Krebs on Security

NOVEMBER 14, 2024

That investigation detailed how the 38-year-old Shefel adopted the nickname Rescator while working as vice president of payments at ChronoPay , a Russian financial company that paid spammers to advertise fake antivirus scams, male enhancement drugs and knockoff pharmaceuticals. “I’m also godfather of his second son.”

Retail 277

Retail Advertising Cryptocurrency Cybercrime 277

Security Affairs

NOVEMBER 22, 2020

Two Romanians arrested for running three malware services. Two Romanians have been arrested for running two malware crypter services called CyberSeal and DataProtector, and the CyberScan malware testing service. DataProtector was launched in 2015, while CyberScan was launched in 2019. ” continues the press release.

Malware 144

Malware Antivirus Cybercrime Software 144

Krebs on Security

APRIL 22, 2019

The owner of a Swedish company behind a popular remote administration tool (RAT) implicated in thousands of malware attacks shares the same name as a Swedish man who pleaded guilty in 2015 to co-creating the Blackshades RAT , a similar product that was used to infect more than half a million computers with malware, KrebsOnSecurity has learned.

Advertising 257

Advertising Antivirus Software Malware 257

Krebs on Security

JANUARY 27, 2021

NetWalker is a ransomware-as-a-service crimeware product in which affiliates rent access to the continuously updated malware code in exchange for a percentage of any funds extorted from victims. Each build is unique, in that the malware is inside the script – it is not downloaded from the internet. million from the scheme.

Ransomware 351

Ransomware Cybercrime Antivirus Encryption 351

Security Affairs

JULY 23, 2019

Experts discovered several flaws in Comodo Antivirus, including a vulnerability that could allow to escape the sandbox and escalate privileges. The Tenable expert David Wells discovered five flaws in the Comodo Antivirus and Comodo Antivirus Advanced. We recommend to keep updated on future Comodo Antivirus releases.”

Antivirus 108

Antivirus Advertising Hacking Malware 108

Security Affairs

JUNE 21, 2020

Shlayer Mac malware is back, the Mac threat is now spreading through new black SEO operations. Researchers spotted a new version of the Shlayer Mac malware that is spreading via poisoned Google search results. The malware can be used to download other malicious payloads, including malware or adware. up to 10.14.3.

Engineering 145

Engineering Malware Adware Antivirus 145

Security Affairs

JULY 22, 2019

BlackBerry Cylance has addressed a bypass vulnerability recently discovered in its AI-based antivirus engine CylancePROTECT product. “We verified the issue was not a universal bypass as reported, but rather a technique that allowed for one of the anti-malware components of the product to be bypassed in certain circumstances.

Antivirus 107

Antivirus Engineering Advertising Hacking 107

Security Affairs

FEBRUARY 16, 2019

Researchers at Cybereason’s Nocturnus team have uncovered a new Astaroth Trojan campaign that is currently exploiting the Avast antivirus and security software developed by GAS Tecnologia to steal information and drop malicious modules. According to the experts, LOLbins are very effecting in evading antivirus software.

Antivirus 111

Antivirus Passwords Malware Advertising 111

Security Affairs

AUGUST 15, 2019

A vulnerability in Kaspersky Antivirus had exposed a unique identifier associated with users to every website they have visited in the past 4 years. A vulnerability in the Kaspersky Antivirus software, tracked as CVE-2019-8286, had exposed a unique identifier associated with its users to every website they have visited in the past 4 years.

Antivirus 111

Antivirus Advertising Software Internet 111

Security Affairs

OCTOBER 30, 2018

Windows Defender, the Windows built-in anti-malware tool, implemented the ability to run in a secure sandbox mode. Since antivirus and anti-malware tools run with the highest level of privileges to scan all parts of a computer for malicious code, it has become a desired target for attackers. Pierluigi Paganini.

Antivirus 109

Antivirus Advertising Malware Software 109

Security Affairs

JULY 16, 2020

Researchers spotted a new Android banking trojan dubbed BlackRock malware that steals credentials and credit card data from hundreds of apps. The BlackRock malware borrows the code from the Xerxes banking malware, which is a strain of the popular LokiBot Android trojan.

Malware 138

Malware Banking Mobile Advertising 138

Krebs on Security

JUNE 25, 2019

” What follows is a deep dive into the identity of that Chinese vendor, which appears to have a long and storied history of pushing the envelope on mobile malware. com via Domaintools.com shows the domain was assigned in 2015 to a company called “ Shanghai Blazefire Network Technology Co. com 2015-03-09 GODADDY.COM, LLC.

Mobile 279

Mobile Technology Manufacturing Malware 279

Security Affairs

FEBRUARY 14, 2020

The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) released reports on North Korea-linked HIDDEN COBRA malware. Each report includes a detailed “malware descriptions, suggested response actions, and recommended mitigation techniques.” Pierluigi Paganini.

