2015, Hacking, Information Security and Malware

Carbanak malware returned in ransomware attacks

Security Affairs

DECEMBER 26, 2023

Researchers at NCC Group reported that in November they observed the return of the infamous banking malware Carbanak in ransomware attacks. The cybersecurity firm NCC Group reported that in November the banking malware Carbanak was observed in ransomware attacks. ” reads the report published by NCC Group.

Malware

Malware Ransomware Banking Healthcare

Apple was aware that XcodeGhost impacted 128 Million iOS Users in 2015

Security Affairs

MAY 11, 2021

Court documents revealed that the infamous XcodeGhost malware, which has been active since 2015, infected 128 million iOS users. revealed that the XcodeGhost malware impacted 128 million iOS users. SecurityAffairs – hacking, Apple). Documents provided in a court case that sees Epic Games v. ” reported Arstechnica.

Malware

Malware Hacking Mobile Passwords

Putin proposes new information security collaboration to US, including no-hack pact for election

Security Affairs

SEPTEMBER 28, 2020

Putin is proposing a new cyber security collaboration with the United States, including a no-hack pact for the upcoming Presidential election. A special responsibility for its prevention lies on the key players in the field of ensuring international information security (IIS).” SecurityAffairs – hacking, Putin).

Information Security

Information Security Hacking Advertising Government

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

EU Council sanctions two Russian military intelligence officers over 2015 Bundestag hack

Security Affairs

OCTOBER 22, 2020

The Council of the European Union announced sanctions imposed on Russian military intelligence officers for 2015 Bundestag hack. “This cyber-attack targeted the parliament’s information system and affected its ability to operate for several days. .” SecurityAffairs – hacking, Bundestag).

Hacking

Hacking Cyber Attacks Identity Theft Government

Operation Blacksmith: Lazarus exploits Log4j flaws to deploy DLang malware

Security Affairs

DECEMBER 12, 2023

The North Korea-linked APT group Lazarus is behind a new hacking campaign that exploits Log4j vulnerabilities to deploy previously undocumented remote access trojans (RATs). Cisco Talos researchers tracked the campaign as Operation Blacksmith, the nation-state actors are employing at least three new DLang -based malware families.

Malware

Malware Data collection Manufacturing Healthcare

Naikon APT is flying under the radar since 2015

Security Affairs

MAY 7, 2020

” The activity of the group was detailed in a report published by Kaspersky in 2015, but in the last five years, the group drastically changed its modus operandi to go silent. Please vote Security Affairs for European Cybersecurity Blogger Awards – VOTE FOR YOUR WINNERS [link]. SecurityAffairs – Naikon, hacking).

Government

Government Advertising Technology Hacking

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

File encryption 2013 – 2015. Balaban This ransomware was doing the rounds over spam generated by the Gameover ZeuS botnet, which had been originally launched in 2011 as a toolkit for stealing victim’s banking credentials and was repurposed for malware propagation. RaaS rollout 2015 – 2018. Crypt0L0cker, and TorrentLocker.

Ransomware

Ransomware Hacking Encryption Penetration Testing

3 hacking forums have been hacked and database have been leaked online

Security Affairs

MAY 25, 2020

Three hacking forums Nulled.ch, Sinfulsite.com, and suxx.to have been hacked and their databases have been leaked online. Researchers from intelligence firm Cyble made the headlines again, this time they have discovered online the databases of three hacking forums. The databases appear to have been leaking in May 2020.

Hacking

Hacking Data breaches Advertising Cybercrime

Enigma info-stealing malware targets the cryptocurrency industry

Security Affairs

FEBRUARY 13, 2023

Alleged Russian threat actors have been targeting cryptocurrency users in Eastern Europe with Enigma info-stealing malware. A malware campaign conducted by alleged Russian threat actors has been targeting users in Eastern European in the crypto industry. ” continues the report. Stolen data are exfiltrated through Telegram.

Cryptocurrency

Cryptocurrency Malware Media Phishing

Ukrainian national faces up to 20 years in prison for his role in Zeus, IcedID malware schemes

Security Affairs

FEBRUARY 17, 2024

Ukrainian national Vyacheslav Igorevich Penchukov has pleaded guilty to his key roles in the Zeus and IcedID malware operations. Vyacheslav Igorevich Penchukov was a leader of two prolific malware groups that infected thousands of computers with malicious software. Since May 2019, Penchukov had a prominent role in the Zeus operation.

