govt. Botnet, Hydra Dark Market

Krebs on Security

APRIL 7, 2022

and Germany moved to decapitate “ Hydra ,” a billion-dollar Russian darknet drug bazaar that also helped to launder the profits of multiple Russian ransomware groups. ” In Dragonfly’s second iteration between 2014 and 2017, the hacking group spear-phished more than 3,300 people at more than 500 U.S.

Marketing

Marketing Energy and Utilities Malware Ransomware

REvil Ransomware member win the auction for KPot stealer source code

Security Affairs

NOVEMBER 4, 2020

The source code for the KPot information stealer was put up for auction and the REvil ransomware operators want to acquire it. The authors of KPot information stealer have put its source code up for auction , and the REvil ransomware operators will likely be the only group to bid. KPOT source code up for sale! Pierluigi Paganini.

Ransomware

Ransomware Malware Advertising Cybercrime

Lazarus APT continues to target cryptocurrency businesses with Mac malware

Security Affairs

MARCH 28, 2019

The activity of the Lazarus Group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks and experts that investigated on the crew consider it highly sophisticated. The group is considered responsible for the massive WannaCry ransomware attack, a string of SWIFT attacks in 2016, and the Sony Pictures hack.

Cryptocurrency

Cryptocurrency Malware Advertising Antivirus

Happy 13th Birthday, KrebsOnSecurity!

Krebs on Security

DECEMBER 29, 2022

You just knew 2022 was going to be The Year of Crypto Grift when two of the world’s most popular antivirus makers — Norton and Avira — kicked things off by installing cryptocurrency mining programs on customer computers. Penchukov was arrested after leaving Ukraine to meet up with his wife in Switzerland.

Cryptocurrency

Cryptocurrency Cybercrime Computers and Electronics Scams

Black Kingdom ransomware operators exploit Pulse VPN flaws

Security Affairs

JUNE 15, 2020

Black Kingdom ransomware operators are targeting organizations using unpatched Pulse Secure VPN software to deploy their malware. Black Kingdom ransomware was first spotted in late February by security researcher GrujaRS. Black Kingdom ransomware was first spotted in late February by security researcher GrujaRS.

VPN

VPN Ransomware Advertising Encryption

SentinelOne released free decryptor for ThiefQuest ransomware

Security Affairs

JULY 8, 2020

Good news for the victims of the ThiefQuest (EvilQuest) ransomware, they can recover their encrypted files for free. The victims of the ThiefQuest (EvilQuest) ransomware victims can recover their encrypted files without needing to pay the ransom due to the availability of a free decryptor. macOS ransomware #decryptor ( #EvilQuest )! |

Ransomware

Ransomware Encryption Malware InfoSec

Sodinokibi ransomware gang launches auction site to sell stolen data

Security Affairs

JUNE 3, 2020

REvil /Sodinokibi ransomware operators launch an auction site to sell data stolen from victims that have chosen to not pay the ransom. The Sodinokibi ransomware operators have launched an eBay-like auction site for stolen data where they plan to sell data stolen from the victims. SecurityAffairs – ransomware, cybersecurity).

Ransomware

Ransomware Advertising Cryptocurrency Malware

Security Affairs newsletter Round 501 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

DECEMBER 8, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. warn of PRC-linked cyber espionage targeting telecom networks U.S.

Artificial Intelligence

Artificial Intelligence Spyware Hacking Ransomware

SeaChange video delivery software solutions provider hit by Sodinokibi ransomware

Security Affairs

APRIL 24, 2020

The popular SeaChange video platform is the latest victim of the Sodinokibi Ransomware gang, which is threatening to leak the stolen data. SeaChange International, the multinational supplier of video delivery software solutions, was the victim of the Sodinokibi Ransomware gang. SecurityAffairs – Sodinokibi Ransomware, hacking).

Software

Software Ransomware VPN Advertising

IT threat evolution in Q3 2024. Non-mobile statistics

SecureList

NOVEMBER 29, 2024

More than 90,000 users experienced ransomware attacks. Nearly 18% of all victims published on ransomware gangs’ data leak sites (DLSs) had been hit by RansomHub. According to the UK’s National Crime Agency (NCA), this individual also was behind the infamous Reveton ransomware Trojan spread in 2012 — 2014.