Malware 144

Malware Passwords Advertising Antivirus 144

CyberSecurity Insiders

JUNE 17, 2021

And information is out that the campaign could have started by a hacking group dubbed Ferocious Kitten that has been active since 2015 and was conducting spying through a highly sophisticated malware named MarkiRAT. . Why the malware spreading hackers are targeting only Persian-speaking people is yet to be revealed to the public.

Malware 118

Malware Surveillance Antivirus Hacking 118

Security Affairs

SEPTEMBER 22, 2018

The Latvian expert Ruslans Bondars (37), who developed and run the counter antivirus service Scan4You has been sentenced to 14 years in prison. Scan4you is a VirusTotal like online multi-engine antivirus scanning service that could be used by vxers to test evasion abilities of their malware against the major antiviruses.

Malware 111

Malware Antivirus Retail Advertising 111

Security Affairs

FEBRUARY 24, 2020

Since end-December 2019 lampion malware has been noted as the most prominent malware targeting Portuguese organizations. Figure 1: Lampion malware email templates. 2020-02-13] #Lampion v2 #portugal #malware #ATA 0998f6473004e0ba54ead5784ba62db8 h}//vrau-x.s3.us-east-2.amazonaws.[com/0.zip zip h//oiurx14x.s3.us-east-2.amazonaws.}com/P-14-7.dll

Malware 122

Malware Banking Antivirus Advertising 122

Malwarebytes

NOVEMBER 16, 2021

This remote access Trojan (RAT) was first discovered in infected Windows computers in 2017 by the Indian Computer Emergency Response Team (CERT-IN), but it has been active since at least 2015. CERT-IN had described GravityRAT as “unlike most malware, which are designed to inflict short term damage.

Malware 142

Malware Encryption Media Marketing 142

Security Affairs

OCTOBER 11, 2018

ESET researchers have spotted a new strain of malware tracked as Exaramel that links the dreaded not Petya wiper to the Industroyer ICS malware. A few months ago, researchers from ESET discovered a new piece of malware that further demonstrates the existence of a link between Industroyer and the NotPetya wiper.

Malware 111

Malware Passwords Advertising Antivirus 111

Security Affairs

SEPTEMBER 22, 2020

US Cybersecurity and Infrastructure Security Agency (CISA) is warning of a notable increase in the use of LokiBot malware by threat actors since July 2020. The Agency’s EINSTEIN Intrusion Detection System has detected persistent malicious activity associated with the LokiBot malware. ” reads the CISA’s advisory. .”

Malware 115

Malware Passwords Advertising Antivirus 115

Security Affairs

AUGUST 26, 2019

A new ransomware, called Nemty ransomware, has been discovered over the weekend by malware researchers. The popular malware researcher Vitali Kremez discovered that the Nemty ransomware uses an unusual name for the mutex object, “hate.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware 111

Ransomware Malware Antivirus Encryption 111

Security Affairs

AUGUST 23, 2020

Experts pointed out that Google Chrome appears to implicitly trust any file downloaded from Google Drive, even if they are flagged and “malicious” by antivirus software as malicious. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – hacking, Google Drive).

Malware 145

Malware Phishing Advertising Antivirus 145

Krebs on Security

MAY 16, 2019

Law enforcement agencies in the United States and Europe today unsealed charges against 11 alleged members of the GozNym malware network, an international cybercriminal syndicate suspected of stealing $100 million from more than 41,000 victims with the help of a stealthy banking trojan by the same name. Prosecutors say Nikolov, a.k.a.

Cybercrime 235

Cybercrime Banking Small Business Computers and Electronics 235

Security Affairs

APRIL 29, 2021

Cybersecurity firm Kaspersky discovered a new strain of malware that is believed to be part of the arsenal of theUS Central Intelligence Agency (CIA). Cybersecurity firm Kaspersky has discovered a new malware that experts attribute to the US Central Intelligence Agency. We therefore named this malware Purple Lambert.”

Malware 137

Malware Hacking Government Telecommunications 137

Security Affairs

MARCH 28, 2019

The activity of the Lazarus Group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks and experts that investigated on the crew consider it highly sophisticated. At the time, North Korea-linked Lazarus APT group leveraged for the first time on a MacOS variant of the Fallchill malware.

Cryptocurrency 111

Cryptocurrency Malware Advertising Antivirus 111

Webroot

MARCH 12, 2025

Many hard drives fail in less than three years , and its been found that the newer drives have shorter lifespans than those manufactured before 2015. This can be caused by software bugs, hardware failures, viruses and malware , resulting in system crashes or data corruption.

