2017, Cybercrime, Hacking and Malware - Cyber Security Informer

UK Ad Campaign Seeks to Deter Cybercrime

Krebs on Security

MAY 28, 2020

The United Kingdom’s anti-cybercrime agency is running online ads aimed at young people who search the Web for services that enable computer crimes, specifically trojan horse programs and DDoS-for-hire services. ’s National Crime Agency , which saw success with a related campaign for six months starting in December 2017.

Cybercrime

Cybercrime DDOS Advertising Hacking

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Krebs on Security

FEBRUARY 9, 2023

Authorities in the United States and United Kingdom today levied financial sanctions against seven men accused of operating “ Trickbot ,” a cybercrime-as-a-service platform based in Russia that has enabled countless ransomware attacks and bank account takeovers since its debut in 2016. companies and government entities.

Hacking

Hacking Cybercrime Ransomware Government

This Service Helps Malware Authors Fix Flaws in their Code

Krebs on Security

MAY 18, 2020

Almost daily now there is news about flaws in commercial software that lead to computers getting hacked and seeded with malware. Here’s a look at one long-lived malware vulnerability testing service that is used and run by some of the Dark Web’s top cybercriminals. is cybercrime forum.

Malware

Malware Cybercrime Ransomware Marketing

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Cybercrime Statistics in 2019

Security Affairs

JANUARY 18, 2020

I’m preparing the slides for my next speech and I decided to create this post while searching for interesting cybercrime statistics in 2020. Cybercrime will cost as much as $6 trillion annually by 2021. The global expense for organizations to protect their systems from cybercrime attacks will continue to grow.

Cybercrime

Cybercrime Small Business Data breaches Mobile

TA547 targets German organizations with Rhadamanthys malware

Security Affairs

APRIL 12, 2024

Proofpoint researchers observed a threat actor, tracked as TA547, targeting German organizations with an email campaign delivering the Rhadamanthys malware. The security firm pointed out that this is the first TA547 group to use this malware family. The experts also discovered the attempts of using LLM in malware campaigns.

Malware

Malware Social Engineering Retail Engineering

DarkGate malware campaign abuses Skype and Teams

Security Affairs

OCTOBER 16, 2023

Researchers uncovered an ongoing campaign abusing popular messaging platforms Skype and Teams to distribute the DarkGate malware. The threat actors abused popular messaging platforms such as Skype and Teams to deliver a script used as a loader for a second-stage payload, which was an AutoIT script containing the DarkGate malware.

Malware

Malware Cryptocurrency Accountability Cybercrime

Russian-speaking cybercrime evolution: What changed from 2016 to 2021

SecureList

OCTOBER 20, 2021

Having been in the field for so long, we have witnessed some major changes in the cybercrime world’s modus operandi. This report shares our insights into the Russian-speaking cybercrime world and the changes in how it operates that have happened in the past five years. Client-side attacks on the wane.

Cybercrime

Cybercrime Banking Malware Ransomware

Russian cybercrime group likely behind ongoing exploitation of PaperCut flaws

Security Affairs

APRIL 24, 2023

It is interesting to note that the domain was also hosting malware a variant of the TrueBot malware. Truebot has been active since 2017 and some researchers linked it to the Russian Silence Group , while a recent investigation linked it to threat actor TA505 (aka Evil Corp). com, was registered on April 12, 2023.

Cybercrime

Cybercrime Software Education Ransomware

EnemyBot malware adds new exploits to target CMS servers and Android devices

Security Affairs

MAY 30, 2022

The researchers attribute the botnet to the cybercrime group Keksec which focuses on DDoS-based extortion. Experts pointed out that the malware is being actively developed. The malware can quickly adopt one-day vulnerabilities (within days of a published proof of concept).” SecurityAffairs – hacking, EnemyBot).

Malware

Malware DDOS IoT Cybercrime

IcedID malware campaign targets Zoom users

Security Affairs

JANUARY 7, 2023

Cyber researchers warn of a modified Zoom app that was used by threat actors in a phishing campaign to deliver the IcedID Malware. Cyble researchers recently uncovered a phishing campaign targeting users of the popular video conferencing and online meeting platform Zoom to deliver the IcedID malware. ” concludes the report.

Malware

Malware Phishing Banking Hacking

Two PoS Malware used to steal data from more than 167,000 credit cards

Security Affairs

OCTOBER 25, 2022

Researchers reported that threat actors used 2 PoS malware variants to steal information about more than 167,000 credit cards. Cybersecurity firm Group-IB discovered two PoS malware to steal data associated with more than 167,000 credit cards from point-of-sale payment terminals. MajikPOS is written using the “.NET

Malware

Malware Cybercrime Banking Marketing

Source code of Dharma ransomware now surfacing on public hacking forums

Security Affairs

MARCH 29, 2020

The source code of the infamous Dharma ransomware is now available for sale on two Russian-language hacking forums. The source code of one of the most profitable ransomware families, the Dharma ransomware , is up for sale on two Russian-language hacking forums. SecurityAffairs – Dharma ransomware, malware). Pierluigi Paganini.

