Security Affairs

NOVEMBER 17, 2022

A suspected leader of the Zeus cybercrime gang, Vyacheslav Igorevich Penchukov (aka Tank), was arrested by Swiss police. Swiss police last month arrested in Geneva Vyacheslav Igorevich Penchukov (40), also known as Tank, which is one of the leaders of the JabberZeus cybercrime group. Pierluigi Paganini.

Cybercrime 91

Cybercrime Banking Identity Theft Hacking 91

Security Affairs

MAY 1, 2023

The previously undetected LOBSHOT malware is distributed using Google ads and gives operators VNC access to Windows devices. Researchers from Elastic Security Labs spotted a new remote access trojan dubbed LOBSHOT was being distributed through Google Ads. ” reads the report published by Elastic Security Labs.

Malware 87

Malware Cybercrime Banking Software 87

Krebs on Security

JANUARY 24, 2023

Denis Emelyantsev , a 36-year-old Russian man accused of running a massive botnet called RSOCKS that stitched malware into millions of devices worldwide, pleaded guilty to two counts of computer crime violations in a California courtroom this week. “Thanks to you, we are now developing in the field of information security and anonymity!

Cybercrime 220

Cybercrime Advertising IoT Malware 220

Security Affairs

JANUARY 10, 2022

A malware campaign spreads ZLoader malware by exploiting a Windows vulnerability that was fixed in 2013 but in 2014 Microsoft revised the fix. Experts from Check Point Research uncovered a new ZLoader malware campaign in early November 2021. banking Trojan and was used to spread Zeus-like banking trojan (i.e.

Malware 132

Malware Banking Software Cybercrime 132

Security Affairs

MAY 30, 2022

The researchers attribute the botnet to the cybercrime group Keksec which focuses on DDoS-based extortion. Experts pointed out that the malware is being actively developed. Gafgyt is a popular choice for launching large-scale DDoS attacks, it first appeared in the threat landscape in 2014. LFI CVE-2018-16763 Fuel CMS 1.4.1

Malware 141

Malware DDOS IoT Cybercrime 141

Security Affairs

OCTOBER 18, 2020

Multiple members of QQAAZZ multinational cybercriminal gang were charged for providing money-laundering services to high-profile malware operations. According to law enforcement bodies, the gang provides services to multiple malware operations, including Dridex , GozNym , and Trickbot. Pierluigi Paganini.

Malware 107

Malware Banking Cryptocurrency Cybercrime 107

Security Affairs

OCTOBER 15, 2019

Chinese-speaking cybercrime gang Rocke that carried out several large-scale cryptomining campaigns, has now using news tactics to evade detection. Chinese-speaking cybercrime gang Rocke, that carried out several large-scale cryptomining campaigns in past , has now using news tactics to evade detection. Pierluigi Paganini.

Cybercrime 63

Cybercrime DNS Malware Advertising 63

Security Affairs

OCTOBER 25, 2022

Researchers reported that threat actors used 2 PoS malware variants to steal information about more than 167,000 credit cards. Cybersecurity firm Group-IB discovered two PoS malware to steal data associated with more than 167,000 credit cards from point-of-sale payment terminals. MajikPOS is written using the “.NET

Malware 80

Malware Cybercrime Banking Marketing 80

Security Affairs

MARCH 12, 2020

Cybercriminals continue to exploit the fear in the coronavirus outbreak to spread malware and steal sensitive data from victims. Experts from cybersecurity Reason reported cybercrimnals are using new coronavirus -themed attacks to deliver malware. To make sure the malware can persist and keep operating, it uses the “Task Scheduler”.”

Malware 136

Malware Advertising Passwords Cryptocurrency 136

Security Affairs

JULY 23, 2020

North Korea-linked Lazarus APT Group has used a new multi-platform malware framework, dubbed MATA, to target entities worldwide. The MATA malware framework could target Windows, Linux, and macOS operating systems. The malware framework implements a wide range of features that allow attackers to fully control the infected systems.

Malware 100

Malware Ransomware Advertising Encryption 100

Security Affairs

NOVEMBER 15, 2021

The FBI collected millions of email addresses used by Emotet operators in their malware campaigns as part of the cleanup operation. The Emotet banking trojan has been active at least since 2014, the botnet is operated by a threat actor tracked as TA542. Malware tracking non-profit organization Abuse.ch ” reported GData.

Malware 121

Malware Banking Hacking Ransomware 121

Security Affairs

DECEMBER 30, 2019

The United Nations on Friday have approved a Russian-sponsored and China-backed resolution to create a new convention on cybercrime. The United Nations on Friday has approved a Russian-sponsored and China-backed resolution to create a new convention on cybercrime. It will only serve to stifle global efforts to combat cybercrime.”