Mobile

Mobile Adware Ransomware Malware

STOP ransomware encrypts files and steals victim’s data

Security Affairs

MARCH 11, 2019

Experts observed the STOP ransomware installing the Azorult password-stealing Trojan to steal account credentials, cryptocurrency wallets, and more. The STOP ransomware made the headlines because it is installing password-stealing Trojans on the victims’ machines. ” reads a blog post published by Bleepingcomputer.

Encryption

Encryption Ransomware Cryptocurrency Passwords

Sodinokibi gang hacked law firm of the celebrities and threatens to release the docs

Security Affairs

MAY 9, 2020

The Sodinokibi ransomware gang stolen gigabytes of legal documents from the law firm of the stars, Grubman Shire Meiselas & Sacks (GSMLaw). The Sodinokibi ransomware gang has published a screenshot of the folders they have stolen from the law firm. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Hacking

Hacking Ransomware Advertising Cryptocurrency

Could Your Company Survive a Ransomware Attack?

CyberSecurity Insiders

AUGUST 26, 2022

One of the most ruthless cyberattacks is a ransomware attack. What Is a Ransomware Attack? Ransomware is a cyberattack that uses malware – software created to infiltrate a computer system and damage or disrupt it. Ransomware attacks are about as old as the internet itself. What Companies Have Suffered These Attacks?

Ransomware

Ransomware Software Malware Education

Ukraine police and Binance dismantled a cyber gang behind $42M money laundering

Security Affairs

AUGUST 18, 2020

Ukrainian authorities arrested the members of a cybercrime gang who ran 20 cryptocurrency exchanges involved in money laundering. Police in Ukraine announced the arrest of the members of a cybercrime gang composed of three individuals who ran 20 cryptocurrency exchanges used in money laundering activities. Pierluigi Paganini.

Cryptocurrency

Cryptocurrency Computers and Electronics Cybercrime Digital transformation

U.S. DoJ charges Iranian duo over SamSam Ransomware activity

Security Affairs

NOVEMBER 29, 2018

DoJ charges two Iranian men over their alleged role in creating and spreading the infamous SamSam ransomware. Two Iranian men, Faramarz Shahi Savandi (34) and Mohammad Mehdi Shah Mansouri (27) have been charged by DoJ for their role in creating and distributing the dreaded SamSam ransomware. ” reads the DoJ indictment. .

Ransomware

Ransomware Encryption Advertising Backups

Crooks exploit Oracle WebLogic flaw to deliver Sodinokibi Ransomware

Security Affairs

MAY 1, 2019

Threat actors are exploiting a recently patched critical Oracle WebLogic Server vulnerability to deliver the Sodinokibi ransomware to organizations. Talos also noted that threat actors were exploiting the flaw to deliver the popular Gandcrab ransomware. “We Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware Advertising Cryptocurrency Malware

Security Affairs newsletter Round 242

Security Affairs

DECEMBER 1, 2019

Livingston School District hit by a ransomware attack. Upbit cryptocurrency exchange hacked, crooks stole $48.5 A Ransomware infected the network of the cybersecurity firm Prosegur. Dutch National Cyber Security Centre warns ransomware infected thousands of businesses. Great Plains center hit by ransomware attack.

Advertising

Advertising Ransomware Cryptocurrency Government

US DoJ charges three members of the North Korea-linked Lazarus APT group

Security Affairs

FEBRUARY 17, 2021

Department of Justice charged Park over WannaCry and 2014 Sony Pictures Entertainment Hack. billion of money and cryptocurrency from financial institutions and companies, to create and deploy multiple malicious cryptocurrency applications, and to develop and fraudulently market a blockchain platform.” sanctions.

Cryptocurrency

Cryptocurrency Banking Hacking Ransomware

Australian beverages firm Lion hit for the second time in a few days by a cyber attack

Security Affairs

JUNE 20, 2020

This is the second cyber attack is a few days, last week the systems at Lion were infected with the REvil ransomware and attackers demanded a ransom of reportedly $1 million last week. ” According to the media, the Lion’s IT staff is now focusing on defence efforts over restoration from the previous ransomware attack. .