Malware

Malware Cybercrime Banking Hacking

GravityRAT malware also targets Android and macOS

Security Affairs

OCTOBER 19, 2020

Researchers from Kaspersky Lab have spotted new variants of the GravityRAT malware that now can be also used to infect Android and macOS devices. GravityRAT is a malware strain known for checking the CPU temperature of Windows computers to avoid being executed in sandboxes and virtual machines. SecurityAffairs – hacking, GravityRAT ).

Malware

Malware Computers and Electronics Spyware Advertising

New MrbMiner malware infected thousands of MSSQL DBs

Security Affairs

SEPTEMBER 16, 2020

A threat actor is launching brute-force attacks on MSSQL servers in the attempt to access them to install a new crypto-mining malware dubbed MrbMiner. A group of hackers is launching brute-force attacks on MSSQL servers with the intent to compromise them and install crypto-mining malware dubbed MrbMiner. Mining process.”

Malware

Malware Cryptocurrency Advertising Accountability

North Korea-linked Andariel APT used a new malware named EarlyRat last year

Security Affairs

JUNE 29, 2023

North Korea-linked cyberespionage group Andariel used a previously undocumented malware called EarlyRat. Kaspersky researchers reported that the North Korea-linked APT group Andariel used a previously undocumented malware dubbed EarlyRat in attacks exploiting the Log4j Log4Shell vulnerability last year.

Malware

Malware Cybercrime Phishing Internet

Romanians arrested for running underground malware services

Security Affairs

NOVEMBER 22, 2020

Two Romanians arrested for running three malware services. Two Romanians have been arrested for running two malware crypter services called CyberSeal and DataProtector, and the CyberScan malware testing service. DataProtector was launched in 2015, while CyberScan was launched in 2019. Pierluigi Paganini.

Malware

Malware Antivirus Cybercrime Software

Author Q&A: In modern cyberwarfare ‘information security’ is one in the same with ‘national security’

The Last Watchdog

AUGUST 16, 2021

Meanwhile, nation-states — the superpowers and second-tier nations alike — are hotly pursuing strategic advantage by stealing intellectual property, hacking into industrial controls, and dispersing political propaganda at an unheard-of scale. And in 2015 President Obama raised the issue with President Xi.

Information Security

Information Security Government Artificial Intelligence Encryption

Russian APT28 hacker accused of the NATO think tank hack in Germany

Security Affairs

JUNE 20, 2022

German investigators believe that Kozachek is a member of the Russia-linked APT28 group (aka Fancy Bear), which is the same group that hacked the German Bundestag in 2015. Kozachek hacked the computed of the NATO think tank in 2017 and installed a keylogger to spy on the organization. SecurityAffairs – hacking, APT28).

Hacking

Hacking Accountability Malware Cybersecurity

Over 6,000 email accounts belonging to Taiwan government agencies hacked by Chinese hacked

Security Affairs

AUGUST 19, 2020

Chinese hackers have hacked thousands of Taiwan Government email accounts belonging at least 10 Taiwan government agencies, officials said. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, Taiwan). Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Government

Government Hacking Accountability Advertising

Is the Abaddon RAT the first malware using Discord as C&C?

Security Affairs

OCTOBER 25, 2020

Researchers from MalwareHunterTeam have spotted a new piece of remote access trojan (RAT) dubbed ‘Abaddon’ that is likely the first malware using the Discord platform as command and control. The Abaddon malware connects to the Discord command and control server to check for new commands to execute. "Abaddon"

Malware

Malware Advertising Ransomware Encryption

Hackers use hackers spreading tainted hacking tools in long-running campaign

Security Affairs

MARCH 10, 2020

Who is hacking the hackers? Experts from Cybereason a mysterious hackers group is targeting other hackers by spreading tainted hacking tools. Experts from security firm Cybereason warn of a mysterious group of hackers that are distributing trojanized hacking tools on an almost daily basis for the past years.

Hacking

Hacking Malware Advertising DNS

Purple Lambert, a new malware of CIA-linked Lambert APT group

Security Affairs

APRIL 29, 2021

Cybersecurity firm Kaspersky discovered a new strain of malware that is believed to be part of the arsenal of theUS Central Intelligence Agency (CIA). Cybersecurity firm Kaspersky has discovered a new malware that experts attribute to the US Central Intelligence Agency. We therefore named this malware Purple Lambert.”