Cybercrime 60

Cybercrime Surveillance Spyware Government 60

Security Affairs

JULY 29, 2019

According to experts at Sonicwall, scanning of random ports and the diffusion of encrypted malware are characterizing the threat landscape. In 2018, global malware volume recorded by SonicWall hit a record-breaking 10.52 Most of the attacks targeted non-standard ports and experts observed a spike in the number of encrypted malware.

IoT 84

IoT Encryption Malware Advertising 84

Security Affairs

AUGUST 1, 2020

A 30-year-old Moldovan man pleaded guilty this week for creating the FastPOS malware that infected PoS systems worldwide. The Moldovan citizen Valerian Chiochiu (30), aka Onassis, pleaded guilty on Friday for creating the infamous FastPOS Point-of-Sale (POS) malware. and infraud.ws. Chiochiu will be sentenced on December 11.

Malware 72

Malware Advertising Cybercrime Hacking 72

Security Affairs

MARCH 26, 2024

A new variant of TheMoon malware infected thousands of outdated small office and home office (SOHO) routers and IoT devices worldwide. The activity of the TheMoon botnet was first spotted in 2014, and since 2017 its operators added to the code of the bot at least 6 IoT device exploits.

IoT 122

IoT Cybercrime Internet Internet 122

Security Affairs

NOVEMBER 4, 2020

KPOT Stealer is a “stealer” malware that focuses on exfiltrating account information and other data from web browsers, instant messengers, email, VPN, RDP, FTP, cryptocurrency, and gaming software. The KPOT Stealer was written in C/C++, it was offered in the cybercrime underground as a Malware-as-a-Service (MaaS).

Ransomware 136

Ransomware Malware Advertising Cybercrime 136

Security Affairs

SEPTEMBER 22, 2020

US Cybersecurity and Infrastructure Security Agency (CISA) is warning of a notable increase in the use of LokiBot malware by threat actors since July 2020. The Agency’s EINSTEIN Intrusion Detection System has detected persistent malicious activity associated with the LokiBot malware. Pierluigi Paganini.

Malware 65

Malware Passwords Advertising Antivirus 65

Security Affairs

NOVEMBER 22, 2019

The Russian hacker who created and used Neverquest banking malware has finally been sentenced to 4 years in prison by a US District Court. The Russian hacker was suspected of being the author of the Neverquest malware , aka Vawtrak malware, and the person who administrated the control infrastructure. Pierluigi Paganini.

Banking 102

Banking Malware Advertising Passwords 102

Security Affairs

NOVEMBER 12, 2019

The analysis of a malicious email revealed a possible raising interest of the TA505 cybercrime gang in system integrator companies. The two Macros decoded a Javascript payload acting as a drop and execute by using a well-known strategy as described in: “ Frequent VBA Macros used in Office Malware ”. Introduction. 66.133.129.5)

Cybercrime 42

Cybercrime Computers and Electronics Penetration Testing Malware 42

Security Affairs

FEBRUARY 14, 2020

US store chain Rutter disclosed a security breach, 71 locations were infected with a point-of-sale (POS) malware used to steal customers’ credit card information. convenience store, fast food restaurant, and gas station chain owner, has disclosed a security breach. The Rutter’s , a U.S.

Malware 106

Malware Identity Theft Advertising Cybersecurity 106

Security Affairs

OCTOBER 18, 2020

Researchers from FireEye’s Mandiant observed FIN11 hackers using spear-phishing messages distributing a malware downloader dubbed FRIENDSPEAK. The macros download and execute the FRIENDSPEAK code, which in turn downloads the MIXLABEL malware. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware 131

Ransomware Malware Telecommunications Advertising 131

Security Affairs

FEBRUARY 2, 2020

Security experts from Microsoft have uncovered an ongoing p hishing campaign launched by the TA505 cybercrime gang (aka Evil Corp ) that is employing attachments featuring HTML redirectors for delivering malicious Excel docs. In contrast, past Dudear email campaigns carried the malware as attachment or used malicious URLs.

Malware 77

Malware Security Intelligence Banking Phishing 77

Security Affairs

MAY 30, 2022

Agent Tesla , first discovered in late 2014, is an extremely popular “malware-as-a-service” Remote Access Trojan (RAT) tool used by threat actors to steal information such as credentials, keystrokes, clipboard data and other information from its operators’ targets. SecurityAffairs – hacking, cybercrime).

Cybercrime 124

Cybercrime Malware Hacking Cybersecurity 124

Security Affairs

OCTOBER 20, 2019

TA505 cybercrime group that operated the Dridex Trojan and Locky ransomware, has been using a new RAT dubbed SDBbot in recent attacks. Security experts at Proofpoint observed the notorious TA505 cybercrime group that has been using a new RAT dubbed SDBbot in recent attacks. Pierluigi Paganini.

