2015, Encryption, Malware and Passwords

LimeRAT malware delivered using 8-year-old VelvetSweatshop trick

Security Affairs

APRIL 1, 2020

Researchers spotted a campaign using Excel files to spread LimeRAT malware using the 8-year-old and well-known VelvetSweatshop bug. Researchers at the Mimecast Threat Center spotted a new campaign using Excel files to spread LimeRAT malware using the 8-year-old VelvetSweatshop bug. ” reads the analysis published by the experts.

Malware

Malware Passwords Encryption Advertising

CDRThief Linux malware steals VoIP metadata from Linux softswitches

Security Affairs

SEPTEMBER 10, 2020

ESET researchers discovered a new piece of malware dubbed CDRThief targets a specific Voice over IP system to steal call data records (CDR). The VoIP platform Linknat VOS2009 and VOS3000 targeted by the malware is used by two China-produced softswitches (software switches). ” reads the analysis published by ESET.

Malware

Malware Encryption Advertising Passwords

STOP ransomware encrypts files and steals victim’s data

Security Affairs

MARCH 11, 2019

Experts observed the STOP ransomware installing the Azorult password-stealing Trojan to steal account credentials, cryptocurrency wallets, and more. The STOP ransomware made the headlines because it is installing password-stealing Trojans on the victims’ machines. SecurityAffairs – STOP ransomare , malware).

Encryption

Encryption Ransomware Cryptocurrency Passwords

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

The History of Computer Viruses & Malware

eSecurity Planet

NOVEMBER 2, 2022

If you’ve used a computer for more than 5 minutes, you probably know a thing or two about computer viruses and malware. On the modern Internet, malware is a near-constant presence. Though often conflated with one another, malware and computer viruses aren’t necessarily the same thing. Looking to Protect Yourself Against Malware?

Malware

Malware Ransomware Antivirus Internet

Dridex malware, the banking trojan

CyberSecurity Insiders

MARCH 28, 2023

The malware is primarily used to steal sensitive information, such as login credentials and financial information, from victims. The Dridex malware typically spreads through spam email campaigns, with the emails containing a malicious attachment or link that, when clicked, will install the malware on the victim's computer.

Banking

Banking Malware Backups Education

Tedrade banking malware families target users worldwide

Security Affairs

JULY 19, 2020

The four malware families are named Guildma, Javali, Melcoz, and Grandoreiro, experts believe are the result of a Brazilian banking group/operation that is evolving its capabilities targeting banking users abroad. Experts noticed that the malware uses the BITSAdmin tool to download the additional modules. ” continues Kaspersky.

Banking

Banking Malware Phishing Advertising

How Did Authorities Identify the Alleged Lockbit Boss?

Krebs on Security

MAY 13, 2024

This post examines the activities of Khoroshev’s many alter egos on the cybercrime forums, and tracks the career of a gifted malware author who has written and sold malicious code for the past 14 years. used the password 225948. Dmitry Yuryevich Khoroshev. Image: treasury.gov. On May 7, the U.S. and admin@stairwell.ru

Ransomware

Ransomware Cybercrime Accountability Malware

CDRThief Linux malware steals VoIP metadata from Linux softswitches

Security Affairs

SEPTEMBER 10, 2020

ESET researchers discovered a new piece of malware dubbed CDRThief targets a specific Voice over IP system to steal call data records (CDR). The VoIP platform Linknat VOS2009 and VOS3000 targeted by the malware is used by two China-produced softswitches (software switches). ” reads the analysis published by ESET.

Malware

Malware Encryption Advertising Passwords

New Coronavirus-themed malspam campaign delivers FormBook Malware

Security Affairs

MARCH 8, 2020

Experts uncovered a new Coronavirus (COVID-19 ) -themed campaign that is distributing a malware downloader that delivers the FormBook information-stealing Trojan. Experts at MalwareHunterTeam uncovered a new malspam campaign exploiting the fear in the Coronavirus (COVID-19) to deliver malware. states the analysis published by FireEye.

Malware

Malware Scams Social Engineering Phishing

DeathRansom ransomware evolves encrypting files, but experts identified its author

Security Affairs

JANUARY 5, 2020

DeathRansom was considered fake ransomware due to the fact that it did not implement an effective encryption process, but now things are changing. DeathRansom is a ransomware family that was initially classified as a joke because it did not implement an effective encryption scheme. ru website. ” continues the report. .