Malware

Malware Hacking Government Telecommunications

EnemyBot malware adds new exploits to target CMS servers and Android devices

Security Affairs

MAY 30, 2022

Experts pointed out that the malware is being actively developed. The malware can quickly adopt one-day vulnerabilities (within days of a published proof of concept).” ” Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Pierluigi Paganini.

Malware

Malware DDOS IoT Cybercrime

SFO discloses data breach following the hack of 2 of its websites

Security Affairs

APRIL 11, 2020

San Francisco International Airport (SFO) disclosed a data breach, its websites SFOConnect.com and SFOConstruction.com were hacked last month. The attackers may have gained access to some users’ login credentials after deploying malware on both websites. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Data breaches

Data breaches Hacking Telecommunications Passwords

FBI and NSA joint report details APT28’s Linux malware Drovorub

Security Affairs

AUGUST 13, 2020

The FBI and NSA issue joint alert related to new Linux malware dubbed Drovorub that has been used by the Russia-linked APT28 group. The FBI and NSA have published a joint security alert containing technical details about a new piece of Linux malware, tracked as Drovorub , allegedly employed by Russia-linked the APT28 group.

Malware

Malware Advertising IoT Government

Payment solutions giant Edenred announces malware infection

Security Affairs

NOVEMBER 22, 2019

The Payment solutions giant Edenred disclosed a malware incident that affected some of its computing systems, it immediately started an investigation. The Payment solutions giant Edenred announced that some of its computing systems have been infected with malware, the company is currently investigating the incident. Pierluigi Paganini.

Malware

Malware Mobile Advertising Government

USCYBERCOM shares five new North Korea-linked malware samples

Security Affairs

MAY 13, 2020

The United States Cyber Command (USCYBERCOM) has uploaded five new North Korean malware samples to VirusTotal. The United States Cyber Command (USCYBERCOM) has shared five new malware samples attributed to the North Korea-linked Lazarus APT , it has uploaded the malicious code to VirusTotal. SecurityAffairs – North Korea, hacking).

Malware

Malware Advertising Government Cryptocurrency

Russian author of NeverQuest banking malware gets 4 Years in U.S. Prison

Security Affairs

NOVEMBER 22, 2019

The Russian hacker who created and used Neverquest banking malware has finally been sentenced to 4 years in prison by a US District Court. The Russian hacker was suspected of being the author of the Neverquest malware , aka Vawtrak malware, and the person who administrated the control infrastructure. Pierluigi Paganini.

Banking

Banking Malware Advertising Passwords

US Treasury imposes sanctions on a Russian research institute behind Triton malware

Security Affairs

OCTOBER 24, 2020

US Treasury Department announced sanctions against Russia’s Central Scientific Research Institute of Chemistry and Mechanics behind Triton malware. The US Treasury Department announced sanctions against a Russian research institute for its alleged role in the development of the Triton malware. ” continues the press release.

Malware

Malware Government Hacking Cyber Attacks

CDRThief Linux malware steals VoIP metadata from Linux softswitches

Security Affairs

SEPTEMBER 10, 2020

ESET researchers discovered a new piece of malware dubbed CDRThief targets a specific Voice over IP system to steal call data records (CDR). The VoIP platform Linknat VOS2009 and VOS3000 targeted by the malware is used by two China-produced softswitches (software switches). ” reads the analysis published by ESET.

Malware

Malware Encryption Advertising Passwords

Thousands of Magento stores hacked in a few days in largest-ever skimming campaign

Security Affairs

SEPTEMBER 14, 2020

Thousands of Magento online stores have been hacked over the past few days as part of the largest ever skimming campaign. Security experts from cybersecurity firm Sansec reported that nearly 2,000 Magento online stores have been hacked over the past few days as part of the largest ever Magecart-style campaign.

Hacking

Hacking Advertising Malware Software

Malware campaign employs fake security certificate updates

Security Affairs

MARCH 5, 2020

Crooks are using a new phishing technique to trick victims into accepting the installation of a security certificate update and deliver malware. We have already observed threat actors distributing malware masqueraded by legitimate software updates. . Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware

Malware Advertising Software Phishing

REvil ransomware gang hacked gaming firm Gaming Partners International

Security Affairs

OCTOBER 31, 2020

The REvil ransomware operators made the headlines again, this time the gang claims to have hacked the Gaming Partners International (GPI). “Absolutely all servers and working computers of the company are hacked and encrypted. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Hacking

Hacking Ransomware Advertising Encryption

New MATA Multi-platform malware framework linked to NK Lazarus APT

Security Affairs

JULY 23, 2020

North Korea-linked Lazarus APT Group has used a new multi-platform malware framework, dubbed MATA, to target entities worldwide. The MATA malware framework could target Windows, Linux, and macOS operating systems. The malware framework implements a wide range of features that allow attackers to fully control the infected systems.

