2014, Hacking and Malware - Cyber Security Informer

Chinese Android phones shipped with malware-laced WhatsApp, Telegram apps

Security Affairs

APRIL 16, 2025

Attackers infiltrated the supply chain, embedding malware in pre-installed apps. The experts found malware-laced applications pre-installed on the phone. The malware injected via LSPatch into ~40 legitimate-looking apps, including messengers and QR scanners, is dubbed dubbed Shibai. ” continues the report.

Malware

Malware Manufacturing Mobile Spyware

FBI deleted China-linked PlugX malware from over 4,200 US computers

Security Affairs

JANUARY 14, 2025

The FBI has removed Chinese PlugX malware from over 4,200 computers in networks across the United States, the U.S. The Justice Department and FBI, along with international partners, announced they deleted PlugX malware from thousands of infected computers worldwide as part of a multi-month law enforcement operation.

Malware

Malware Government Hacking Cybersecurity

Mazda Connect flaws allow to hack some Mazda vehicles

Security Affairs

NOVEMBER 9, 2024

The vulnerabilities impact the Mazda Connect Connectivity Master Unit (CMU) system installed in multiple car models, including the Mazda 3 model year 2014-2021. This quick compromise allows vehicles to be targeted during valet service, ride-sharing, or through USB malware. ” reads the advisory. ” concludes the report. .

Hacking

Hacking Firmware Software Manufacturing

An Interview With the Target & Home Depot Hacker

Krebs on Security

NOVEMBER 14, 2024

In December 2023, KrebsOnSecurity revealed the real-life identity of Rescator , the nickname used by a Russian cybercriminal who sold more than 100 million payment cards stolen from Target and Home Depot between 2013 and 2014. Shefel says he is now flat broke, and that he currently has little to show for a storied hacking career.

Retail

Retail Advertising Cryptocurrency Cybercrime

New Reductor Nation-State Malware Compromises TLS

Schneier on Security

OCTOBER 10, 2019

Kaspersky has a detailed blog post about a new piece of sophisticated malware that it's calling Reductor. Based on these similarities, we're quite sure the new malware was developed by the COMPfun authors. The COMpfun malware was initially documented by G-DATA in 2014.

Malware

Malware Engineering Encryption Hacking

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Krebs on Security

JUNE 1, 2023

This post is a deep dive on “ Megatraffer ,” a veteran Russian hacker who has practically cornered the underground market for malware focused code-signing certificates since 2015. More recently, it appears Megatraffer has been working with ransomware groups to help improve the stealth of their malware. WHO IS MEGATRAFFER?

Malware

Malware Cybercrime Software Accountability

U.S. Offered $10M for Hacker Just Arrested by Russia

Krebs on Security

DECEMBER 4, 2024

Last week, the Russian government reportedly arrested Matveev and charged him with creating malware used to extort companies. image: x.com/vxunderground The golden rule of cybercrime in Russia has always been that as long as you never hack, extort or steal from Russian citizens or companies, you have little to fear of arrest.

Cybercrime

Cybercrime Ransomware Cryptocurrency Government

Orcus RAT Author Charged in Malware Scheme

Krebs on Security

NOVEMBER 13, 2019

In July 2016, KrebsOnSecurity published a story identifying a Toronto man as the author of the Orcus RAT , a software product that’s been marketed on underground forums and used in countless malware attacks since its creation in 2015. This week, Canadian authorities criminally charged him with orchestrating an international malware scheme.

Malware

Malware Advertising Marketing System Administration

Giving a Face to the Malware Proxy Service ‘Faceless’

Krebs on Security

APRIL 18, 2023

For the past seven years, a malware-based proxy service known as “ Faceless ” has sold anonymity to countless cybercriminals. The proxy lookup page inside the malware-based anonymity service Faceless. Image: spur.us. as a media sharing device on a local network that was somehow exposed to the Internet.

Malware

Malware Passwords Accountability Advertising

Email Provider VFEmail Suffers ‘Catastrophic’ Hack

Krebs on Security

FEBRUARY 12, 2019

Attacks that seek to completely destroy data and servers without any warning or extortion demand are not as common as, say, ransomware infestations , but when they do occur they can be devastating (the 2014 Sony Pictures hack and the still-unsolved 2016 assault on U.S.-based based ISP Staminus come to mind).

