eSecurity Planet

NOVEMBER 2, 2022

If you’ve used a computer for more than 5 minutes, you probably know a thing or two about computer viruses and malware. On the modern Internet, malware is a near-constant presence. Though often conflated with one another, malware and computer viruses aren’t necessarily the same thing. Looking to Protect Yourself Against Malware?

Malware 140

Malware Ransomware Antivirus Internet 140

Krebs on Security

JANUARY 27, 2021

and Bulgarian authorities this week seized the darkweb site used by the NetWalker ransomware cybercrime group to publish data stolen from its victims. The DOJ’s media advisory doesn’t mention the defendant’s age, but a 2015 report in the Gatineau local news website ledroit.com suggests this may not be his first offense.

Ransomware 290

Ransomware Cybercrime Antivirus Encryption 290

Krebs on Security

APRIL 3, 2024

Roughly nine years ago, KrebsOnSecurity profiled a Pakistan-based cybercrime group called “ The Manipulaters ,” a sprawling web hosting network of phishing and spam delivery platforms. ” A number of questions, indeed. ” A number of questions, indeed.

Phishing 228

Phishing Cybercrime Malware Advertising 228

Krebs on Security

FEBRUARY 9, 2023

Authorities in the United States and United Kingdom today levied financial sanctions against seven men accused of operating “ Trickbot ,” a cybercrime-as-a-service platform based in Russia that has enabled countless ransomware attacks and bank account takeovers since its debut in 2016. companies and government entities.

Hacking 201

Hacking Cybercrime Ransomware Government 201

Security Affairs

OCTOBER 15, 2019

Chinese-speaking cybercrime gang Rocke that carried out several large-scale cryptomining campaigns, has now using news tactics to evade detection. Chinese-speaking cybercrime gang Rocke, that carried out several large-scale cryptomining campaigns in past , has now using news tactics to evade detection. Pierluigi Paganini.

Cybercrime 61

Cybercrime DNS Malware Advertising 61

Security Affairs

SEPTEMBER 22, 2018

The Latvian expert Ruslans Bondars (37), who developed and run the counter antivirus service Scan4You has been sentenced to 14 years in prison. Scan4you is a VirusTotal like online multi-engine antivirus scanning service that could be used by vxers to test evasion abilities of their malware against the major antiviruses.

Malware 87

Malware Antivirus Retail Advertising 87

Security Affairs

SEPTEMBER 22, 2020

US Cybersecurity and Infrastructure Security Agency (CISA) is warning of a notable increase in the use of LokiBot malware by threat actors since July 2020. The Agency’s EINSTEIN Intrusion Detection System has detected persistent malicious activity associated with the LokiBot malware. ” reads the CISA’s advisory. .”

Malware 63

Malware Passwords Advertising Antivirus 63

Krebs on Security

SEPTEMBER 6, 2021

In May 2015, KrebsOnSecurity briefly profiled “ The Manipulaters ,” the name chosen by a prolific cybercrime group based in Pakistan that was very publicly selling spam tools and a range of services for crafting, hosting and deploying malicious email. One of several current Fudtools sites run by The Manipulaters.

Software 246

Software Phishing Cybercrime Accountability 246

Krebs on Security

JULY 8, 2019

But GandCrab far eclipsed the success of competing ransomware affiliate programs largely because its authors worked assiduously to update the malware so that it could evade antivirus and other security defenses. It remains unclear how many individuals were active in the core GandCrab malware development team. of GandCrab.

Ransomware 260

Ransomware Accountability Cybercrime Passwords 260

Security Affairs

DECEMBER 29, 2019

Experts uncovered a new tool dubbed BIOLOAD used by the FIN7 cybercrime group used as a dropper for a new variant of the Carbanak backdoor. The group that has been active since late 2015 targeted businesses worldwide to steal payment card information. SecurityAffairs – FIN7, malware). ” Fortinet concludes.

Cybercrime 58

Cybercrime Antivirus Identity Theft Advertising 58

Security Affairs

MARCH 24, 2020

ch launched the MalwareBazaar service, a malware repository to allow experts to share known malware samples and related info. ch launched a malware repository, called MalwareBazaar , to allow experts to share known malware samples and related analysis. Malware batches are available for download on a daily base.

Malware 50

Malware Adware Cyber threats Advertising 50

Security Affairs

APRIL 9, 2020

Group-IB’s CERT-GIB analyzed hundreds of coronavirus -related phishing emails and discovered top malware strains in COVID-19 campaigns. Spyware turned out to be the most common malware class hiding in fraudulent COVID-19 emails, with AgentTesla topping the list of phishers’ favorite strains. SecurityAffairs – malware, Coronavirus).