Malware

Malware Ransomware Advertising Encryption

Malware campaign attempts to evade analysis with Any.Run sandbox

Security Affairs

JULY 13, 2020

Malware authors are implementing the capability to check if their malicious code is running in the Any.Run malware analysis service. Vxers are implementing the capability to check if their malware is running in the Any.Run interactive online malware sandbox to prevent them from being analyzed by experts. ’ and exit.

Malware

Malware Advertising Passwords Hacking

XcodeSpy Mac malware targets Xcode Developers with a backdoor

Security Affairs

MARCH 18, 2021

Unknown threat actors have been using a new XcodeSpy Mac malware to target software developers who use Apple’s Xcode integrated development environment. “The malware installs a user LaunchAgent for persistence and is able to record information from the victim’s microphone, camera, and keyboard.” Pierluigi Paganini.

Malware

Malware Mobile Internet Internet

Source code of Dharma ransomware now surfacing on public hacking forums

Security Affairs

MARCH 29, 2020

The source code of the infamous Dharma ransomware is now available for sale on two Russian-language hacking forums. The source code of one of the most profitable ransomware families, the Dharma ransomware , is up for sale on two Russian-language hacking forums. SecurityAffairs – Dharma ransomware, malware). Pierluigi Paganini.

Ransomware

Ransomware Hacking Advertising Malware

Asian media firm E27 hacked, attackers asked for a “donation”

Security Affairs

JUNE 28, 2020

Asian media firm E27 suffered a security breach and hackers asked for a “donation” to provide information on the flaws they exploited in the attack. ” The Korean Hackers group recently hacked Indian video on demand giant ZEE5 attackers and threatened to sell the database on the cybercrime underground markets. .

Media

Media Hacking Passwords Data breaches

REMnux 7, a Linux toolkit for malware analysts released

Security Affairs

JULY 26, 2020

A new version of the REMnux Linux toolkit for malware analysts is available for download, it includes a huge set of tools for professionals. REMnux is a Linux toolkit for reverse-engineering and dissecting software, it includes a collection of free tools created by the community that allows researchers to investigate malware.

Malware

Malware Advertising Software Engineering

New Coronavirus-themed malspam campaign delivers FormBook Malware

Security Affairs

MARCH 8, 2020

Experts uncovered a new Coronavirus (COVID-19 ) -themed campaign that is distributing a malware downloader that delivers the FormBook information-stealing Trojan. Experts at MalwareHunterTeam uncovered a new malspam campaign exploiting the fear in the Coronavirus (COVID-19) to deliver malware.

Malware

Malware Scams Social Engineering Phishing

FBI arrested a Russian national for recruiting employee of US firm to plant malware

Security Affairs

AUGUST 26, 2020

after attempting to recruit an employee at a targeted company to plant a malware. US authorities arrested the Russian national Egor Igorevich Kriuchkov (27) after attempting to recruit an employee at a targeted company to plant a piece of malware. “He explained the malware attacks the systems in two ways.

Malware

Malware DDOS Advertising Hacking

Crooks use weaponized coronavirus map to deliver malware

Security Affairs

MARCH 12, 2020

Cybercriminals continue to exploit the fear in the coronavirus outbreak to spread malware and steal sensitive data from victims. Experts from cybersecurity Reason reported cybercrimnals are using new coronavirus -themed attacks to deliver malware. To make sure the malware can persist and keep operating, it uses the “Task Scheduler”.”

Malware

Malware Advertising Passwords Cryptocurrency

Emotet malware employed in fresh COVID19-themed spam campaign

Security Affairs

AUGUST 15, 2020

The Emotet malware has begun to spam COVID19-themed emails to U.S. The infamous Emotet malware is back, operators have begun to spam COVID-19 themed emails to the U.S. Early this year, the Emotet malware was employed in spam COVID19-themed campaigns that targeted those countries that were already affected by the pandemic.

