Security Affairs

JUNE 24, 2020

The CryptoCore hacker group that is believed to be operating out of Eastern Europe has stolen around $200 million from online cryptocurrency exchanges. Experts from ClearSky states that a hacker group tracked as CryptoCore, which is believed to be operating out of Eastern Europe, has stolen around $200 million from cryptocurrency exchanges.

Cryptocurrency 102

Cryptocurrency Phishing Accountability Passwords 102

Security Affairs

JUNE 5, 2019

A new piece of malware appeared in the threat landscape, dubbed BlackSquid it targets web servers with several exploits to deliver cryptocurrency miners. The new piece of malware leverages many exploits to compromise target systems and implements evasion techniques to avoid detection. ” states Trend Micro.

Cryptocurrency 63

Cryptocurrency Malware Advertising Hacking 63

Security Boulevard

AUGUST 2, 2022

Current threat actor activity is incentivized by a broad attack surface represented through high volumes of users and systems, and high potential profits represented through the variety of cryptocurrency offerings. It is easy to detect and block things like malicious cryptocurrency apps or crypto-phishing websites.

Cryptocurrency 98

Cryptocurrency Ransomware Government Risk 98

Security Affairs

MARCH 3, 2020

The Department of Justice has charged the two Chinese nationals for laundering cryptocurrency for North Korea-linked APT groups. for helping North Korea-linked hackers in laundering cryptocurrency. The cryptocurrency have been stolen by the APT groups from two cryptocurrency exchanges. and Li Jiadong (???),

Cryptocurrency 98

Cryptocurrency Banking Hacking Accountability 98

Security Affairs

JUNE 20, 2019

Researchers discovered that recently patched Firefox zero-day (CVE-2019-11707) has been exploited to deliver Windows and Mac malware to cryptocurrency exchanges. According to Martin, other cryptocurrency organizations were hit by similar attacks. CVE-2019-11707 is a type confusion vulnerability in Array.pop.

Cryptocurrency 74

Cryptocurrency Malware Advertising Passwords 74

Security Affairs

MAY 13, 2020

The United States Cyber Command (USCYBERCOM) has uploaded five new North Korean malware samples to VirusTotal. The United States Cyber Command (USCYBERCOM) has shared five new malware samples attributed to the North Korea-linked Lazarus APT , it has uploaded the malicious code to VirusTotal. ” reads the DHS CISA’s advisory.

Malware 117

Malware Advertising Government Cryptocurrency 117

Security Affairs

OCTOBER 31, 2022

In the early afternoon of Friday 12 May 2017, the media broke the news of a global computer security attack carried out through a malicious code capable of encrypting data residing in information systems and demanding a ransom in cryptocurrency to restore them, the Wannacry ransomware. The infection chain. Twitter @Slvlombardo.

Malware 97

Malware Computers and Electronics Encryption Ransomware 97

SecureList

OCTOBER 25, 2023

Introduction It’s just another cryptocurrency miner… Nobody would even suspect the mining malware was merely a mask, masquerading behind an intricate modular framework that supports both Linux and Windows. Subsequent analysis revealed earlier instances of suspicious code dating back to 2017.

Malware 107

Malware DNS Encryption Cryptocurrency 107

Security Affairs

MARCH 13, 2019

Security experts at 360 Total Security have discovered a new modular cryptocurrency malware that implements worm capabilities to spread. The Monero cryptocurrency miner uses a worm module (Systemctl.exe) dubbed PsMiner written in the Go language which includes exploit modules used to hack into vulnerable servers.

Malware 77

Malware Cryptocurrency Advertising Passwords 77

Digital Shadows

JUNE 7, 2021

It’s been a pretty big year so far for cryptocurrency. Cryptocurrencies’ current total market cap sits just above $1.7 The cryptocurrency exchange Coinbase recently launched an IPO, India has reversed a ban on cryptocurrencies, and ransomware groups continue to demand payment in anonymity-based cryptocurrency.

Cryptocurrency 52

Cryptocurrency Phishing Advertising Antivirus 52

Security Affairs

AUGUST 28, 2020

A new variant of the infamous Lemon_Duck cryptomining malware has been updated to targets Linux devices. Security researchers from Sophos have spotted a new variant of the Lemon_Duck cryptomining malware that has been updated to compromise Linux machines via SSH brute force attacks. ” reads the post published by Sophos.

Malware 139

Malware Authentication Passwords Internet 139

Krebs on Security

APRIL 7, 2022

The DOJ said it did not seek to disinfect compromised devices; instead, it obtained court orders to remove the Cyclops Blink malware from its “command and control” servers — the hidden machines that allowed the attackers to orchestrate the activities of the botnet. energy facilities. ” HYDRA. . ” HYDRA. .