Encryption

Encryption Ransomware Malware Scams

QSnatch malware infected over 62,000 QNAP NAS Devices

Security Affairs

JULY 28, 2020

US and UK cybersecurity agencies issued a joint advisory about the spread of QSnatch Data-Stealing Malware that already infected over 62,000 QNAP NAS devices. The QSnatch malware implements multiple functionalities, such as: . These are encrypted with the actor’s public key and sent to their infrastructure over HTTPS.

Malware

Malware Firmware Advertising Manufacturing

QNAP urges users to update Malware Remover after QSnatch joint alert

Security Affairs

AUGUST 2, 2020

The Taiwanese vendor QNAP urges its users to update the Malware Remover app following the alert on the QSnatch malware. The Taiwanese company QNAP is urging its users to update the Malware Remover app to prevent NAS devices from being infected by the QSnatch malware. Webshell functionality for remote access.

Malware

Malware Advertising Passwords Manufacturing

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

Although most people think of ransomware as a dodgy application that encrypts data and holds it for ransom, the concept is much more heterogeneous than that. The Archiveus Trojan from 2006 was the first one to use RSA cipher, but it was reminiscent of a proof of concept and used a static 30-digit decryption password that was shortly cracked.

Ransomware

Ransomware Hacking Encryption Penetration Testing

SILENTFADE a long-running malware campaign targeted Facebook AD platform

Security Affairs

OCTOBER 3, 2020

Facebook shared details about a long-running ad-fraud campaign that’s been ongoing since 2016 targeting Facebook users with SilentFade malware. The social network giant revealed that malware has a Chinese origin and allowed hackers to siphon $4 million from users’ advertising accounts. .

Malware

Malware Advertising Accountability Authentication

Experts developed a free decryptor for the Lorenz ransomware

Security Affairs

JUNE 29, 2021

Like other ransomware gangs, Lorenz operators also implement double-extortion model by stealing data before encrypting it and threatening them if the victim doesn’t pay the ransom. Lorenz sends the name of the infected system to a C2 before encrypting the file. Lorenz places a header before the encrypted file instead.

Ransomware

Ransomware Encryption Passwords Malware

Fbot malware targets HiSilicon DVR/NVR Soc devices

Security Affairs

FEBRUARY 24, 2019

The Fbot malware was first discovered by 360Netlab researchers, according to the experts, the root problem might be a specific OEM application running on top of the HiSilicon devices. “ After that, Fbot Loader (185.61.138.13) logs in to the target device web port through the device default password “admin/empty password”.

Malware

Malware Passwords Advertising Manufacturing

Raccoon Malware, a success case in the cybercrime ecosystem

Security Affairs

FEBRUARY 24, 2020

Raccoon Malware is a recently discovered infostealer that can extract sensitive data from about 60 applications on a targeted system. Racoon malware , Legion, Mohazo, and Racealer, is an infostealer that recently appeared in the threat landscape that is advertised in hacking forums. ” reads the report published by CyberArk.

Cybercrime

Cybercrime Malware Cryptocurrency Advertising

Visa warns of new sophisticated credit card skimmer dubbed Baka

Security Affairs

SEPTEMBER 6, 2020

Baka is a sophisticated e-skimmer developed by a skilled malware developer that implements a unique obfuscation method and loader. The skimmer loads dynamically to avoid static malware scanners and uses unique encryption parameters for each victim to obfuscate the malicious code.” ” reads the alert published by VISA.

eCommerce

eCommerce Malware Encryption Advertising

North Korea-linked malware ATMDtrack infected ATMs in India

Security Affairs

SEPTEMBER 23, 2019

Kaspersky experts spotted a new piece of ATM malware, dubbed ATMDtrack, that was developed and used by North Korea-linked hackers. Kaspersky researchers discovered a new piece of ATM malware, tracked as ATMDtrack, that was developed and used by North Korea-linked hackers. ” reads the analysis published by Kaspersky.

Malware

Malware Banking Advertising Encryption

QSnatch malware already infected thousands of QNAP NAS devices

Security Affairs

NOVEMBER 4, 2019

Security experts warn of a new piece of malware dubbed QSnatch that already infected thousands of QNAP NAS devices worldwide. A new piece of malware dubbed QSnatch is infecting thousands of NAS devices manufactured by the Taiwanese vendor QNAP. Gather all usernames and passwords related to the device and sent them to the C2 server.