Backups 91

Backups Encryption Antivirus Data preservation 91

Security Affairs

APRIL 9, 2020

Group-IB’s CERT-GIB analyzed hundreds of coronavirus -related phishing emails and discovered top malware strains in COVID-19 campaigns. Spyware turned out to be the most common malware class hiding in fraudulent COVID-19 emails, with AgentTesla topping the list of phishers’ favorite strains. SecurityAffairs – malware, Coronavirus).

Phishing 144

Phishing Malware Spyware DDOS 144

Krebs on Security

SEPTEMBER 6, 2021

In May 2015, KrebsOnSecurity briefly profiled “ The Manipulaters ,” the name chosen by a prolific cybercrime group based in Pakistan that was very publicly selling spam tools and a range of services for crafting, hosting and deploying malicious email. One of several current Fudtools sites run by The Manipulaters. Image: Facebook.

Software 320

Software Phishing Cybercrime Accountability 320

Security Affairs

SEPTEMBER 2, 2020

Experts warn of the KryptoCibule Windows malware that has been active since late 2018 and has targeted users in the Czech Republic and Slovakia. Security researchers from ESET have shared technical detailts of a new piece of Windows malware tracked as KryptoCibule. ” reads the report. ” concludes ESET.

Cryptocurrency 144

Cryptocurrency Antivirus Malware Advertising 144

The Last Watchdog

JUNE 21, 2020

File encryption 2013 – 2015. Balaban This ransomware was doing the rounds over spam generated by the Gameover ZeuS botnet, which had been originally launched in 2011 as a toolkit for stealing victim’s banking credentials and was repurposed for malware propagation. RaaS rollout 2015 – 2018. Crypt0L0cker, and TorrentLocker.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

Security Affairs

MARCH 29, 2019

Malware researchers at Cybaze-Yoroi ZLAB team dissected a new sample of Qrypter malware that revealed an interesting evolution of the threat. This attachment has been dissected by Cybaze-Yoroi ZLAB team, revealing an interesting evolution of the Qrypter malware threat. Malware stacktrace. Introduction. Technical Analysis.

Malware 111

Malware Encryption Advertising Engineering 111

Security Affairs

JANUARY 31, 2020

Emotet , the most widespread malware worldwide and Ryuk , a ransomware type, are growing threats and real concerns for businesses and internet users in 2020. This study also concludes that a total of 377 Portuguese domains to spread different types of malware in the same period. SecurityAffairs – malware, hacking).

Malware 143

Malware Advertising Retail Antivirus 143

Krebs on Security

APRIL 3, 2024

In May 2015, KrebsOnSecurity published a brief writeup about the brazen Manipulaters team, noting that they openly operated hundreds of web sites selling tools designed to trick people into giving up usernames and passwords, or deploying malicious software on their PCs. ” A number of questions, indeed.

Phishing 302

Phishing Cybercrime Malware Advertising 302

eSecurity Planet

APRIL 22, 2025

Malware hidden in plain sight Whats particularly alarming about this campaign is the attackers use of legitimate antivirus software to carry out their crimes. In 2015, Palo Alto Networks exposed its operations , linking it to over 50 attacks in three years.

Government 58

Government Malware Antivirus Software 58

Krebs on Security

JULY 8, 2019

But GandCrab far eclipsed the success of competing ransomware affiliate programs largely because its authors worked assiduously to update the malware so that it could evade antivirus and other security defenses. It remains unclear how many individuals were active in the core GandCrab malware development team. of GandCrab.

Ransomware 279

Ransomware Accountability Cybercrime Passwords 279

Security Affairs

APRIL 10, 2019

Decades of adversarial coevolution with the Anti-Virus industry led the malware threats to develop the ability to evade detection, bypassing security boundaries and staying silent until the proper time. This battle, against malware, is huge. Yomi: The Malware Hunter” main interface. The Malware Hunter. For fun and profit.

Malware 110

Malware Encryption Engineering Advertising 110

Security Affairs

FEBRUARY 1, 2019

Security experts at Cybaze – Yoroi ZLab have analyzed a new sample of the AdvisorsBot malware, a downloader that was first spotted in August 2018. As usual, the malware looks like a legitimate e-mail attachment, named as “invoice.doc”. Figure 3 – Piece of VBS script that starts malware infection. DLL Analysis.

Malware 109

Malware DNS Social Engineering Advertising 109

Krebs on Security

JUNE 25, 2019

” What follows is a deep dive into the identity of that Chinese vendor, which appears to have a long and storied history of pushing the envelope on mobile malware. com via Domaintools.com shows the domain was assigned in 2015 to a company called “ Shanghai Blazefire Network Technology Co. com 2015-03-09 GODADDY.COM, LLC.

Mobile 189

Mobile Technology Manufacturing Software 189