Hacking

Hacking DDOS Backups Accountability

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Krebs on Security

FEBRUARY 9, 2023

Initially a stealthy trojan horse program delivered via email and used to steal passwords, Trickbot evolved into “a highly modular malware suite that provides the Trickbot Group with the ability to conduct a variety of illegal cyber activities, including ransomware attacks,” the Treasury Department said. The Forbes.ru

Hacking

Hacking Cybercrime Ransomware Government

Actions Target Russian Govt. Botnet, Hydra Dark Market

Krebs on Security

APRIL 7, 2022

The DOJ said it did not seek to disinfect compromised devices; instead, it obtained court orders to remove the Cyclops Blink malware from its “command and control” servers — the hidden machines that allowed the attackers to orchestrate the activities of the botnet. energy facilities. ” HYDRA. ” HYDRA. .

Marketing

Marketing Energy and Utilities Malware Ransomware

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

Balaban This ransomware was doing the rounds over spam generated by the Gameover ZeuS botnet, which had been originally launched in 2011 as a toolkit for stealing victim’s banking credentials and was repurposed for malware propagation. These included PClock, CryptoLocker 2.0, Crypt0L0cker, and TorrentLocker.

Ransomware

Ransomware Hacking Encryption Penetration Testing

The Olympics: a timeline of scams, hacks, and malware

Malwarebytes

JULY 28, 2021

And while actual, measurable cyberrattacks and hacks surrounding The Olympics did not truly get rolling until 2008 in Beijing, The Olympic games have traditionally been quite the target for malicious acts of all kinds, dating back years. It was also the first major Olympics event where organizers braced for hacking related impact.

Scams

Scams Hacking Malware Mobile

French Firms Rocked by Kasbah Hacker?

Krebs on Security

MARCH 2, 2020

A large number of French critical infrastructure firms were hacked as part of an extended malware campaign that appears to have been orchestrated by at least one attacker based in Morocco, KrebsOnSecurity has learned. ‘FATAL’ ERROR.

DNS

DNS Penetration Testing Malware Hacking

New MrbMiner malware infected thousands of MSSQL DBs

Security Affairs

SEPTEMBER 16, 2020

A threat actor is launching brute-force attacks on MSSQL servers in the attempt to access them to install a new crypto-mining malware dubbed MrbMiner. A group of hackers is launching brute-force attacks on MSSQL servers with the intent to compromise them and install crypto-mining malware dubbed MrbMiner. Mining process.”

Malware

Malware Cryptocurrency Advertising Accountability

Ukrainian Police Nab Six Tied to CLOP Ransomware

Krebs on Security

JUNE 16, 2021

First debuting in early 2019, CLOP is one of several ransomware groups that hack into organizations, launch ransomware that encrypts files and servers, and then demand an extortion payment in return for a digital key needed to unlock access. ? /.

Ransomware

Ransomware Cybercrime Malware Encryption

Security Affairs newsletter Round 501 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

DECEMBER 8, 2024

Now He Wants to Help You Escape, Too Dozens of Countries Hit in Chinese Telecom Hacking Campaign, Top U.S. officials urge Americans to use encrypted apps amid unprecedented cyberattack The Great Pokmon Go Spy Panic Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,newsletter)

Artificial Intelligence

Artificial Intelligence Spyware Hacking Ransomware

Carbanak malware returned in ransomware attacks

Security Affairs

DECEMBER 26, 2023

Researchers at NCC Group reported that in November they observed the return of the infamous banking malware Carbanak in ransomware attacks. The cybersecurity firm NCC Group reported that in November the banking malware Carbanak was observed in ransomware attacks. ” reads the report published by NCC Group.

Malware

Malware Ransomware Banking Healthcare

U.S. Indicts North Korean Hackers in Theft of $200 Million

Krebs on Security

FEBRUARY 17, 2021

Confirmed thefts attributed to the group include the 2016 hacking of the SWIFT payment system for Bangladesh Bank, which netted thieves $81 million; $6.1 In reality, prosecutors say, the programs were malware or downloaded malware after the applications were installed. billion from banks and other victims worldwide.