Malware

Malware Firmware Advertising Encryption

Attackers use a new CoronaVirus Ransomware to cover Kpot Infostealer infections

Security Affairs

MARCH 17, 2020

In this campaign, crooks are exploiting the interest in the Coronavirus (COVID-19) outbreak to deliver a couple of malware, the CoronaVirus Ransomware and the Kpot information-stealing Trojan. The website was distributing a file named WSHSetup.exe, it is the downloader for both the CoronaVirus Ransomware and the Kpot password-stealer.

Ransomware

Ransomware Cryptocurrency Advertising Passwords

Who’s Behind the RevCode WebMonitor RAT?

Krebs on Security

APRIL 22, 2019

The owner of a Swedish company behind a popular remote administration tool (RAT) implicated in thousands of malware attacks shares the same name as a Swedish man who pleaded guilty in 2015 to co-creating the Blackshades RAT , a similar product that was used to infect more than half a million computers with malware, KrebsOnSecurity has learned.

Advertising

Advertising Antivirus Software Malware

What is a Cyberattack? Types and Defenses

eSecurity Planet

JUNE 16, 2022

Cyber criminals may damage, destroy, steal, encrypt, expose, or leak data as well as cause harm to a system. Encrypted threats spiked 167%, ransomware increased 105%, and 5.4 billion malware attacks were identified by the report. Also read: Mobile Malware: Threats and Solutions. Ransomware.

Backups

Backups Ransomware Firewall Malware

Top 10 Data Breaches of All Time

SecureWorld News

MARCH 24, 2022

What was compromised: names, email addresses, and passwords. A majority of the passwords were protected by the weak SHA-1 hashing algorithm, which resulted in 99% of the credentials being posted by LeakSource.com in 2016. They then gained access to a customer service database and uploaded malware to capture sensitive information.

Data breaches

Data breaches Passwords Accountability Government

RM3 – Curiosities of the wildest banking malware

Fox IT

MAY 4, 2021

In this post we provide some history, analysis and observations on this most pernicious family of banking malware targeting Oceania, the UK, Germany and Italy. Despite its long and rich history in the cyber-criminal underworld, the Gozi malware family is surrounded with mystery and confusion. Introduction.

Banking

Banking Malware Encryption Architecture

MartyMcFly Malware: new Cyber-Espionage Campaign targeting Italian Naval Industry

Security Affairs

OCTOBER 17, 2018

Yoroi security firm uncovered a targeted attack against one of the most important companies in the Italian Naval Industry leveraging MartyMcFly Malware. At a first sight, the office document had an encrypted content available on OleObj.1 And why the attacker used an encrypted payload if the victim cannot open it? 1 and OleObj.2.

Malware

Malware Computers and Electronics Encryption Penetration Testing

Fuckunicorn ransomware targets Italy in COVID-19 lures

Security Affairs

MAY 27, 2020

The new ransomware was first spotted by the malware researcher JamesWT_MHT that shared samples with the malware community. Upon executing the malware it displays a fake Coronavirus Map from the Center for Systems Science and Engineering at Johns Hopkins University.

Ransomware

Ransomware Encryption Advertising Malware

8 Ways to Protect Yourself against Scams on Black Friday and Cyber Monday

Adam Levin

NOVEMBER 23, 2020

in 2015 when BBB began collecting data. Public Wi-Fi networks are not secure and can expose you to malware and hackers. It’s best to do your banking and shopping at home, but if you have to use public Wi-Fi, consider using a VPN (virtual private network) that encrypts your activity. Change your passwords. Bottom line.

Scams

Scams Banking Retail Consumer Protection

FBI issued a flash alert about Netwalker ransomware attacks

Security Affairs

AUGUST 2, 2020

“Once an actor has infiltrated a network with Netwalker, a combination of malicious programs may be executed to harvest administrator credentials, steal valuable data, and encrypt user files. . Install and regularly update anti-virus or anti-malware software on all hosts. Use two-factor authentication with strong passwords.

