Security Affairs

APRIL 1, 2020

Researchers spotted a campaign using Excel files to spread LimeRAT malware using the 8-year-old and well-known VelvetSweatshop bug. Researchers at the Mimecast Threat Center spotted a new campaign using Excel files to spread LimeRAT malware using the 8-year-old VelvetSweatshop bug. ” reads the analysis published by the experts.

Malware 96

Malware Passwords Encryption Advertising 96

Security Affairs

MAY 25, 2020

Ransomware encrypts from virtual machines to evade antivirus. Ragnar Locker deploys Windows XP virtual machines to encrypt victim’s files, the trick allows to evaded detection from security software. Mounting all the shared drives to encrypt. Custom Ragnar Locker ransom note (Source: Sophos).

Encryption 99

Encryption Ransomware Energy and Utilities Advertising 99

Security Affairs

JULY 28, 2020

US and UK cybersecurity agencies issued a joint advisory about the spread of QSnatch Data-Stealing Malware that already infected over 62,000 QNAP NAS devices. The QSnatch malware implements multiple functionalities, such as: . These are encrypted with the actor’s public key and sent to their infrastructure over HTTPS.

Malware 104

Malware Firmware Advertising Manufacturing 104

Security Affairs

JULY 23, 2020

North Korea-linked Lazarus APT Group has used a new multi-platform malware framework, dubbed MATA, to target entities worldwide. The MATA malware framework could target Windows, Linux, and macOS operating systems. The malware framework implements a wide range of features that allow attackers to fully control the infected systems.

Malware 100

Malware Ransomware Advertising Encryption 100

Security Affairs

MARCH 8, 2020

Experts uncovered a new Coronavirus (COVID-19 ) -themed campaign that is distributing a malware downloader that delivers the FormBook information-stealing Trojan. Experts at MalwareHunterTeam uncovered a new malspam campaign exploiting the fear in the Coronavirus (COVID-19) to deliver malware.

Malware 121

Malware Scams Social Engineering Phishing 121

Security Affairs

JANUARY 5, 2020

DeathRansom was considered fake ransomware due to the fact that it did not implement an effective encryption process, but now things are changing. DeathRansom is a ransomware family that was initially classified as a joke because it did not implement an effective encryption scheme. ” continues the report. .

Encryption 63

Encryption Ransomware Malware Scams 63

Security Affairs

OCTOBER 13, 2020

Members of the Five Eyes intelligence alliance once again call for tech firms to engineer backdoors into end-to-end and device encryption. The statements reinforce the importance of the encryption in protecting data, privacy, and IP, but highlights the risks of abusing it for criminal and terrorist purposes. Pierluigi Paganini.

Encryption 67

Encryption Data privacy Advertising Technology 67

Security Affairs

SEPTEMBER 10, 2020

ESET researchers discovered a new piece of malware dubbed CDRThief targets a specific Voice over IP system to steal call data records (CDR). The VoIP platform Linknat VOS2009 and VOS3000 targeted by the malware is used by two China-produced softswitches (software switches). ” reads the analysis published by ESET.

Malware 67

Malware Encryption Advertising Passwords 67

Security Affairs

NOVEMBER 23, 2019

The Catch Hospitality Group has suffered a malware attack, a point-of-sale malware has infected systems (POS) at several restaurants of the chain.The Catch Hospitality Group has suffered a malware attack, a point-of-sale malware has infected systems (POS) at several restaurants of the chain. Pierluigi Paganini.

Malware 102

Malware Data breaches Advertising Encryption 102

Security Affairs

AUGUST 2, 2020

The Taiwanese vendor QNAP urges its users to update the Malware Remover app following the alert on the QSnatch malware. The Taiwanese company QNAP is urging its users to update the Malware Remover app to prevent NAS devices from being infected by the QSnatch malware. Webshell functionality for remote access.

Malware 99

Malware Advertising Passwords Manufacturing 99

Security Affairs

NOVEMBER 24, 2023

North Korea-linked Konni APT group used Russian-language Microsoft Word documents to deliver malware. The KONNI RAT was first spotted by Cisco Talos researchers in 2017, it has been undetected since 2014 and was employed in highly targeted attacks. ” concludes the report. ” concludes the report.

Encryption 106

Encryption Malware Phishing Hacking 106

Security Affairs

APRIL 7, 2020

xHelper , a new strain of Android malware is able to re-install itself on infected devices even after victims delete it or force a factory reset. xHelper , a new strain of Android malware is able to re-install itself on infected devices even after victims delete it or force a factory reset. and Russia. ” continues the report.

