2014, Encryption, Hacking and Malware - Cyber Security Informer

Retail giant Home Depot agrees to a $17.5 million settlement over 2014 data breach

Security Affairs

NOVEMBER 25, 2020

million settlement in a multi-state investigation of the data breach that the company suffered in 2014. million settlement over the 2014 data breach. In 2014, Home Depot revealed that the data breach impacted 56 million customers across the US and Canada. SecurityAffairs – hacking, Data breach). ” . .

Retail

Retail Data breaches Penetration Testing Password Management

How to get back files encrypted by the Hacked Ransomware for free

Security Affairs

MARCH 26, 2019

Good news for the victims of the Hacked Ransomware, the security firm Emsisoft has released a free decryptor to decrypt the data of infected computers. Security experts at Emsisoft released a free decryptor for the Hacked Ransomware. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Encryption

Encryption Hacking Ransomware Advertising

New Reductor Nation-State Malware Compromises TLS

Schneier on Security

OCTOBER 10, 2019

Kaspersky has a detailed blog post about a new piece of sophisticated malware that it's calling Reductor. Based on these similarities, we're quite sure the new malware was developed by the COMPfun authors. The COMpfun malware was initially documented by G-DATA in 2014.

Malware

Malware Engineering Encryption Hacking

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Sonicwall warns of a spike in the number of attacks involving encrypted malware and IoT malware

Security Affairs

JULY 29, 2019

According to experts at Sonicwall, scanning of random ports and the diffusion of encrypted malware are characterizing the threat landscape. In 2018, global malware volume recorded by SonicWall hit a record-breaking 10.52 million encrypted malware attacks, +27% over the previous year. .” billion attacks.

IoT

IoT Encryption Malware Advertising

Snake Ransomware isolates infected Systems before encrypting files

Security Affairs

JULY 5, 2020

Experts spotted recent samples of the Snake ransomware that were isolating the infected systems while encrypting files to avoid interference. The Snake ransomware kills processes from a predefined list, including ICS-related processes, to encrypt associated files. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Encryption

Encryption Ransomware Firewall Backups

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

Although most people think of ransomware as a dodgy application that encrypts data and holds it for ransom, the concept is much more heterogeneous than that. File encryption 2013 – 2015. It emerged in September 2013 and paved the way for hundreds of file-encrypting menaces that have splashed onto the scene ever since.

Ransomware

Ransomware Hacking Encryption Penetration Testing

Zoom now supports end-to-end encrypted (E2EE) calls

Security Affairs

OCTOBER 15, 2020

The Video conferencing platform Zoom announced the implementation of end-to-end encryption (E2EE) and its availability starting next week. The popular Video conferencing platform Zoom announced the availability of the end-to-end encryption (E2EE) starting next week. SecurityAffairs – hacking, Zoom). Pierluigi Paganini.

Encryption

Encryption Advertising Accountability Hacking

CDRThief Linux malware steals VoIP metadata from Linux softswitches

Security Affairs

SEPTEMBER 10, 2020

ESET researchers discovered a new piece of malware dubbed CDRThief targets a specific Voice over IP system to steal call data records (CDR). The VoIP platform Linknat VOS2009 and VOS3000 targeted by the malware is used by two China-produced softswitches (software switches). ” reads the analysis published by ESET.

Malware

Malware Encryption Advertising Passwords

German encrypted email service Tutanota suffers DDoS attacks

Security Affairs

SEPTEMBER 19, 2020

The popular encrypted email service Tutanota was hit with a series of DDoS attacks this week targeting its website fist and its DNS providers later. Encrypted email service, Tutanota suffered a series of DDoS attacks that initially targeted the website and later its DNS providers. SecurityAffairs – hacking, Tutanota).

DDOS

DDOS Encryption DNS Advertising

REvil ransomware gang hacked gaming firm Gaming Partners International

Security Affairs

OCTOBER 31, 2020

The REvil ransomware operators made the headlines again, this time the gang claims to have hacked the Gaming Partners International (GPI). The REvil ransomware gang (aka Sodinokibi) claims to have stolen info from the systems at the company before encrypting them. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Hacking

Hacking Ransomware Advertising Encryption

Is the Abaddon RAT the first malware using Discord as C&C?