Ransomware

Ransomware VPN Advertising Government

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

OCTOBER 13, 2020

This type of malware attack is called a botnet attack. It’s powered by hundreds of bots carrying malware and infecting thousands of IoT devices simultaneously. Simple or reused passwords are still a problem. Instead, people come up with passwords that are comfortable. Malware, phishing, and web. Poor credentials.

IoT

IoT Cybersecurity Manufacturing Internet

The forum of the popular Albion Online game was hacked

Security Affairs

OCTOBER 19, 2020

A threat actor has breached the forum of Albion Online and stole usernames and password hashes from its database. On top of that, the attacker gained access to encrypted passwords (in technical terms: hashed and salted passwords).” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Hacking

Hacking Data breaches Passwords Advertising

Asian media firm E27 hacked, attackers asked for a “donation”

Security Affairs

JUNE 28, 2020

” “We use Facebook and LinkedIn for account login and do not store any passwords on our system. If you use the legacy email and password login, your passwords are encrypted, but we highly encourage that you change it. Members of the E27 are recommended to change their password as soon as possible.

Media

Media Hacking Passwords Data breaches

Multi-platform Tycoon Ransomware employed in targeted attacks

Security Affairs

JUNE 5, 2020

.” The investigation revealed that attackers disabled the organization’s anti-malware solution using the ProcessHacker utility and changed the passwords for Active Directory servers locking out the victim from its systems. A separate encryption thread will be created for each item in the path list.”continues

Ransomware

Ransomware Encryption Malware Advertising

New strain of Ransomware infected over 100,000 PCs in China

Security Affairs

DECEMBER 4, 2018

Security experts reported a new strain of malware spreading in China, the malicious code rapidly infected over 100,000 PCs in just four days. “The document also steals information on tens of thousands of user passwords on platforms such as Taobao and Alipay.”

Ransomware

Ransomware Encryption Advertising Software

The Challenges Facing the Passwordless Future

eSecurity Planet

SEPTEMBER 25, 2022

In 2013, for example, the FIDO Alliance was created to solve the world’s password problem by replacing login technology. By 2015, Microsoft joined, and in 2020, Apple followed. Apple has also promised that passwords will be a thing of the past, and passkeys will become available for iOS 16. See the Top Password Managers.

Passwords

Passwords Password Management Authentication Technology

Victims of Pylocky ransomware can decrypt their files for free

Security Affairs

JANUARY 11, 2019

In this phase, the ransomware sends to the command and control server information on the encryption process, including a string that contains the Initialization Vector (IV) and a random password used by the ransomware to encrypt the files. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware Encryption Advertising Passwords

Commodity Malware Reborn: The AgentTesla “Total Oil” themed Campaign

Security Affairs

SEPTEMBER 20, 2019

Agent Tesla is a fully customizable password info-stealer offered as malware-as-a-service , many cyber criminals are choosing it as their preferred recognition tool. . Nowadays the Malware-As-A-Service is one of the criminal favorite ways to breach security perimeter. Agent Tesla is one of these “ commodity malware ”.

Malware

Malware Advertising Accountability Passwords

eCh0raix ransomware is back and targets QNAP NAS devices again

Security Affairs

JUNE 6, 2020

The ransomware, tracked by Intezer as “ QNAPCrypt ” and “ eCh0raix ” by Anomali, is written in the Go programming language and uses AES encryption to encrypt files. encrypt extension to filenames of encrypted files. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Ransomware

Ransomware Encryption Advertising Manufacturing

Sophos blocked attacks exploiting XG Firewall zero-day to deploy Ransomware

Security Affairs

MAY 21, 2020

The data for any specific firewall depends upon the specific configuration and may include usernames and hashed passwords for the local device admin(s), portal admins, and user accounts used for remote access.” Passwords associated with external authentication systems such as AD or LDAP are unaffected. ” concludes the report.

Firewall

Firewall Ransomware Passwords VPN

Moobot botnet is back and targets vulnerable D-Link routers

Security Affairs

SEPTEMBER 7, 2022

“As a variant, MooBot inherits Mirai’s most significant feature – a data section with embedded default login credentials and botnet configuration – but instead of using Mirai’s encryption key, 0xDEADBEEF, MooBot encrypts its data with 0x22.” ” At the time of the analysis, the C2 server was offline.