Marketing 237

Marketing Energy and Utilities Malware Ransomware 237

Security Affairs

DECEMBER 22, 2022

billion worth of cryptocurrency and other virtual assets in the past five years. billion) in cryptocurrency and other virtual assets in the past five years. economic sanctions were toughened in 2017 in response to its nuclear and missile tests.” million in cryptocurrency through this program. trillion won ($1.2

Cryptocurrency 128

Cryptocurrency Cybercrime Media Government 128

Security Affairs

MARCH 28, 2019

Security experts at Group-IB have detected the activity of Gustuff a mobile Android Trojan, which includes potential targets of customers in leading international banks, users of cryptocurrency services, popular ecommerce websites and marketplaces. Gustuff has previously never been reported.

Banking 89

Banking Cryptocurrency Mobile Advertising 89

SecureList

MARCH 1, 2021

The mobile malware Trojan-Ransom.AndroidOS.Agent.aq Last year was notable for both malware and adware, the two very close in terms of capabilities. Interestingly enough, the share of adware attacks increased in relation to mobile malware in general. They typically work with malware developers to achieve this.

Mobile 132

Mobile Malware Adware Banking 132

Security Boulevard

MAY 27, 2022

The Exfiltration Phase of The Kill Chain of a Cryptocurrency-Based Attack Provides the Greatest Opportunity to Identify Cybercriminals. Cryptocurrency gained through illicit means is less useable than other assets due to the way cryptocurrency systems currently do not fully protect owner identity and allow for only limited liquidity.

Cryptocurrency 57

Cryptocurrency Risk Marketing Architecture 57

Malwarebytes

APRIL 11, 2022

Security researchers at Cado Security, a cybersecurity forensics company, recently discovered the first publicly-known malware targeting Lambda , the serverless computing platform of Amazon Web Services (AWS). The malware’s name is inspired by the domain the threat actors behind the cryptominer communicate with. Use TLS 1.2

Malware 85

Malware Accountability Encryption Software 85

Security Affairs

APRIL 12, 2019

Hackers are using the EternalBlue exploit and leveraging advantage of Living off the Land ( LotL ) obfuscated PowerShell-based scripts to deliver malware and a Monero cryptocurrency. “The malware also uses the pass the hash method, wherein it authenticates itself to remote servers using the user’s hashed password.

Malware 77

Malware Cryptocurrency Passwords Advertising 77

Dark Reading

MARCH 12, 2018

Cryptocurrency mining and ransomware were other major threats.

Cryptocurrency 56

Cryptocurrency Malware Ransomware 56

Security Affairs

JUNE 17, 2021

Russian national Oleg Koshkin was convicted for charges related to the operation of a malware crypting service used by the Kelihos botnet to obfuscate malware and evade detection. “Levashov provided the Kelihos malware to Crypt4U personnel for crypting before distributing it to his victims.

Antivirus 102

Antivirus Malware Cryptocurrency Software 102

SC Magazine

FEBRUARY 17, 2021

billion in currency and cryptocurrency and further other strategic interests for the North Korean government. The charges captures years-worth of North Korean hacking, including the widely publicized 2014 Sony hack, the 2016 hack of the Central Bank of Bangladesh, the 2017 WannaCry ransomware attack and others.

Hacking 103

Hacking Cryptocurrency Banking Malware 103

CyberSecurity Insiders

FEBRUARY 8, 2021

And an official confirmation says that the attack was launched by notorious North Korean Lazarus hacking group that is known for its social engineering attacks such as the Wannacry 2017. And all the expenses are borne by the Kim Jung UN led nation who steals cryptocurrency to fund its nuclear programs.

Ransomware 134

Ransomware Social Engineering Cryptocurrency Cybercrime 134

Security Affairs

FEBRUARY 11, 2019

Security researcher Lukas Stefanko from ESET discovered the first Android cryptocurrency clipboard hijacker impersonating MetaMask on the official Google Play store. “This dangerous form of malware first made its rounds in 2017 on the Windows platform and was spotted in shady Android app stores in the summer of 2018.

Cryptocurrency 82

Cryptocurrency Mobile Advertising Malware 82

SecureWorld News

MARCH 16, 2023

Cryptocurrency has become a popular way to conduct transactions online, but it has also become a popular tool for cybercriminals. One of the ways they have been able to use crypto to their advantage is through the use of cryptocurrency mixers. One of the largest cryptocurrency mixers in the world is, or rather was , ChipMixer.

Cryptocurrency 72

Cryptocurrency Identity Theft Marketing Cybercrime 72

Malwarebytes

SEPTEMBER 19, 2023

Cryptocurrency investigators use specialized strategies to track down criminals. Although cryptocurrency is anonymous, that doesn't mean it's untraceable. During their active period (2017 - 2021), more than 600 victims worldwide were extorted, some of them up to double-digit millions. Prevent intrusions. Detect intrusions.

Ransomware 117

Ransomware Backups Cryptocurrency Cybercrime 117

Security Affairs

JULY 29, 2018

New Underminer exploit kit delivers a bootkit that infects the system’s boot sectors as well as a cryptocurrency miner dubbed Hidden Mellifera. “Underminer delivers a bootkit that infects the system’s boot sectors as well as a cryptocurrency-mining malware named Hidden Mellifera.” Pierluigi Paganini.