Cryptocurrency

Cryptocurrency Financial Services Banking Government

Is the Abaddon RAT the first malware using Discord as C&C?

Security Affairs

OCTOBER 25, 2020

Researchers from MalwareHunterTeam have spotted a new piece of remote access trojan (RAT) dubbed ‘Abaddon’ that is likely the first malware using the Discord platform as command and control. The Abaddon malware connects to the Discord command and control server to check for new commands to execute. "Abaddon"

Malware

Malware Advertising Ransomware Encryption

CDRThief Linux malware steals VoIP metadata from Linux softswitches

Security Affairs

SEPTEMBER 10, 2020

ESET researchers discovered a new piece of malware dubbed CDRThief targets a specific Voice over IP system to steal call data records (CDR). The VoIP platform Linknat VOS2009 and VOS3000 targeted by the malware is used by two China-produced softswitches (software switches). ” reads the analysis published by ESET.

Malware

Malware Encryption Advertising Passwords

Attacks Aimed at Disrupting the Trickbot Botnet

Krebs on Security

OCTOBER 2, 2020

Over the past 10 days, someone has been launching a series of coordinated attacks designed to disrupt Trickbot , an enormous collection of more than two million malware-infected Windows PCs that are constantly being harvested for financial data and are often used as the entry point for deploying ransomware within compromised organizations.

Ransomware

Ransomware Malware Healthcare Internet

Romanians arrested for running underground malware services

Security Affairs

NOVEMBER 22, 2020

Two Romanians arrested for running three malware services. Two Romanians have been arrested for running two malware crypter services called CyberSeal and DataProtector, and the CyberScan malware testing service. SecurityAffairs – hacking, cybercrime). The prices for this service varied between US$7 to US$40.”

Malware

Malware Antivirus Cybercrime Software

REvil ransomware gang hacked gaming firm Gaming Partners International

Security Affairs

OCTOBER 31, 2020

The REvil ransomware operators made the headlines again, this time the gang claims to have hacked the Gaming Partners International (GPI). “Absolutely all servers and working computers of the company are hacked and encrypted. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Hacking

Hacking Ransomware Advertising Encryption

Who’s Behind the Botnet-Based Service BHProxies?

Krebs on Security

FEBRUARY 24, 2023

The Mylobot malware includes more than 1,000 hard-coded and encrypted domain names, any one of which can be registered and used as control networks for the infected hosts. The account didn’t resume posting on the forum until April 2014. This gave us clear evidence that Mylobot infected computers are used by the BHProxies service.”

Accountability

Accountability Advertising Marketing Malware

The Mask APT is back after 10 years of silence

Security Affairs

DECEMBER 18, 2024

Kaspersky first identified the APT group in 2014, but experts believe the cyber espionage campaign had already been active for over five years. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,APT) . ” concludes the report.

Cyber Attacks

Cyber Attacks Hacking Government Malware

New ZLoader malware campaign hit more than 2000 victims across 111 countries

Security Affairs

JANUARY 10, 2022

A malware campaign spreads ZLoader malware by exploiting a Windows vulnerability that was fixed in 2013 but in 2014 Microsoft revised the fix. Experts from Check Point Research uncovered a new ZLoader malware campaign in early November 2021. SecurityAffairs – hacking, Zloader). Zeus OpenSSL). Pierluigi Paganini.

Malware

Malware Banking Software Cybercrime

Alleged Activision hack, 500,000 Call Of Duty players impacted

Security Affairs

SEPTEMBER 21, 2020

Over 500,000 Activision accounts may have been hacked in a new data breach that the gaming firm suffered on September 20. “All Call of Duty players should be on notice after a major Activision hack has left millions of accounts in limbo.” Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Hacking

Hacking Data breaches Accountability Passwords

Operation Reacharound – Emotet malware is back

Security Affairs

NOVEMBER 15, 2021

The FBI collected millions of email addresses used by Emotet operators in their malware campaigns as part of the cleanup operation. The Emotet banking trojan has been active at least since 2014, the botnet is operated by a threat actor tracked as TA542. Malware tracking non-profit organization Abuse.ch ” reported GData.