DDOS

DDOS Encryption Passwords Hacking

North Korea-linked Lazarus APT targets defense industry with ThreatNeedle backdoor

Security Affairs

FEBRUARY 25, 2021

“Once the malicious document is opened, the malware is dropped and proceeds to the next stage of the deployment process. The ThreatNeedle malware used in this campaign belongs to a malware family known as Manuscrypt, which belongs to the Lazarus group and has previously been seen attacking cryptocurrency businesses.”

Malware

Malware Cryptocurrency Password Management Encryption

APT trends report Q3 2022

SecureList

NOVEMBER 1, 2022

Since the malware in this incident was compiled on April 15, 2021, and compilation dates are the same for all known samples, this incident is likely to be the first involving Maui ransomware. This report included technical details of malware used in the campaign, such as Ecipekac, SodaMaster, P8RAT, FYAnti and QuasarRAT.

Malware

Malware Ransomware Spyware Encryption

Ferocious Kitten: 6 years of covert surveillance in Iran

SecureList

JUNE 16, 2021

Ferocious Kitten is an APT group that since at least 2015 has been targeting Persian-speaking individuals who appear to be based in Iran. We were able to trace the implant back to at least 2015, where it also had variants intended to hijack the execution of the Telegram and Chrome applications as a persistence method. Background.

Surveillance

Surveillance Malware Password Management Passwords

Top 10 Data Breaches of All Time

SecureWorld News

DECEMBER 29, 2020

What was compromised: names, email addresses, and passwords. A majority of the passwords were protected by the weak SHA-1 hashing algorithm, which resulted in 99% of the credentials being posted by LeakSource.com in 2016. They then gained access to a customer service database and uploaded malware to capture sensitive information.

Data breaches

Data breaches Passwords Accountability Government

LimeRAT malware delivered using 8-year-old VelvetSweatshop trick

CDRThief Linux malware steals VoIP metadata from Linux softswitches

Webinars

Trending Sources

STOP ransomware encrypts files and steals victim’s data

Webinars

The History of Computer Viruses & Malware

Dridex malware, the banking trojan

Tedrade banking malware families target users worldwide

How Did Authorities Identify the Alleged Lockbit Boss?

CDRThief Linux malware steals VoIP metadata from Linux softswitches

New Coronavirus-themed malspam campaign delivers FormBook Malware

DeathRansom ransomware evolves encrypting files, but experts identified its author

QSnatch malware infected over 62,000 QNAP NAS Devices

QNAP urges users to update Malware Remover after QSnatch joint alert

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

SILENTFADE a long-running malware campaign targeted Facebook AD platform

Experts developed a free decryptor for the Lorenz ransomware

Fbot malware targets HiSilicon DVR/NVR Soc devices

Raccoon Malware, a success case in the cybercrime ecosystem

Visa warns of new sophisticated credit card skimmer dubbed Baka

North Korea-linked malware ATMDtrack infected ATMs in India

QSnatch malware already infected thousands of QNAP NAS devices

Attackers use a new CoronaVirus Ransomware to cover Kpot Infostealer infections

Who’s Behind the RevCode WebMonitor RAT?

What is a Cyberattack? Types and Defenses

Top 10 Data Breaches of All Time

RM3 – Curiosities of the wildest banking malware

MartyMcFly Malware: new Cyber-Espionage Campaign targeting Italian Naval Industry

Fuckunicorn ransomware targets Italy in COVID-19 lures

8 Ways to Protect Yourself against Scams on Black Friday and Cyber Monday

FBI issued a flash alert about Netwalker ransomware attacks

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

The forum of the popular Albion Online game was hacked

Asian media firm E27 hacked, attackers asked for a “donation”

Multi-platform Tycoon Ransomware employed in targeted attacks

New strain of Ransomware infected over 100,000 PCs in China

The Challenges Facing the Passwordless Future

Victims of Pylocky ransomware can decrypt their files for free

Commodity Malware Reborn: The AgentTesla “Total Oil” themed Campaign

eCh0raix ransomware is back and targets QNAP NAS devices again

Sophos blocked attacks exploiting XG Firewall zero-day to deploy Ransomware

Moobot botnet is back and targets vulnerable D-Link routers

North Korea-linked Lazarus APT targets defense industry with ThreatNeedle backdoor

APT trends report Q3 2022

Ferocious Kitten: 6 years of covert surveillance in Iran

Top 10 Data Breaches of All Time

Stay Connected