Ransomware

Ransomware Hacking Advertising Malware

Three North Korean hackers charged for financial and revenge-motivated hacks

SC Magazine

FEBRUARY 17, 2021

The Department of Justice has unsealed an indictment against three members of Lazarus Group for a wide range of financially-motivated hacks against private businesses that authorities said were designed to steal $1.3 The advisory contains technical analysis as well as indicators of compromise that security teams can use to detect the malware.

Hacking

Hacking Cryptocurrency Banking Malware

TheMoon bot infected 40,000 devices in January and February

Security Affairs

MARCH 26, 2024

A new variant of TheMoon malware infected thousands of outdated small office and home office (SOHO) routers and IoT devices worldwide. The activity of the TheMoon botnet was first spotted in 2014, and since 2017 its operators added to the code of the bot at least 6 IoT device exploits.

IoT

IoT Cybercrime Internet Internet

TinyNuke banking malware targets French organizations

Security Affairs

DECEMBER 13, 2021

The TinyNuke malware is back and now was used in attacks aimed at French users working in manufacturing, technology, construction, and business services. Proofpoint researchers uncovered a campaign exclusively targeting French entities and organizations with operations in France with the banking malware TinyNuke. Pierluigi Paganini.

Banking

Banking Malware Manufacturing Business Services

$10M Is Yours If You Can Get This Guy to Leave Russia

Krebs on Security

MAY 4, 2023

government this week put a $10 million bounty on the head of a Russian man who for the past 18 years operated Try2Check , one of the cybercrime underground’s most trusted services for checking the validity of stolen credit card data. In 2017, U.S. According to cybersecurity firm Constella Intelligence , the address polkas@bk.ru

Marketing

Marketing Cybercrime Accountability Cryptocurrency

Group-IB presented latest cybercrime and nation-state hacking trends in Asia

Security Affairs

NOVEMBER 16, 2018

According to Group-IB’s report findings, Asia is one of the most actively attacked regions in the world, the company presented latest cybercrime trends. In 2017-2018 hackers’ interest in cryptocurrency exchanges ramped up. New cybercrime groups are also expected to start operations in Asia and Latin America. Attacks on Crypto.

Cybercrime

Cybercrime Hacking Banking Phishing

Lemon_Duck cryptomining malware evolves to target Linux devices

Security Affairs

AUGUST 28, 2020

A new variant of the infamous Lemon_Duck cryptomining malware has been updated to targets Linux devices. Security researchers from Sophos have spotted a new variant of the Lemon_Duck cryptomining malware that has been updated to compromise Linux machines via SSH brute force attacks. SecurityAffairs – hacking, Lemon_Duck).

Malware

Malware Authentication Passwords Internet

Ransomware attack on Brazil Nuclear Power Facility via Vulnerability

CyberSecurity Insiders

FEBRUARY 8, 2021

And an official confirmation says that the attack was launched by notorious North Korean Lazarus hacking group that is known for its social engineering attacks such as the Wannacry 2017. Note- Lazarus group aka Guardians of Peace is a Cybercrime group that is being funded by North Korean intelligence- as per US Intelligence.

Ransomware

Ransomware Social Engineering Cryptocurrency Cybercrime

Go-based Chaos malware is rapidly growing targeting Windows, Linux and more

Security Affairs

SEPTEMBER 29, 2022

A new multifunctional Go-based malware dubbed Chaos is targeting both Windows and Linux systems, experts warn. Researchers from Black Lotus Labs at Lumen Technologies, recently uncovered a multifunctional Go-based malware that was developed to target devices based on multiple architectures, including Windows and Linux.

Malware

Malware DDOS Architecture Financial Services

US and UK link new Cyclops Blink malware to Russian state hackers?

Security Affairs

FEBRUARY 23, 2022

UK and US cybersecurity agencies linked Cyclops Blink malware to Russia’s Sandworm APT. US and UK cybersecurity and law enforcement agencies published a joint security advisory about a new malware, dubbed Cyclops Blink, that has been linked to the Russian-backed Sandworm APT group. SecurityAffairs – hacking, CISA).

Malware

Malware Firmware Architecture Firewall

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

Balaban This ransomware was doing the rounds over spam generated by the Gameover ZeuS botnet, which had been originally launched in 2011 as a toolkit for stealing victim’s banking credentials and was repurposed for malware propagation. Forward outlook Ransomware is a dynamic and increasingly hybrid segment of cybercrime.