Malware

Malware Banking Hacking Ransomware

Researchers uncovered a new Malware Builder dubbed APOMacroSploit

Security Affairs

FEBRUARY 22, 2021

Researchers spotted a new Office malware builder, tracked as APOMacroSploit, that was employed in a campaign targeting more than 80 customers worldwide. Researchers from security firm Check Point uncovered a new Office malware builder called APOMacroSploit, which was employed in attacks that targeted more than 80 customers worldwide.

Malware

Malware Antivirus Phishing Cryptocurrency

Steel sheet giant Hoa Sen Group hacked by Maze ransomware operators

Security Affairs

AUGUST 21, 2020

During the ordinary monitoring of Deepweb and Darkweb , researchers at Cyble came across the leak disclosure post published by the Maze ransomware operators that claim the hack of the Hoa Sen Group. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, Maze Ransomware Operators).

Ransomware

Ransomware Hacking Advertising Backups

FBI arrested a Russian national for recruiting employee of US firm to plant malware

Security Affairs

AUGUST 26, 2020

after attempting to recruit an employee at a targeted company to plant a malware. US authorities arrested the Russian national Egor Igorevich Kriuchkov (27) after attempting to recruit an employee at a targeted company to plant a piece of malware. “He explained the malware attacks the systems in two ways.

Malware

Malware DDOS Advertising Hacking

QQAAZZ crime gang charged for laundering money stolen by malware gangs

Security Affairs

OCTOBER 18, 2020

Multiple members of QQAAZZ multinational cybercriminal gang were charged for providing money-laundering services to high-profile malware operations. According to law enforcement bodies, the gang provides services to multiple malware operations, including Dridex , GozNym , and Trickbot. Pierluigi Paganini.

Malware

Malware Banking Cryptocurrency Cybercrime

Hackers Exploit Zoom's Remote Control Feature in Cryptocurrency Heists

SecureWorld News

APRIL 22, 2025

Once control is granted, the attacker can secretly install malware, including infostealers and remote access trojans (RATs), onto the victim's machine. The malware then exfiltrates sensitive data, including cryptocurrency wallet credentials, personal information, and private keys. billion hack of the Bybit exchange in February 2025.

Cryptocurrency

Cryptocurrency Social Engineering Cybercrime Engineering

Flaws in ‘Find My Mobile’ exposed Samsung phones to hack

Security Affairs

AUGUST 11, 2020

Below the speech made by the experts last week at DEF CON 28SM hacking virtual conference. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, Samsung Find My Mobile). Pierluigi Paganini.

Mobile

Mobile Hacking Advertising Cybersecurity

Administrator of RSOCKS Proxy Botnet Pleads Guilty

Krebs on Security

JANUARY 24, 2023

Denis Emelyantsev , a 36-year-old Russian man accused of running a massive botnet called RSOCKS that stitched malware into millions of devices worldwide, pleaded guilty to two counts of computer crime violations in a California courtroom this week. A copy of the passport for Denis Emelyantsev, a.k.a.

Cybercrime

Cybercrime Advertising IoT Malware

A Google Drive weakness could allow attackers to serve malware

Security Affairs

AUGUST 23, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, Google Drive). The post A Google Drive weakness could allow attackers to serve malware appeared first on Security Affairs. Pierluigi Paganini.

Malware

Malware Phishing Advertising Antivirus

EnemyBot malware adds new exploits to target CMS servers and Android devices

Security Affairs

MAY 30, 2022

Experts pointed out that the malware is being actively developed. Gafgyt is a popular choice for launching large-scale DDoS attacks, it first appeared in the threat landscape in 2014. The malware can quickly adopt one-day vulnerabilities (within days of a published proof of concept).” SecurityAffairs – hacking, EnemyBot).

Malware

Malware DDOS IoT Cybercrime

China-linked Moshen Dragon abuses security software to sideload malware

Security Affairs

MAY 3, 2022

A China-linked APT group, tracked as Moshen Dragon, has been observed targeting the telecommunication sector in Central Asia with ShadowPad and PlugX malware, SentinelOne warns. Both PlugX and ShadowPad malware are very common among China-linked cyberespionage groups. SecurityAffairs – hacking, APT). To nominate, please visit:?

Software

Software Malware Telecommunications Antivirus

HP Device Manager flaws expose Windows systems to hack

Security Affairs

OCTOBER 4, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, HP). The post HP Device Manager flaws expose Windows systems to hack appeared first on Security Affairs. Pierluigi Paganini.