Phishing 100

Phishing Malware Spyware DDOS 100

The Last Watchdog

JUNE 21, 2020

File encryption 2013 – 2015. Balaban This ransomware was doing the rounds over spam generated by the Gameover ZeuS botnet, which had been originally launched in 2011 as a toolkit for stealing victim’s banking credentials and was repurposed for malware propagation. RaaS rollout 2015 – 2018. Crypt0L0cker, and TorrentLocker.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

Security Affairs

OCTOBER 11, 2020

ransomware displays ransom note in innovative way Carnival confirms data breach as a result of the August ransomware attack Google enhances malware protection for accounts enrolled in Advanced Protection Program (APP) Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns.

Advertising 82

Advertising Antivirus Data privacy Ransomware 82

Security Affairs

MARCH 10, 2020

Microsoft is warning of human-operated ransomware, this kind of attack against businesses is becoming popular in the cybercrime ecosystem. Human-operated ransomware is a technique usually employed in nation-state attacks that is becoming very popular in the cybercrime ecosystem. ” reads the post published by Microsoft.

Ransomware 111

Ransomware Cybercrime Social Engineering Banking 111

Security Affairs

AUGUST 3, 2020

He had no previous criminal records at the time of the arrest, but it is known to be a member of a cybercrime forum to become an affiliate for the GandCrab ransomware operation. He allegedly subscribed the GandCrab ransomware-as-a-service to create his own version of the malware and spread it running a spam campaign.

Ransomware 113

Ransomware Advertising Malware Hacking 113

Security Affairs

JULY 8, 2020

Once the hacker gained access to the network, the deployed password-stealing malware and remote access trojans (RATs) to harvest credentials and establish persistence in the system. Since March 2019, Fxmsp announced in cybercrime forums the availability of information stolen from major antivirus companies located in the U.S.

Hacking 69

Hacking Antivirus Advertising Cybercrime 69

Security Affairs

SEPTEMBER 20, 2019

Cofense researchers spotted a phishing campaign that is targeting taxpayers in the United States to infect them with the Amadey malware. Security experts at Cofense uncovered a phishing campaign that is targeting taxpayers in the United States attempting to infect them with a new piece of malware named Amadey.

Phishing 81

Phishing Social Engineering Malware Advertising 81

Security Affairs

APRIL 17, 2019

A new variant of the HawkEye data stealer emerges in the threat landscape as part of ongoing malware distribution campaigns. New malware campaigns leveraging a new variant of the HawkEye data stealer have been observed by experts at Talos. has been under active development since at least 2013. ” continues the analysis. .

Antivirus 81

Antivirus Malware Advertising Passwords 81

Security Affairs

SEPTEMBER 7, 2020

A recently discovered cybercrime gang, tracked as Epic Manchego , is using a new technique to create weaponized Excel files that are able to bypass security checks. Some antivirus solutions specifically analyze this section look for malicious VBA code in the Excel docs. Pierluigi Paganini. SecurityAffairs – hacking, Norway).

Cybercrime 90

Cybercrime Phishing Advertising Antivirus 90

Security Affairs

APRIL 14, 2019

The malware was developed to steal credentials, financial data, personal information, then the crooks offered them on the dark web marketplaces. The crooks used malicious emails purporting to be legitimate from such entities as Western Union, Norton AntiVirus and the IRS to spread the malware. Pierluigi Paganini.

Cryptocurrency 85

Cryptocurrency Identity Theft Advertising Accountability 85

Security Affairs

NOVEMBER 5, 2020

In such attacks, malware places a spoofed malicious DLL file in a Windows’ WinSxS directory so that the operating system loads it instead of the legitimate file. The technique was already employed by other Chinese APT groups since 2013, later it was also adopted by other cybercrime gangs in attacks in the wild. Pierluigi Paganini.

Encryption 105

Encryption Malware Advertising Antivirus 105

Security Affairs

NOVEMBER 21, 2019

There is misleading information circulating about Microsoft Teams, along with references to RDP (BlueKeep), as ways in which this malware spreads.” In our investigations we found that the malware relies on remote human operators using existing Domain Admin credentials to spread across an enterprise network.”

Ransomware 80

Ransomware Social Engineering Malware Advertising 80

Security Affairs

SEPTEMBER 7, 2020

In the middle-August, the Emotet malware was employed in fresh COVID19-themed spam campaign. Emotet malware is also used to deliver other malicious code, such as Trickbot and QBot trojan or ransomware such as Conti (TrickBot) or ProLock (QBot). Generally speaking, removal/cleaning by antivirus is not a sufficient guarantee. .