Ransomware

Ransomware Hacking Encryption Penetration Testing

Karma Catches Up to Global Phishing Service 16Shop

Krebs on Security

AUGUST 17, 2023

The international police organization INTERPOL said last week it had shuttered the notorious 16Shop, a popular phishing-as-a-service platform launched in 2017 that made it simple for even complete novices to conduct complex and convincing phishing scams.

Phishing

Phishing Passwords Internet Internet

A Ukrainian man is the third FIN7 member sentenced in the United States

Security Affairs

APRIL 8, 2022

A Ukrainian man was sentenced in the US to 5 years in prison for his criminal activity in the cybercrime group FIN7. for high-level hacking activity in the cybercrime group FIN7 (aka Carbanak Group and the Navigator Group). Iarmak is the third member of the FIN7 cybercrime group to be sentenced in the U.S. in May 2020.

Cybercrime

Cybercrime Hacking Software Phishing

Canada Charges Its “Most Prolific Cybercriminal”

Krebs on Security

DECEMBER 8, 2021

According to cyber intelligence firm Intel 471 , that dark_cl0ud6@hotmail.com address has been used in conjunction with the handle “ DCReavers2 ” to register user accounts on a half-dozen English-language cybercrime forums since 2008, including Hackforums , Blackhatworld, and Ghostmarket. ” The U.S.

Cybercrime

Cybercrime Ransomware Accountability Advertising

FIN8 Hacking Group is back with an improved version of the ShellTea Backdoor

Security Affairs

JUNE 12, 2019

The last time security experts documented the FIN8’s activities was in 2016 and 2017. FireEye documented obfuscation techniques used by the group in June 2017 and the involvement of PUNCHTRACK POS-scraping malware. “It is believed that the malware was deployed as a result of several phishing attempts.”

Hacking

Hacking Malware Advertising Retail

New MATA Multi-platform malware framework linked to NK Lazarus APT

Security Affairs

JULY 23, 2020

North Korea-linked Lazarus APT Group has used a new multi-platform malware framework, dubbed MATA, to target entities worldwide. The MATA malware framework could target Windows, Linux, and macOS operating systems. The malware framework implements a wide range of features that allow attackers to fully control the infected systems.

Malware

Malware Ransomware Advertising Encryption

Wannacry, the hybrid malware that brought the world to its knees

Security Affairs

OCTOBER 31, 2022

In the early afternoon of Friday 12 May 2017, the media broke the news of a global computer security attack carried out through a malicious code capable of encrypting data residing in information systems and demanding a ransom in cryptocurrency to restore them, the Wannacry ransomware. SecurityAffairs – hacking, Wannacry).

Malware

Malware Computers and Electronics Encryption Ransomware

Sonicwall warns of a spike in the number of attacks involving encrypted malware and IoT malware

Security Affairs

JULY 29, 2019

According to experts at Sonicwall, scanning of random ports and the diffusion of encrypted malware are characterizing the threat landscape. In 2018, global malware volume recorded by SonicWall hit a record-breaking 10.52 Most of the attacks targeted non-standard ports and experts observed a spike in the number of encrypted malware.

IoT

IoT Encryption Malware Advertising

Tedrade banking malware families target users worldwide

Security Affairs

JULY 19, 2020

The four malware families are named Guildma, Javali, Melcoz, and Grandoreiro, experts believe are the result of a Brazilian banking group/operation that is evolving its capabilities targeting banking users abroad. Experts noticed that the malware uses the BITSAdmin tool to download the additional modules. ” continues Kaspersky.

Banking

Banking Malware Phishing Advertising

The author of FastPOS PoS malware pleads guilty

Security Affairs

AUGUST 1, 2020

A 30-year-old Moldovan man pleaded guilty this week for creating the FastPOS malware that infected PoS systems worldwide. The Moldovan citizen Valerian Chiochiu (30), aka Onassis, pleaded guilty on Friday for creating the infamous FastPOS Point-of-Sale (POS) malware. SecurityAffairs – hacking, FastPOS). and infraud.ws.

Malware

Malware Advertising Cybercrime Hacking

TA544 group behind a spike in Ursnif malware campaigns targeting Italy

Security Affairs

OCTOBER 3, 2021

TA544 is a financially motivated threat actor that is active at least since 2017, it focuses on attacks on banking users, it leverages banking malware and other payloads to target organizations worldwide, mainly in Italy and Japan. SecurityAffairs – hacking, Ursnif). ” reads the analysis published by Proofpoint.

Malware

Malware Banking Social Engineering Retail

Crooks abuse website contact forms to deliver IcedID malware

Security Affairs

APRIL 10, 2021

Microsoft researchers spotted a malware campaign abusing contact forms on legitimate websites to deliver the IcedID malware. Security experts from Microsoft have uncovered a malware campaign abusing contact forms on legitimate websites to deliver the IcedID malware. SecurityAffairs – hacking, IcedID malware).