Malware

Malware Advertising Phishing Hacking

QSnatch malware infected over 62,000 QNAP NAS Devices

Security Affairs

JULY 28, 2020

US and UK cybersecurity agencies issued a joint advisory about the spread of QSnatch Data-Stealing Malware that already infected over 62,000 QNAP NAS devices. The QSnatch malware implements multiple functionalities, such as: . The experts were alerted about the malware in October and immediately launched an investigation.

Malware

Malware Firmware Advertising Manufacturing

Australian Signals Directorate (ASD) is hacking crooks behind Coronavirus-themed attacks

Security Affairs

APRIL 9, 2020

The Australian government will use any means to crack down on cybercriminals exploiting the coronavirus outbreak, including hacking back. “Some of these cyber criminals have even posed as health officials in an attempt to exploit vulnerable Australians, by infecting their computers with malware and stealing their private information.

Hacking

Hacking Consumer Protection Advertising Government

Hacking IoT & RF Devices with BürtleinaBoard

Security Affairs

JULY 28, 2020

Yet another Multipurpose Breakout Board to hack hardware in a clean and easy way! How to hack IoT & RF Devices with BürtleinaBoard. Despite FocacciaBoard is extremely useful during my night-to-night hardware hacking needs… there is another set of tools I cannot live without: pin enumeration ones. UART, JTAG, SWD, SPI, I2C).

IoT

IoT Hacking Firmware Advertising

Carbanak malware returned in ransomware attacks

Apple was aware that XcodeGhost impacted 128 Million iOS Users in 2015

Webinars

Trending Sources

Putin proposes new information security collaboration to US, including no-hack pact for election

Webinars

EU Council sanctions two Russian military intelligence officers over 2015 Bundestag hack

Operation Blacksmith: Lazarus exploits Log4j flaws to deploy DLang malware

Naikon APT is flying under the radar since 2015

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

3 hacking forums have been hacked and database have been leaked online

Enigma info-stealing malware targets the cryptocurrency industry

Ukrainian national faces up to 20 years in prison for his role in Zeus, IcedID malware schemes

GravityRAT malware also targets Android and macOS

New MrbMiner malware infected thousands of MSSQL DBs

North Korea-linked Andariel APT used a new malware named EarlyRat last year

Romanians arrested for running underground malware services

Author Q&A: In modern cyberwarfare ‘information security’ is one in the same with ‘national security’

Russian APT28 hacker accused of the NATO think tank hack in Germany

Over 6,000 email accounts belonging to Taiwan government agencies hacked by Chinese hacked

Is the Abaddon RAT the first malware using Discord as C&C?

Hackers use hackers spreading tainted hacking tools in long-running campaign

Purple Lambert, a new malware of CIA-linked Lambert APT group

EnemyBot malware adds new exploits to target CMS servers and Android devices

SFO discloses data breach following the hack of 2 of its websites

FBI and NSA joint report details APT28’s Linux malware Drovorub

Payment solutions giant Edenred announces malware infection

USCYBERCOM shares five new North Korea-linked malware samples

Russian author of NeverQuest banking malware gets 4 Years in U.S. Prison

US Treasury imposes sanctions on a Russian research institute behind Triton malware

CDRThief Linux malware steals VoIP metadata from Linux softswitches

Thousands of Magento stores hacked in a few days in largest-ever skimming campaign

Malware campaign employs fake security certificate updates

REvil ransomware gang hacked gaming firm Gaming Partners International

New MATA Multi-platform malware framework linked to NK Lazarus APT

Malware campaign attempts to evade analysis with Any.Run sandbox

XcodeSpy Mac malware targets Xcode Developers with a backdoor

Source code of Dharma ransomware now surfacing on public hacking forums

Asian media firm E27 hacked, attackers asked for a “donation”

REMnux 7, a Linux toolkit for malware analysts released

New Coronavirus-themed malspam campaign delivers FormBook Malware

FBI arrested a Russian national for recruiting employee of US firm to plant malware

Crooks use weaponized coronavirus map to deliver malware

Emotet malware employed in fresh COVID19-themed spam campaign

QSnatch malware infected over 62,000 QNAP NAS Devices

Australian Signals Directorate (ASD) is hacking crooks behind Coronavirus-themed attacks

Hacking IoT & RF Devices with BürtleinaBoard

Stay Connected