Security Affairs

OCTOBER 25, 2020

Researchers from MalwareHunterTeam have spotted a new piece of remote access trojan (RAT) dubbed ‘Abaddon’ that is likely the first malware using the Discord platform as command and control. The Abaddon malware connects to the Discord command and control server to check for new commands to execute. "Abaddon"

Malware

Malware Advertising Ransomware Encryption

New MATA Multi-platform malware framework linked to NK Lazarus APT

Security Affairs

JULY 23, 2020

North Korea-linked Lazarus APT Group has used a new multi-platform malware framework, dubbed MATA, to target entities worldwide. The MATA malware framework could target Windows, Linux, and macOS operating systems. The malware framework implements a wide range of features that allow attackers to fully control the infected systems.

Malware

Malware Ransomware Advertising Encryption

Asian media firm E27 hacked, attackers asked for a “donation”

Security Affairs

JUNE 28, 2020

Asian media firm E27 has been hacked by a hacking group identifying themselves as “Korean Hackers” and “Team Johnwick”that asked for a “donation” to provide information on the vulnerabilities they have exploited in the attack. .” SecurityAffairs – hacking, E27). Pierluigi Paganini.

Media

Media Hacking Passwords Data breaches

Ryuk Ransomware evolution avoid encrypting Linux folders

Security Affairs

DECEMBER 26, 2019

Experts spotted a new strain of the Ryuk Ransomware that was developed to avoid encrypting folders commonly seen in *NIX operating systems. The popular malware researcher Vitali Kremez that analyzed the sample involved in the attack discovered a new feature implemented in this new variant of malware. Pierluigi Paganini.

Encryption

Encryption Ransomware Malware Advertising

North Korea-linked Konni APT uses Russian-language weaponized documents

Security Affairs

NOVEMBER 24, 2023

North Korea-linked Konni APT group used Russian-language Microsoft Word documents to deliver malware. The KONNI RAT was first spotted by Cisco Talos researchers in 2017, it has been undetected since 2014 and was employed in highly targeted attacks. ” concludes the report. ” concludes the report.

Encryption

Encryption Malware Phishing Hacking

QSnatch malware infected over 62,000 QNAP NAS Devices

Security Affairs

JULY 28, 2020

US and UK cybersecurity agencies issued a joint advisory about the spread of QSnatch Data-Stealing Malware that already infected over 62,000 QNAP NAS devices. The QSnatch malware implements multiple functionalities, such as: . These are encrypted with the actor’s public key and sent to their infrastructure over HTTPS.

Malware

Malware Firmware Advertising Manufacturing

Ragnar Ransomware encrypts files from virtual machines to evade detection

Security Affairs

MAY 25, 2020

Ransomware encrypts from virtual machines to evade antivirus. Ragnar Locker deploys Windows XP virtual machines to encrypt victim’s files, the trick allows to evaded detection from security software. Mounting all the shared drives to encrypt. Custom Ragnar Locker ransom note (Source: Sophos).

Encryption

Encryption Ransomware Energy and Utilities Advertising

Source code of Dharma ransomware now surfacing on public hacking forums

Security Affairs

MARCH 29, 2020

The source code of the infamous Dharma ransomware is now available for sale on two Russian-language hacking forums. The source code of one of the most profitable ransomware families, the Dharma ransomware , is up for sale on two Russian-language hacking forums. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware Hacking Advertising Malware

Sodinokibi ransomware uses MS API to encrypt open and locked files

Security Affairs

MAY 11, 2020

Researchers warn of a new feature implemented in the Sodinokibi ransomware, the threat can now encrypt open and locked files. The Sodinokibi ransomware (REvil) continues to evolve, operators implemented a new feature that allows the malware to encrypt victim’s files, even if they are opened and locked by another process.

Encryption

Encryption Ransomware Advertising Malware

LimeRAT malware delivered using 8-year-old VelvetSweatshop trick

Security Affairs

APRIL 1, 2020

Researchers spotted a campaign using Excel files to spread LimeRAT malware using the 8-year-old and well-known VelvetSweatshop bug. Researchers at the Mimecast Threat Center spotted a new campaign using Excel files to spread LimeRAT malware using the 8-year-old VelvetSweatshop bug. ” reads the analysis published by the experts.