Malware 121

Malware Firmware Manufacturing Mobile 121

Security Affairs

OCTOBER 25, 2022

Researchers reported that threat actors used 2 PoS malware variants to steal information about more than 167,000 credit cards. Cybersecurity firm Group-IB discovered two PoS malware to steal data associated with more than 167,000 credit cards from point-of-sale payment terminals. MajikPOS is written using the “.NET

Malware 80

Malware Cybercrime Banking Marketing 80

Security Affairs

AUGUST 26, 2019

A new ransomware, called Nemty ransomware, has been discovered over the weekend by malware researchers. The name of the ransomware comes after the extension it adds to the encrypted file names, the malicious code also deletes their shadow copies to make in impossible any recovery procedure. Pierluigi Paganini.

Ransomware 91

Ransomware Malware Antivirus Encryption 91

Security Affairs

JANUARY 22, 2020

The library did not disclose the family of malware that infected its system, but experts believe that the computers were infected with ransomware. “Some Californian libraries are also affected by a ransomware attack that encrypted computers at 26 community libraries in Contra Costa County on January 3.” Pierluigi Paganini.

Malware 97

Malware Cyber Attacks Advertising Ransomware 97

Security Affairs

FEBRUARY 24, 2020

Raccoon Malware is a recently discovered infostealer that can extract sensitive data from about 60 applications on a targeted system. Racoon malware , Legion, Mohazo, and Racealer, is an infostealer that recently appeared in the threat landscape that is advertised in hacking forums. ” reads the report published by CyberArk.

Cybercrime 89

Cybercrime Malware Cryptocurrency Advertising 89

Security Affairs

DECEMBER 17, 2019

The activity of the Lazarus APT group (aka HIDDEN COBRA ) surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. Dacls is the first malware linked to the Lazarus group that targets Linux systems. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware 73

Malware Advertising Encryption Hacking 73

Security Affairs

JULY 7, 2019

Croatia government agencies have been targeted by unknown hackers with a new piece of malware tracked as SilentTrinity. A mysterious group of hackers carried out a series of cyber attacks against Croatian government agencies, infecting employees with a new piece of malware tracked as SilentTrinity. ” reads one of the alerts.

Government 81

Government Malware Computers and Electronics Advertising 81

Security Affairs

OCTOBER 11, 2020

Tyler Technologies has finally decided to paid a ransom to obtain a decryption key and recover files encrypted in a recent ransomware attack. The ransomware attack took place on September 23, the threat actors breached the network of the company and deployed the malware. Tyler Technologies, Inc. ” reported BleepingComputer.

Technology 139

Technology Ransomware Encryption Advertising 139

Security Affairs

SEPTEMBER 17, 2020

The Maze ransomware operators now use a virtual machine to encrypt a computer, a tactic previously adopted by the Ragnar Locker malware. The Maze ransomware operators have adopted a new tactic to evade detection, their malware now encrypts a computer from within a virtual machine. Pierluigi Paganini.

Ransomware 144

Ransomware Encryption Advertising Malware 144

Security Affairs

OCTOBER 13, 2019

Confiant researchers have discovered a new Mac malware dubbed Tarmac distributed via malvertising campaigns in the US, Italy, and Japan. Security experts at Confiant have discovered a new Mac malware dubbed Tarmac that is distributed via malvertising campaigns in the US, Italy, and Japan. Pierluigi Paganini.

Malware 80

Malware Advertising Encryption Software 80

Security Affairs

JULY 8, 2020

Good news for the victims of the ThiefQuest (EvilQuest) ransomware, they can recover their encrypted files for free. The victims of the ThiefQuest (EvilQuest) ransomware victims can recover their encrypted files without needing to pay the ransom due to the availability of a free decryptor. macOS ransomware #decryptor ( #EvilQuest )! |

Ransomware 104

Ransomware Encryption Malware InfoSec 104

Security Affairs

SEPTEMBER 23, 2019

Kaspersky experts spotted a new piece of ATM malware, dubbed ATMDtrack, that was developed and used by North Korea-linked hackers. Kaspersky researchers discovered a new piece of ATM malware, tracked as ATMDtrack, that was developed and used by North Korea-linked hackers. ” reads the analysis published by Kaspersky.

Malware 84

Malware Banking Advertising Encryption 84

Security Affairs

AUGUST 5, 2019

Recently a data-wiping malware tracked as GermanWiper has been targeting German organizations, the malicious code is pushed via phishing messages. Anyway, the operators behind this campaign tell to the victims that their data was encrypted and not deleted, they used a set of Bitcoin addresses for the payment. Pierluigi Paganini.

Malware 70

Malware Ransomware Encryption Advertising 70

Security Affairs

OCTOBER 10, 2019

New espionage malware found targeting Russian-speaking users in Eastern Europe. ESET found an advanced malware piece of malware named Attor, targeting diplomats and high-profile Russian-speaking users in Eastern Europe. The Attor malware makes sophisticated use of encryption to hide its components.