Cryptocurrency 45

Cryptocurrency Advertising Malware Encryption 45

Security Affairs

JULY 21, 2022

The gang focuses on infecting cloud hosts to deploy cryptocurrency miners by exploiting known vulnerabilities and conducting brute-force attacks. IRC Botnet malware and miner download/configuration and remediation persistence. Tsunami IRC Botnet malware sample validation and connectivity. PwnRig cryptocurrency miner execution.

Cryptocurrency 90

Cryptocurrency Malware Internet Internet 90

Security Affairs

JULY 30, 2018

Security experts from Kaspersky Lab have spotted a new cryptocurrency miner dubbed PowerGhost that can spread leveraging a fileless infection technique. “The malware, which we dubbed PowerGhost, is capable of stealthily establishing itself in a system and spreading across large corporate networks infecting both workstations and servers.”

Cryptocurrency 44

Cryptocurrency DDOS Advertising Malware 44

Security Affairs

AUGUST 7, 2018

Group-IB researchers have investigated user data leaks from cryptocurrency exchanges and has analyzed the nature of these incidents. In 2017, when cryptocurrencies were gaining momentum, their record-breaking capitalization and a spike in Bitcoin’s exchange rate led to dozens of attacks on cryptocurrency services.

Cryptocurrency 48

Cryptocurrency Passwords Authentication Accountability 48

Security Affairs

JANUARY 31, 2021

The Rocke group is using a new piece of cryptojacking malware dubbed Pro-Ocean to target Apache ActiveMQ, Oracle WebLogic, and Redis installs. The cybercrime group Rocke is using a new piece of cryptojacking malware called Pro-Ocean to target vulnerable Apache ActiveMQ, Oracle WebLogic, and Redis intalls.

Malware 84

Malware Cryptocurrency Firewall Cybercrime 84

Security Affairs

JUNE 22, 2021

Experts defined DirtyMoe as a complex malware that has been designed as a modular system. The Windows botnet has been active since late 2017, it was mainly used to mine cryptocurrency, but it was also involved in DDoS attacks in 2018. “Both PurpleFox and DirtyMoe are still active malware and gaining strength.”

DNS 128

DNS Cryptocurrency Internet Internet 128

Security Affairs

JUNE 4, 2021

Researchers noticed that malware authors have added multiple exploits for over 10 different web applications and the SMB protocol. Talos experts noticed that a version released on May 18 included Python versions of EternalBlue ( CVE-2017-0144 ) and EternalRomance ( CVE-2017-0147 ) exploits with a Windows download command line as the payload.

Malware 114

Malware Passwords DDOS IoT 114

CyberSecurity Insiders

AUGUST 22, 2022

According to French Government Centre for Combating Digital Crime (C3N) the demand has been placed in dollars and that needs to reach the hackers in cryptocurrency. The CHSF Hospital Centre in Corbeil-Essonne’s, Paris, is the victim that is in discussion and the computer attack is said to have taken place on Saturday night last week.

Ransomware 106

Ransomware Healthcare Cryptocurrency Cyber Attacks 106

Security Affairs

OCTOBER 26, 2022

Kaye laundered cryptocurrency obtained from the illegal The Real Deal operation through the mixing service Bitmixer.io. Kaye made a name for himself as the developer and seller of the GovRAT malware that his “customers” used to hack U.S. ’s National Crime Agency (NCA) in February 2017. Kaye was arrested by U.K.’s

Marketing 87

Marketing Government Hacking Accountability 87

Security Affairs

JANUARY 14, 2022

The North Korea-linked APT group BlueNoroff has been spotted targeting cryptocurrency startups with fake MetaMask browser extensions. The North Korea-linked APT group BlueNoroff has been spotted targeting cryptocurrency startups with fake MetaMask browser extensions. The researchers are not aware of the compromise of these companies.

Cryptocurrency 93

Cryptocurrency Banking Passwords Malware 93

Security Affairs

AUGUST 30, 2020

The US DoJ has filed a civil forfeiture complaint with the intent to seize control over 280 Bitcoin and Ethereum accounts that are believed to be holding funds which are the proceeds of hacking campaigns conducted by North Korea-linked APT groups against two cryptocurrency exchanges. In the second attack, threat actors stole $2.5

Cryptocurrency 116

Cryptocurrency Hacking Advertising Accountability 116

CyberSecurity Insiders

APRIL 17, 2022

US Treasury has endorsed the news and tagged it as one of the biggest cryptocurrency heists of all time. Gamers on Axie can earn cryptocurrency for playing and winning games and selling their avatars. Highly placed sources say that the steal of funds was made to find the nuclear ambitions of Kim Jong UN.

Cryptocurrency 104

Cryptocurrency Government Education Cyber Attacks 104