Malware

Malware Passwords Encryption Advertising

New Coronavirus-themed malspam campaign delivers FormBook Malware

Security Affairs

MARCH 8, 2020

Experts uncovered a new Coronavirus (COVID-19 ) -themed campaign that is distributing a malware downloader that delivers the FormBook information-stealing Trojan. Experts at MalwareHunterTeam uncovered a new malspam campaign exploiting the fear in the Coronavirus (COVID-19) to deliver malware. states the analysis published by FireEye.

Malware

Malware Scams Social Engineering Phishing

Five Eyes nations plus India and Japan call for encryption backdoor once again

Security Affairs

OCTOBER 13, 2020

Members of the Five Eyes intelligence alliance once again call for tech firms to engineer backdoors into end-to-end and device encryption. The statements reinforce the importance of the encryption in protecting data, privacy, and IP, but highlights the risks of abusing it for criminal and terrorist purposes. Pierluigi Paganini.

Encryption

Encryption Data privacy Advertising Technology

CDRThief Linux malware steals VoIP metadata from Linux softswitches

Security Affairs

SEPTEMBER 10, 2020

ESET researchers discovered a new piece of malware dubbed CDRThief targets a specific Voice over IP system to steal call data records (CDR). The VoIP platform Linknat VOS2009 and VOS3000 targeted by the malware is used by two China-produced softswitches (software switches). ” reads the analysis published by ESET.

Malware

Malware Encryption Advertising Passwords

Tedrade banking malware families target users worldwide

Security Affairs

JULY 19, 2020

The four malware families are named Guildma, Javali, Melcoz, and Grandoreiro, experts believe are the result of a Brazilian banking group/operation that is evolving its capabilities targeting banking users abroad. Experts noticed that the malware uses the BITSAdmin tool to download the additional modules. ” continues Kaspersky.

Banking

Banking Malware Phishing Advertising

Two PoS Malware used to steal data from more than 167,000 credit cards

Security Affairs

OCTOBER 25, 2022

Researchers reported that threat actors used 2 PoS malware variants to steal information about more than 167,000 credit cards. Cybersecurity firm Group-IB discovered two PoS malware to steal data associated with more than 167,000 credit cards from point-of-sale payment terminals. MajikPOS is written using the “.NET

Malware

Malware Cybercrime Banking Marketing

Malware attack took down 600 computers at Volusia County Public Library

Security Affairs

JANUARY 22, 2020

The library did not disclose the family of malware that infected its system, but experts believe that the computers were infected with ransomware. “Some Californian libraries are also affected by a ransomware attack that encrypted computers at 26 community libraries in Contra Costa County on January 3.” Pierluigi Paganini.

Malware

Malware Cyber Attacks Advertising Ransomware

Raccoon Malware, a success case in the cybercrime ecosystem

Security Affairs

FEBRUARY 24, 2020

Raccoon Malware is a recently discovered infostealer that can extract sensitive data from about 60 applications on a targeted system. Racoon malware , Legion, Mohazo, and Racealer, is an infostealer that recently appeared in the threat landscape that is advertised in hacking forums. ” continues the analysis.

Cybercrime

Cybercrime Malware Cryptocurrency Advertising

QNAP urges users to update Malware Remover after QSnatch joint alert

Security Affairs

AUGUST 2, 2020

The Taiwanese vendor QNAP urges its users to update the Malware Remover app following the alert on the QSnatch malware. The Taiwanese company QNAP is urging its users to update the Malware Remover app to prevent NAS devices from being infected by the QSnatch malware. Webshell functionality for remote access.

Malware

Malware Advertising Passwords Manufacturing

Nemty Ransomware, a new malware appears in the threat landscape

Security Affairs

AUGUST 26, 2019

A new ransomware, called Nemty ransomware, has been discovered over the weekend by malware researchers. The name of the ransomware comes after the extension it adds to the encrypted file names, the malicious code also deletes their shadow copies to make in impossible any recovery procedure. SecurityAffairs – Nemty ransomware, hacking).

Ransomware

Ransomware Malware Antivirus Encryption

STOP ransomware encrypts files and steals victim’s data

Security Affairs

MARCH 11, 2019

The STOP Ransomware was first spotted in January when he was being distributed by fake software cracks in January, The popular malware researcher Michael Gillespie observed that some recent variants of the ransomare were generating traffic to infrastructure previously associated with the Azorul infection. exe and executed it.