Malware 79

Malware Encryption Advertising Mobile 79

Security Affairs

SEPTEMBER 28, 2020

A new ransomware gang named Mount Locker has started its operations stealing victims’ data before encrypting. According to the popular malware researchers Michael Gillespie , the Mount Locker uses ChaCha20 to encrypt the files and an embedded RSA-2048 public key to encrypt the encryption key.

Ransomware 133

Ransomware Encryption Advertising Engineering 133

The Last Watchdog

JUNE 21, 2020

Although most people think of ransomware as a dodgy application that encrypts data and holds it for ransom, the concept is much more heterogeneous than that. File encryption 2013 – 2015. It emerged in September 2013 and paved the way for hundreds of file-encrypting menaces that have splashed onto the scene ever since.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

Security Affairs

SEPTEMBER 28, 2019

Microsoft researchers observed a campaign delivering malware, dubbed Nodersok, relying on advanced techniques and elusive network infrastructure. Microsoft experts observed a malware campaign, tracked as Nodersok, relying on advanced techniques and elusive network infrastructure. based payload, and a bunch of encrypted files.

Malware 80

Malware Advertising Retail Healthcare 80

Security Affairs

SEPTEMBER 6, 2020

Baka is a sophisticated e-skimmer developed by a skilled malware developer that implements a unique obfuscation method and loader. The skimmer loads dynamically to avoid static malware scanners and uses unique encryption parameters for each victim to obfuscate the malicious code.” ” reads the alert published by VISA.

eCommerce 132

eCommerce Malware Encryption Advertising 132

Security Affairs

JULY 21, 2019

A few days ago, the experts at Emsisoft released a free decryptor for the Ims00rry ransomware , now the malware team announced the released of a decryptor for the ZeroFucks ransomware. ZeroFucks ransomware encrypts files with AES-256 and replaces the extension in the filename with “. SecurityAffairs – ZeroFucks, malware).

Ransomware 82

Ransomware Encryption Advertising Malware 82

Security Affairs

AUGUST 27, 2019

Security experts from Kaspersky spotted a malware in the free version of the popular PDF creator application CamScanner app. Experts from Kaspersky have discovered malware in the free Android version of the CamScanner app that could be used by attackers to remotely hack Android devices and steal targets’ data.

Malware 97

Malware Advertising Mobile Hacking 97

Security Affairs

SEPTEMBER 27, 2020

Google removed this week 17 Android apps from its Play Store because they were infected with the Joker (aka Bread) malware, Zscaler revealed. Security researchers from Zscaler spotter 17 apps in the Play Store that were infected with the Joker (Bread) malware. ” reads the post published by ZScaler.

Malware 142

Malware Advertising Spyware Encryption 142

Security Affairs

SEPTEMBER 29, 2020

The name AgeLocker comes from the use of the Actually Good Encryption ( AGE ) algorithm to encrypt files, experts warn that encrypted files can’t be recovered without paying the ransom to the ransomware operators. Security experts are observing the new strain of ransomware that is targeting QNAP devices since June.

Firmware 125

Firmware Encryption Ransomware Advertising 125

Security Affairs

JUNE 29, 2020

million to cybercriminals to recover data encrypted during a ransomware attack that took place on June 1. While we stopped the attack as it was occurring, the actors launched malware that encrypted a limited number of servers within the School of Medicine, making them temporarily inaccessible,” reads a statement published by the UCSF.

Ransomware 127

Ransomware Encryption Advertising Malware 127

Security Affairs

OCTOBER 8, 2020

Initially the reason for our interest in this malware was its rarity, the obviously targeted nature of the campaign and the fact that there are no obvious similarities with already known campaigns at the level of code, infrastructure or TTPs.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware 100

Malware Encryption Advertising Hacking 100

Security Affairs

NOVEMBER 26, 2019

“The Dexphot attack used a variety of sophisticated methods to evade security solutions. Layers of obfuscation, encryption, and the use of randomized file names hid the installation process. The installer downloads an MSI package from one of the above URLs, then it executes the msiexec.exe to silently install the malware.

Cryptocurrency 121

Cryptocurrency Malware Encryption Advertising 121

Security Affairs

DECEMBER 2, 2019

Experts discovered a new malware dubbed Clop ransomware that attempts to remove Malwarebytes and other security products. Security researcher Vitali Kremez discovered a new malware dubbed Clop ransomware that targets Windows systems and attempts to disable security products running on the infected systems.

Ransomware 114

Ransomware Encryption Advertising Cybercrime 114