Hacking

Hacking Accountability Passwords InfoSec

Cyberium malware-hosting domain employed in multiple Mirai variants campaigns

Security Affairs

JUNE 15, 2021

The botnet was linked to a new malware hosting domain that has been serving Mirai variants for several different botnets over the past year. This payload contains the logic to change the execution path to a temporary location, wget a file from a malware hosting page, provide execution permissions, and execute it.”

Malware

Malware Internet Internet DDOS

The Link Between AWM Proxy & the Glupteba Botnet

Krebs on Security

JUNE 28, 2022

On December 7, 2021, Google announced it was suing two Russian men allegedly responsible for operating the Glupteba botnet, a global malware menace that has infected millions of computers over the past decade. dismantled the “ RSOCKS ” botnet, a competing proxy service that had been in operation since 2014.

Passwords

Passwords Malware Internet Internet

Ukrainian national faces up to 20 years in prison for his role in Zeus, IcedID malware schemes

Security Affairs

FEBRUARY 17, 2024

Ukrainian national Vyacheslav Igorevich Penchukov has pleaded guilty to his key roles in the Zeus and IcedID malware operations. Vyacheslav Igorevich Penchukov was a leader of two prolific malware groups that infected thousands of computers with malicious software. Since May 2019, Penchukov had a prominent role in the Zeus operation.

Malware

Malware Cybercrime Banking Hacking

Chinese Android phones shipped with malware-laced WhatsApp, Telegram apps

FBI deleted China-linked PlugX malware from over 4,200 US computers

Trending Sources

Mazda Connect flaws allow to hack some Mazda vehicles

An Interview With the Target & Home Depot Hacker

New Reductor Nation-State Malware Compromises TLS

Ask Fitis, the Bear: Real Crooks Sign Their Malware

U.S. Offered $10M for Hacker Just Arrested by Russia

Orcus RAT Author Charged in Malware Scheme

Giving a Face to the Malware Proxy Service ‘Faceless’

Email Provider VFEmail Suffers ‘Catastrophic’ Hack

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Actions Target Russian Govt. Botnet, Hydra Dark Market

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Olympics: a timeline of scams, hacks, and malware

French Firms Rocked by Kasbah Hacker?

New MrbMiner malware infected thousands of MSSQL DBs

Ukrainian Police Nab Six Tied to CLOP Ransomware

Security Affairs newsletter Round 501 by Pierluigi Paganini – INTERNATIONAL EDITION

Carbanak malware returned in ransomware attacks

U.S. Indicts North Korean Hackers in Theft of $200 Million

Is the Abaddon RAT the first malware using Discord as C&C?

CDRThief Linux malware steals VoIP metadata from Linux softswitches

Attacks Aimed at Disrupting the Trickbot Botnet

Romanians arrested for running underground malware services

REvil ransomware gang hacked gaming firm Gaming Partners International

Who’s Behind the Botnet-Based Service BHProxies?

The Mask APT is back after 10 years of silence

New ZLoader malware campaign hit more than 2000 victims across 111 countries

Alleged Activision hack, 500,000 Call Of Duty players impacted

Operation Reacharound – Emotet malware is back

Researchers uncovered a new Malware Builder dubbed APOMacroSploit

Steel sheet giant Hoa Sen Group hacked by Maze ransomware operators

FBI arrested a Russian national for recruiting employee of US firm to plant malware

QQAAZZ crime gang charged for laundering money stolen by malware gangs

Hackers Exploit Zoom's Remote Control Feature in Cryptocurrency Heists

Flaws in ‘Find My Mobile’ exposed Samsung phones to hack

Administrator of RSOCKS Proxy Botnet Pleads Guilty

A Google Drive weakness could allow attackers to serve malware

EnemyBot malware adds new exploits to target CMS servers and Android devices

China-linked Moshen Dragon abuses security software to sideload malware

HP Device Manager flaws expose Windows systems to hack

Cyberium malware-hosting domain employed in multiple Mirai variants campaigns

The Link Between AWM Proxy & the Glupteba Botnet

Ukrainian national faces up to 20 years in prison for his role in Zeus, IcedID malware schemes

Stay Connected