Encryption

Encryption Ransomware Cryptocurrency Passwords

Maze ransomware gang hacked M&A firm Threadstone Advisors LLP

Security Affairs

JUNE 14, 2020

MAZE ransomware operators have stolen the data of the company before encrypting its systems and threaten to leak it in case the victim will not pay the ransom. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Ransomware

Ransomware Hacking Advertising Banking

Ukrainian Police Nab Six Tied to CLOP Ransomware

Krebs on Security

JUNE 16, 2021

First debuting in early 2019, CLOP is one of several ransomware groups that hack into organizations, launch ransomware that encrypts files and servers, and then demand an extortion payment in return for a digital key needed to unlock access. ? /.

Ransomware

Ransomware Cybercrime Malware Encryption

The forum of the popular Albion Online game was hacked

Security Affairs

OCTOBER 19, 2020

On top of that, the attacker gained access to encrypted passwords (in technical terms: hashed and salted passwords).” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, Albion Online).

Hacking

Hacking Data breaches Passwords Advertising

SILENTFADE a long-running malware campaign targeted Facebook AD platform

Security Affairs

OCTOBER 3, 2020

Facebook shared details about a long-running ad-fraud campaign that’s been ongoing since 2016 targeting Facebook users with SilentFade malware. The social network giant revealed that malware has a Chinese origin and allowed hackers to siphon $4 million from users’ advertising accounts. SecurityAffairs – hacking, Facebook).

Malware

Malware Advertising Accountability Authentication

3.4 Million user records from LiveAuctioneers hack available for sale

Security Affairs

JULY 14, 2020

.” According to the company, attackers accessed personal details of the users, including names, email addresses, mailing addresses, phone numbers, and also encrypted passwords. The company confirmed that the an investigation into the hack is still ongoing. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Hacking

Hacking Data breaches Identity Theft Advertising

DeathRansom ransomware evolves encrypting files, but experts identified its author

Security Affairs

JANUARY 5, 2020

DeathRansom was considered fake ransomware due to the fact that it did not implement an effective encryption process, but now things are changing. DeathRansom is a ransomware family that was initially classified as a joke because it did not implement an effective encryption scheme. ” continues the report. .

Encryption

Encryption Ransomware Malware Scams

Tyler Technologies finally paid the ransom to receive the decryption key

Security Affairs

OCTOBER 11, 2020

Tyler Technologies has finally decided to paid a ransom to obtain a decryption key and recover files encrypted in a recent ransomware attack. The ransomware attack took place on September 23, the threat actors breached the network of the company and deployed the malware. SecurityAffairs – hacking, Tyler). Pierluigi Paganini.

Technology

Technology Ransomware Encryption Advertising

Who’s Behind the Botnet-Based Service BHProxies?

Krebs on Security

FEBRUARY 24, 2023

The Mylobot malware includes more than 1,000 hard-coded and encrypted domain names, any one of which can be registered and used as control networks for the infected hosts. The account didn’t resume posting on the forum until April 2014. million from private investors.

Accountability

Accountability Advertising Marketing Malware

Crooks use hidden directories of compromised HTTPS sites to deliver malware

Security Affairs

APRIL 2, 2019

Attackers Store Malware in Hidden Directories of Compromised HTTPS Sites. Hacked websites were used for several malicious purposes, experts observed compromised WordPress and Joomla websites serving Shade /Troldesh ransomware, coin miners, backdoors, and some times were involved in phishing campaigns. “The hidden /.well-known/

Malware

Malware Phishing Ransomware Advertising

Catch Hospitality Group discloses PoS malware infection at its restaurants

Security Affairs

NOVEMBER 23, 2019

The Catch Hospitality Group has suffered a malware attack, a point-of-sale malware has infected systems (POS) at several restaurants of the chain.The Catch Hospitality Group has suffered a malware attack, a point-of-sale malware has infected systems (POS) at several restaurants of the chain. Pierluigi Paganini.

Malware

Malware Data breaches Advertising Encryption

Russia-linked Turla APT hacked European government organization

Security Affairs

OCTOBER 29, 2020

Russia-linked APT Turla has hacked into the systems of an undisclosed European government organization according to Accenture. According to a report published by Accenture Cyber Threat Intelligence (ACTI), Russia-linked cyber-espionage group Turla has hacked into the systems of an undisclosed European government organization.