Cyber Attacks

Cyber Attacks Media Advertising Manufacturing

Group-IB detects a series of ransomware attacks by OldGremlin

Security Affairs

SEPTEMBER 23, 2020

Researchers from threat hunting and intelligence firm Group-IB have detected a successful attack by a ransomware gang tracked as OldGremlin. Group-IB , a global threat hunting and intelligence company headquartered in Singapore, has detected a successful attack by a ransomware gang, codenamed OldGremlin. Up-to-date phishing.

Ransomware

Ransomware Phishing Banking Advertising

Alexander Vinnik, the popular cyber criminal goes on trial in Paris

Security Affairs

OCTOBER 19, 2020

The Russian citizen Alexander Vinnik goes on trial in Paris for having defrauded nearly 200 victims across the world of 135 million euros using ransomware. The Russian man Alexander Vinnik goes on trial in Paris for having defrauded nearly 200 victims across the world of 135M euros using ransomware. million withdrawn.

Advertising

Advertising Hacking Cybercrime Cryptocurrency

Thief pulls off colossal, $600m crypto-robbery …and gives the money back

Malwarebytes

AUGUST 11, 2021

Let’s start at the beginning… In an apparent scream for mercy, 21 hours ago the Poly Network Team reached out via Twitter to “hacker(s)” that had managed to transfer roughly $600 million in digital tokens out of its control and into separate cryptocurrency wallets. Gox theft in 2014. A rough time for cryptocurrencies.

Cryptocurrency

Cryptocurrency Scams Accountability Hacking

Security Affairs newsletter Round 270

Security Affairs

JUNE 28, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

DDOS

DDOS Spyware Advertising Healthcare

A new piece of Ryuk Stealer targets government, military and finance sectors

Security Affairs

JANUARY 26, 2020

In September 2019, BleepingComputer reported the discovery of a new piece of malware that included references to the Ryuk Ransomware and that was used to steal files with filenames matching certain keywords. It is not clear if the malware was developed by the threat actors behind Ryuk Ransomware for data exfiltration.

Government

Government Banking Malware Ransomware

XCSSET Mac spyware spreads via Xcode Projects

Security Affairs

AUGUST 15, 2020

XCSSET is a new Mac malware that spreads through Xcode projects and exploits two zero-day vulnerabilities to steal sensitive information from target systems and launch ransomware attacks. The malware also implements ransomware behavior, it is able to encrypt files and display a ransom note. Pierluigi Paganini.

Spyware

Spyware Malware Advertising Cryptocurrency

Security Affairs newsletter Round 207 – News of the week

Security Affairs

MARCH 31, 2019

PewDiePie ransomware oblige users subscribe to PewDiePie YouTube channel. How to get back files encrypted by the Hacked Ransomware for free. Android Trojan Gustuff capable of targeting more than 100 global banking apps, cryptocurrency and marketplace applications. Operation ShadowHammer – Supply-Chain attack hit ASUS users.

Cryptocurrency

Cryptocurrency Banking Malware Data breaches

FTX Collapse Highlights the Cybersecurity Risks of Crypto

eSecurity Planet

NOVEMBER 18, 2022

This involved using an “unsecured group email account as the root user to access confidential private keys and critically sensitive data for the FTX Group companies around the world…” About $740 million in cryptocurrency has been placed into new cold wallets. One way is through hijacking computer resources to mine cryptocurrencies.

Risk

Risk Cybersecurity Cryptocurrency Social Engineering

North Korea-linked APT group BeagleBoyz targets banks

Security Affairs

AUGUST 29, 2020

The BeagleBoyz APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – hacking, BeagleBoyz).

Banking

Banking Malware Advertising Hacking

Ransomware Revival: Troldesh becomes a leader by the number of attacks

Security Affairs

NOVEMBER 19, 2019

Ransomware accounted for over half of all malicious mailings in H1 2019, Troldesh aka Shade being the most popular tool among cybercriminals. The report’s findings reveal that email remains the main method of delivering ransomware, banking Trojans, and backdoors. The revival of ransomware. Pierluigi Paganini.

Ransomware

Ransomware Antivirus Banking Malware

Security Affairs newsletter Round 260

Security Affairs

APRIL 19, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – newsletter, hacking). adrotate banner=”13″].