Cybercrime 43

Cybercrime Advertising Retail Banking 43

Security Affairs

FEBRUARY 1, 2020

Security researchers warn of malspam campaigns aimed at spreading malware that exploit s media attention on the coronavirus epidemic. Recently, coronavirus is monopolizing media attention, users online are searching for information about the virus and the way it is rapidly spreading worldwide.

Malware 91

Malware Media Banking Advertising 91

Security Affairs

MARCH 17, 2020

The experts were able to identify the man, his name is Bill Henry (25) from Benin City, Nigeria, his criminal activity include the theft of credit cards, phishing and malware attacks. Over the years, Dton also started a new prolific activity buying tools to launch malspam campaigns aimed at distributing custom-built info-stealing malware.

Cybercrime 103

Cybercrime Malware Advertising Phishing 103

Security Affairs

SEPTEMBER 6, 2022

Researchers discovered a previously undocumented software control panel, named TeslaGun, used by a cybercrime gang known as TA505. Researchers from cybersecurity firm PRODAFT have discovered a previously undocumented software control panel, tracked as TeslaGun, used by a cybercrime group known as TA505.

Cybercrime 92

Cybercrime Banking Malware Retail 92

Security Affairs

SEPTEMBER 22, 2020

The Wall Street Market marketplace was considered one of the most important points of aggregation in the cybercrime underground for trading in cocaine, heroin, cannabis and amphetamines as well as digital goods (i.e. stolen data, malware, and fake documents). Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Cybercrime 131

Cybercrime Advertising Marketing Internet 131

Security Affairs

SEPTEMBER 24, 2020

New Zealand’s Computer Emergency Response Team (CERT) also published a security alert warning of spam campaigns spreading the Emotet threat. jp) email addresses that have been infected with the infamous malware and that can be employed in further spam campaigns. Today was only about a dozen replychain and nothing else.

Malware 124

Malware Passwords Advertising Cybercrime 124

Security Affairs

AUGUST 13, 2020

A threat actor has released the databases of Utah-based gun exchange and hunting sites for free on a cybercrime forum. On August 10th, a hacker has leaked online the databases of Utah-based gun exchange for free on a cybercrime forum. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Hacking 138

Hacking Data breaches Cybercrime Passwords 138

Security Affairs

APRIL 17, 2022

The researchers attribute the botnet to the cybercrime group Keksec which focuses on DDoS-based extortion. Experts pointed out that the malware is being actively developed. Gafgyt is a popular choice for launching large-scale DDoS attacks, it first appeared in the threat landscape in 2014.

DDOS 134

DDOS Architecture Malware Cybercrime 134

Security Affairs

JANUARY 8, 2023

Experts warn of a new variant of the Dridex banking malware that is targeting systems using the macOS operating system. Trend Micro experts discovered a new variant of the Dridex banking malware that targets the MacOS platform and that used a new technique to deliver documents embedded with malicious macros. doc” command.

Banking 94

Banking Malware Social Engineering Cybercrime 94

Security Affairs

NOVEMBER 4, 2020

According to BleepingComputer, in July, systems at the toymaker were infected with the TrickBot malware which was used by several cybercrime gangs to deliver malware like Ryuk or Conti. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, malware).

Ransomware 110

Ransomware Retail Advertising Malware 110

Security Affairs

MARCH 24, 2020

ch launched the MalwareBazaar service, a malware repository to allow experts to share known malware samples and related info. ch launched a malware repository, called MalwareBazaar , to allow experts to share known malware samples and related analysis. Malware batches are available for download on a daily base.

Malware 52

Malware Adware Cyber threats Advertising 52

Security Affairs

MARCH 21, 2020

While COVID-19 infections around the world are exploding, cyber threat actors are trying to capitalise on this global health crisis by creating malwares or launching attacks with a COVID-19 theme. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – Heathcare, cybercrime).

Healthcare 101

Healthcare Advertising Cyber threats Cybercrime 101

Security Affairs

APRIL 10, 2020

“Lockheed Martin has made and continues to make significant investments in cybersecurity, and uses industry-leading information security practices to protect sensitive information. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – DoppelPaymer ransomware, malware).

Manufacturing 101

Manufacturing Ransomware Advertising Cybercrime 101

Security Affairs

JANUARY 24, 2022

Experts warn Emotet malware campaign using “unconventional” IP address formats in an attempt to evade detection. Threat actors behind a recent Emotet malware campaign have been observed using using “unconventional” IP address formats to evade detection. ” reported Trend Micro.

Malware 124

Malware Social Engineering Ransomware Banking 124