Government

Government Hacking Advertising Encryption

Developer hacked back Muhstik ransomware crew and released keys

Security Affairs

OCTOBER 8, 2019

One of the victims of the Muhstik ransomware gang who initially paid the ransomware, decided to hack back the crooks and released their decryption keys. The expert hacked the server used by the Muhstik ransomware gang and released the decryption keys for all the victims of the group. SecurityAffairs – Muhstik ransomware, hacking).

Hacking

Hacking Ransomware Advertising Passwords

xHelper, the Unkillable Android malware that re-Installs after factory reset

Security Affairs

APRIL 7, 2020

xHelper , a new strain of Android malware is able to re-install itself on infected devices even after victims delete it or force a factory reset. xHelper , a new strain of Android malware is able to re-install itself on infected devices even after victims delete it or force a factory reset. and Russia. ” continues the report.

Malware

Malware Firmware Manufacturing Mobile

Dacls RAT, the first Lazarus malware that targets Linux devices

Security Affairs

DECEMBER 17, 2019

The activity of the Lazarus APT group (aka HIDDEN COBRA ) surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. The group is considered responsible for the massive WannaCry ransomware attack, a string of SWIFT attacks in 2016, and the Sony Pictures hack. Pierluigi Paganini.

Malware

Malware Advertising Encryption Hacking

Retail giant Home Depot agrees to a $17.5 million settlement over 2014 data breach

How to get back files encrypted by the Hacked Ransomware for free

Webinars

Trending Sources

New Reductor Nation-State Malware Compromises TLS

Webinars

Sonicwall warns of a spike in the number of attacks involving encrypted malware and IoT malware

Snake Ransomware isolates infected Systems before encrypting files

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Zoom now supports end-to-end encrypted (E2EE) calls

CDRThief Linux malware steals VoIP metadata from Linux softswitches

German encrypted email service Tutanota suffers DDoS attacks

REvil ransomware gang hacked gaming firm Gaming Partners International

Is the Abaddon RAT the first malware using Discord as C&C?

New MATA Multi-platform malware framework linked to NK Lazarus APT

Asian media firm E27 hacked, attackers asked for a “donation”

Ryuk Ransomware evolution avoid encrypting Linux folders

North Korea-linked Konni APT uses Russian-language weaponized documents

QSnatch malware infected over 62,000 QNAP NAS Devices

Ragnar Ransomware encrypts files from virtual machines to evade detection

Source code of Dharma ransomware now surfacing on public hacking forums

Sodinokibi ransomware uses MS API to encrypt open and locked files

LimeRAT malware delivered using 8-year-old VelvetSweatshop trick

New Coronavirus-themed malspam campaign delivers FormBook Malware

Five Eyes nations plus India and Japan call for encryption backdoor once again

CDRThief Linux malware steals VoIP metadata from Linux softswitches

Tedrade banking malware families target users worldwide

Two PoS Malware used to steal data from more than 167,000 credit cards

Malware attack took down 600 computers at Volusia County Public Library

Raccoon Malware, a success case in the cybercrime ecosystem

QNAP urges users to update Malware Remover after QSnatch joint alert

Nemty Ransomware, a new malware appears in the threat landscape

STOP ransomware encrypts files and steals victim’s data

Maze ransomware gang hacked M&A firm Threadstone Advisors LLP

Ukrainian Police Nab Six Tied to CLOP Ransomware

The forum of the popular Albion Online game was hacked

SILENTFADE a long-running malware campaign targeted Facebook AD platform

3.4 Million user records from LiveAuctioneers hack available for sale

DeathRansom ransomware evolves encrypting files, but experts identified its author

Tyler Technologies finally paid the ransom to receive the decryption key

Who’s Behind the Botnet-Based Service BHProxies?

Crooks use hidden directories of compromised HTTPS sites to deliver malware

Catch Hospitality Group discloses PoS malware infection at its restaurants

Russia-linked Turla APT hacked European government organization

Developer hacked back Muhstik ransomware crew and released keys

xHelper, the Unkillable Android malware that re-Installs after factory reset

Dacls RAT, the first Lazarus malware that targets Linux devices

Stay Connected