Scams

Scams Phishing Advertising DDOS

Xwo Malware scans the Internet for Exposed Services, Default Passwords

Security Affairs

APRIL 5, 2019

.” Xwo code is similar to that the MongoLock, a family of ransomware that hit MongoDB servers and wipe their content, then demands the payment a ransom to recover the data. The malicious code combines features from different families of malware such as ransomware, cryptocurrency miners, botnets, and worms.

Internet

Internet Internet Passwords Malware

Hackers are scanning the internet for vulnerable Salt installs, Ghost blogging platform hacked

Security Affairs

MAY 4, 2020

The attackers compromised the blogging platform to deploy a cryptocurrency miner, the intrusion took place on May 3, 2020. Threat actors could exploit the two vulnerabilities to install backdoors, miners, and ransomware in the compromised infrastructures. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Internet

Internet Internet Hacking Advertising

Documents Unsealed: North Korea's Global Hacking Campaign

SecureWorld News

FEBRUARY 18, 2021

And the targets in this case are widespread: banks, ATMs, cryptocurrency exchanges, online casinos, movie studios such as Sony Pictures, and theater chains such as AMC. Ransomware and Cyber-Enabled Extortion: Creation of the destructive WannaCry 2.0 million from an Indonesian cryptocurrency company in September 2018; and $11.8

Hacking

Hacking Cryptocurrency Computers and Electronics Banking

U.S. Offered $10M for Hacker Just Arrested by Russia

An Interview With the Target & Home Depot Hacker

Trending Sources

Hackers Exploit Zoom's Remote Control Feature in Cryptocurrency Heists

U.S. Indicts North Korean Hackers in Theft of $200 Million

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

Will cryptocurrency mining soon saturate AWS, Microsoft Azure and Google Cloud?

Sodinokibi Ransomware crew chooses Monero for ransom payments

US officials charge two Chinese men for laundering cryptocurrency for North Korea

New XBash malware combines features from ransomware, cryptocurrency miners, botnets, and worms

The G7 expresses its concern over ransomware attacks

Attackers use a new CoronaVirus Ransomware to cover Kpot Infostealer infections

Actions Target Russian Govt. Botnet, Hydra Dark Market

REvil Ransomware member win the auction for KPot stealer source code

Lazarus APT continues to target cryptocurrency businesses with Mac malware

Happy 13th Birthday, KrebsOnSecurity!

Black Kingdom ransomware operators exploit Pulse VPN flaws

SentinelOne released free decryptor for ThiefQuest ransomware

Sodinokibi ransomware gang launches auction site to sell stolen data

Security Affairs newsletter Round 501 by Pierluigi Paganini – INTERNATIONAL EDITION

SeaChange video delivery software solutions provider hit by Sodinokibi ransomware

IT threat evolution in Q3 2024. Non-mobile statistics

STOP ransomware encrypts files and steals victim’s data

Sodinokibi gang hacked law firm of the celebrities and threatens to release the docs

Could Your Company Survive a Ransomware Attack?

Ukraine police and Binance dismantled a cyber gang behind $42M money laundering

U.S. DoJ charges Iranian duo over SamSam Ransomware activity

Crooks exploit Oracle WebLogic flaw to deliver Sodinokibi Ransomware

Security Affairs newsletter Round 242

US DoJ charges three members of the North Korea-linked Lazarus APT group

Australian beverages firm Lion hit for the second time in a few days by a cyber attack

Group-IB detects a series of ransomware attacks by OldGremlin

Alexander Vinnik, the popular cyber criminal goes on trial in Paris

Thief pulls off colossal, $600m crypto-robbery …and gives the money back

Security Affairs newsletter Round 270

A new piece of Ryuk Stealer targets government, military and finance sectors

XCSSET Mac spyware spreads via Xcode Projects

Security Affairs newsletter Round 207 – News of the week

FTX Collapse Highlights the Cybersecurity Risks of Crypto

North Korea-linked APT group BeagleBoyz targets banks

Ransomware Revival: Troldesh becomes a leader by the number of attacks

Security Affairs newsletter Round 260

Xwo Malware scans the Internet for Exposed Services, Default Passwords

Hackers are scanning the internet for vulnerable Salt installs, Ghost blogging platform hacked

Documents Unsealed: North Korea's Global Hacking Campaign

Stay Connected