Malware 106

Malware Advertising Antivirus Banking 106

Security Affairs

NOVEMBER 11, 2021

Below is the list of exploits used by the bot: Vulnerability Affected devices CVE-2020-8515 DrayTek Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Beta, and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta devices CVE-2015-2051 D-Link DIR-645 Wired/Wireless Router Rev. This malware is still in beta phase and has been accidently leaked.

IoT 115

IoT Firmware Malware Wireless 115

Security Affairs

NOVEMBER 4, 2018

Researchers from Recorded Future’s Insikt Group and McAfee’s Advanced Threat Research team have discovered a new version of the malware that is offered through a RaaS distribution program on the Dark Web. With this partnership, Kraken now has an additional malware delivery method for its criminal customers.” The new Kraken v.2

Ransomware 92

Ransomware Advertising Cybercrime Malware 92

Security Affairs

JUNE 12, 2019

FireEye documented obfuscation techniques used by the group in June 2017 and the involvement of PUNCHTRACK POS-scraping malware. The ShellTea backdoor was analyzed by researchers Root9b in June 2017, the malware was used by threat actors to deliver the PoC malware. ” reads the analysis published by Morphisec.

Hacking 73

Hacking Malware Advertising Retail 73

Security Affairs

DECEMBER 7, 2019

US DoJ charged two Russian citizens for deploying the Dridex malware and for their involvement in international bank fraud and computer hacking schemes. The Bugat malware a multifunction malware package designed to automate the theft of confidential personal and financial information. Attorney Brady.

Banking 62

Banking Malware Cybercrime Accountability 62

Security Affairs

SEPTEMBER 16, 2019

The experts discovered that digital certificates are then used to spread malware, mainly adware. Threat actors sign their malware with legitimate digital certificates to avoid detection. The researchers provided evidence that the threat actors sold the purchased certificates to a cybercrime gang that used them to spread malware.

Adware 79

Adware Advertising Marketing Antivirus 79

Security Affairs

AUGUST 28, 2019

The French police force, National Gendarmerie, announced to have neutralized the Retadup malware on over 850,000 computers taking over its C2 server. The operation allowed the France law enforcement agency to remotely disinfect more than 850,000 computers worldwide with the help of Avast malware researchers. ” continues Avast.

Malware 81

Malware Advertising Antivirus Cryptocurrency 81

Security Affairs

OCTOBER 12, 2019

The group that has been active since late 2015 targeted businesses worldwide to steal payment card information. In August 2018, three members of the notorious cybercrime gang have been indicted and charged with 26 felony counts of conspiracy, wire fraud, computer hacking, access device fraud and aggravated identity theft.

Identity Theft 73

Identity Theft Hacking Advertising DNS 73

Security Affairs

APRIL 27, 2020

The cybercrime gang also apologized for the damages they have caused their victims. We are also publishing our decryption soft; we also hope that, having the keys, antivirus companies will issue their own more user-friendly decryption tools.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware 115

Ransomware Advertising Antivirus Education 115

Security Affairs

NOVEMBER 19, 2019

To bypass antivirus systems, hackers send out malicious emails in non-working hours with delayed activation. The first half of 2019 saw a 10-fold increase in the number of password-protected objects, such as documents and archive files, being used to deliver malware. Another trend was disguising malware in emails.

Ransomware 68

Ransomware Antivirus Malware Banking 68

Security Affairs

JANUARY 26, 2020

Malware attack took down 600 computers at Volusia County Public Library. Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. The Mystery of Fbot. Yomi Hunter Catches the CurveBall.

Data breaches 78

Data breaches Advertising Antivirus DDOS 78

Security Affairs

APRIL 21, 2019

Analyzing OilRigs malware that uses DNS Tunneling. Operator of Codeshop Cybercrime Marketplace Sentenced to 90 months in prison. Avast, Avira, Sophos and other antivirus solutions show problems after. Marcus Hutchins pleads guilty to two counts of banking malware creation. Pierluigi Paganini.

Computers and Electronics 59

Computers and Electronics Spyware Data breaches Advertising 59

Security Affairs

MARCH 19, 2020

” According to the experts, the first infections were observed in late 2019, victims reported their files were encrypted by a strain of malware. Operators behind the Pysa ransomware, also employed a version of the PowerShell Empire penetration-testing tool, they were able to stop antivirus products. Pierluigi Paganini.

Government 100

Government Ransomware Encryption Penetration Testing 100

Security Affairs

FEBRUARY 17, 2019

New Linux coin miner kills competing malware to maximize profits. Experts found a way to create a super-malware implanted in SGX-enclaves. Experts spotted a new strain of Shlayer macOS Malware. Astaroth Trojan relies on legitimate os and antivirus processes to steal data. Gootkit: Unveiling the Hidden Link with AZORult.

Advertising 67

Advertising Antivirus Malware Backups 67