2017, Cryptocurrency, DNS and Internet - Cyber Security Informer

Who’s Behind the NetWire Remote Access Trojan?

Krebs on Security

MARCH 9, 2023

The site’s true WHOIS registration records have always been hidden by privacy protection services, but there are plenty of clues in historical Domain Name System (DNS) records for WorldWiredLabs that point in the same direction. A review of DNS records for both printschoolmedia[.]org DNS records for worldwiredlabs[.]com

DNS

DNS Cybercrime Passwords Accountability

The BlueNoroff cryptocurrency hunt is still on

SecureList

JANUARY 13, 2022

Also, we have previously reported on cryptocurrency-focused BlueNoroff attacks. It appears that BlueNoroff shifted focus from hitting banks and SWIFT-connected servers to solely cryptocurrency businesses as the main source of the group’s illegal income. Instead, they can rely on regular macro-enabled documents or older exploits.

Cryptocurrency

Cryptocurrency Malware Accountability Banking

DirtyMoe botnet infected 100,000+ Windows systems in H1 2021

Security Affairs

JUNE 22, 2021

The Windows botnet has been active since late 2017, it was mainly used to mine cryptocurrency, but it was also involved in DDoS attacks in 2018. The module that implements the warm capabilities was spotted scanning the internet and performing password brute-force attacks against Windows systems with SMB port open online.

DNS

DNS Cryptocurrency Internet Internet

One of the hackers behind EtherDelta hack also involved in TalkTalk hack

Security Affairs

SEPTEMBER 21, 2019

US authorities have indicted two men for hacking the exchange EtherDelta in December 2017, one of them was also accused of TalkTalk hack. US authorities have indicted two men, Elliot Gunton and Anthony Tyler Nashatka, for hacking the cryptocurrency exchange EtherDelta in 2017. Six days later, on December 19, 2017.

Hacking

Hacking DNS Cryptocurrency Accountability

StripedFly: Perennially flying under the radar

SecureList

OCTOBER 25, 2023

Introduction It’s just another cryptocurrency miner… Nobody would even suspect the mining malware was merely a mask, masquerading behind an intricate modular framework that supports both Linux and Windows. Subsequent analysis revealed earlier instances of suspicious code dating back to 2017.

Malware

Malware DNS Encryption Cryptocurrency

When Low-Tech Hacks Cause High-Impact Breaches

Krebs on Security

FEBRUARY 26, 2023

The hackers were able to change the Domain Name System (DNS) records for the transaction brokering site escrow.com so that it pointed to an address in Malaysia that was host to just a few other domains, including the then brand-new phishing domain servicenow-godaddy[.]com.

Hacking

Hacking Social Engineering Phishing Scams

LimeRAT spreads in the wild

Security Affairs

APRIL 9, 2019

LimeRAT is a powerful Remote Administration Tool publicly available to any internet user, it is an open-source project freely available on Github. Stealer and CryptoStealer module to steal cryptocurrency wallets and saved passwords. Evasive startup methods (fileless) to avoid AV detection. Keylogger module Backdoor and RDP access.

Malware

Malware Advertising DNS Antivirus

The Hacker Mind Podcast: Scanning the Internet

ForAllSecure

NOVEMBER 2, 2021

éveillé from ESET joins The Hacker Mind podcast to talk about the challenges of building his own internet scanner to scan for elusive malware. What if you were dialed the entire Internet? But to find that information back in 2014, he had to scan the Internet, the entire internet and that was a very noisy process.

Internet

Internet Internet Malware Authentication

DDoS attacks in Q4 2021

SecureList

FEBRUARY 10, 2022

The bot infiltrated the devices through the CVE-2017-6079 vulnerability, which allows execution of arbitrary commands. In some cases, DNS amplification was also used. Like CVE-2017-6079, this vulnerability allows attackers to execute arbitrary commands. For instance, Moobot added a relatively fresh vulnerability to its arsenal.

DDOS

DDOS Cryptocurrency Marketing Accountability

Kaspersky Security Bulletin 2020-2021. EU statistics

SecureList

MAY 26, 2021

70% of Internet user computers in the EU experienced at least one Malware-class attack. On average, 13.70% of Internet user computers in the EU experienced at least one Malware-class attack during the reporting period. Exploit.MSOffice.CVE-2017-11882.gen. Main figures. Countries that are sources of web-based attacks.

Phishing

Phishing Malware Ransomware Adware

Types of Malware & Best Malware Protection Practices

eSecurity Planet

FEBRUARY 16, 2021

In 2017, more than 300,000 WordPress websites were affected by a malicious plugin that allowed an attacker to place embedded hidden links on victim websites. with no internet. CISA reported that LokiBot “employs Trojan malware to steal sensitive information such as usernames, passwords, cryptocurrency wallets, and other credentials.”

Malware

Malware Adware Spyware Antivirus

IT threat evolution in Q3 2022. Non-mobile statistics

SecureList

NOVEMBER 18, 2022

The former threatened files accessible from the internet over SMB protocol and protected by a weak account password. Threats that target NAS remain prominent, so we recommend keeping these devices inaccessible from the internet to ensure maximum safety of your data. Local threats.

Mobile

Mobile Malware Ransomware IoT

Cyber Security Informer

Who’s Behind the NetWire Remote Access Trojan?

The BlueNoroff cryptocurrency hunt is still on

Trending Sources

DirtyMoe botnet infected 100,000+ Windows systems in H1 2021

One of the hackers behind EtherDelta hack also involved in TalkTalk hack

StripedFly: Perennially flying under the radar

When Low-Tech Hacks Cause High-Impact Breaches

LimeRAT spreads in the wild

The Hacker Mind Podcast: Scanning the Internet

DDoS attacks in Q4 2021

Kaspersky Security Bulletin 2020-2021. EU statistics

Types of Malware & Best Malware Protection Practices

IT threat evolution in Q3 2022. Non-mobile statistics

Stay Connected