Malware

Malware Banking Marketing Authentication

North Korea-linked hackers stole $626 million in virtual assets in 2022

Security Affairs

DECEMBER 22, 2022

The Government of Pyongyang focuses on crypto hacking to fund its military program following harsh U.N. “South Korea’s main spy agency, the National Intelligence Service, said North Korea’s capacity to steal digital assets is considered among the best in the world because of the country’s focus on cybercrimes since U.N.

Cryptocurrency

Cryptocurrency Cybercrime Media Government

Marcus Hutchins pleads guilty to two counts of banking malware creation

Security Affairs

APRIL 20, 2019

British malware researcher Marcus Hutchins has pleaded guilty to developing and sharing the banking malware between July 2014 and July 2015. The popular British cybersecurity expert Marcus Hutchins has pleaded guilty to developing and sharing the Kronos banking malware between July 2014 and July 2015. Pierluigi Paganini.

Banking

Banking Malware Advertising Cybercrime

SynAck ransomware gang releases master decryption keys for old victims

Security Affairs

AUGUST 13, 2021

The news was first reported by TheRecord website, the master decryption keys work for victims that were infected between July 2017 and early 2021. “The keys have been verified as authentic by Michael Gillespie , a malware analyst at security firm Emsisoft and the creator of the ID-Ransomware service.” Pierluigi Paganini.

Ransomware

Ransomware Authentication Malware Hacking

Russian nation sentenced to 48 months in prison for helping Kelihos Botnet to evade detection

Security Affairs

DECEMBER 12, 2021

Russian national Oleg Koshkin was convicted in January for charges related to the operation of a malware crypting service used by the Kelihos botnet to obfuscate malware and evade detection. Koshkin was arrested in California in September 2019 , while Tsurkan was arrested in April 2017. Pierluigi Paganini.

Antivirus

Antivirus Malware Cybercrime Cyber threats

More than 17,000 WordPress websites infected with the Balada Injector in September

Security Affairs

OCTOBER 12, 2023

In September more than 17,000 WordPress websites have been compromised by the Balada Injector malware. The Balada injector is a malware family that has been active since 2017. The malware supports multiple attack vectors and persistence mechanisms. The malware supports multiple attack vectors and persistence mechanisms.

Malware

Malware Hacking Accountability Cybercrime

Nissan Oceania data breach impacted roughly 100,000 people

Security Affairs

MARCH 14, 2024

Stolen data included corporate files and personal information Nissan refused to pay the ransom and the cybercrime group published the alleged stolen files. In December 2017, Nissan Finance Canada was hacked , personal information of 1.13 This week, Nissan Oceania announced that it started notifying the impacted individuals.

Data breaches

Data breaches Identity Theft Financial Services Cybercrime

Ticketmaster will pay $10 Million fine over hacking a competitor

Security Affairs

JANUARY 2, 2021

Ticketmaster agreed to pay a $10 million fine for hacking into the computer system of the startup rival CrowdSurge. The attacks aimed at stealing information to gain an advantage over CrowdSurge, which was acquired by Warner Music Group (WMG) in 2017. ” Both Mead and Zaidi were fired by Ticketmaster in 2017.

Hacking

Hacking Passwords Accountability Cybercrime

Russian author of NeverQuest banking malware gets 4 Years in U.S. Prison

Security Affairs

NOVEMBER 22, 2019

The Russian hacker who created and used Neverquest banking malware has finally been sentenced to 4 years in prison by a US District Court. Lisov was arrested in January 2017 at the Barcelona airport by the Guardia Civil. Lisov was arrested in January 2017 at the Barcelona airport by the Guardia Civil. Pierluigi Paganini.

Banking

Banking Malware Advertising Passwords

SEC announces sanctions against entities over email account hacking

Security Affairs

SEPTEMBER 1, 2021

Securities and Exchange Commission (SEC) announced sanctions against several organizations over email account hacking. Securities and Exchange Commission (SEC) announced sanctions against eight entities belonging to three companies over email account hacking due to cybersecurity failures. Pierluigi Paganini.

Accountability

Accountability Hacking Financial Services Cybersecurity

Meet the Administrators of the RSOCKS Proxy Botnet

Krebs on Security

JUNE 22, 2022

last week said they dismantled the “ RSOCKS ” botnet, a collection of millions of hacked devices that were sold as “proxies” to cybercriminals looking for ways to route their malicious traffic through someone else’s computer. Authorities in the United States, Germany, the Netherlands and the U.K.

Advertising

Advertising Cybercrime System Administration Hacking

British hacker arraigned for running The Real Deal dark web marketplace

Security Affairs

OCTOBER 26, 2022

government computers; stolen account login credentials for social media accounts and bank accounts; stolen credit card information; stolen personally identifiable information; illegal drugs; botnets; and computer hacking tools.” ’s National Crime Agency (NCA) in February 2017. SecurityAffairs – hacking, The Real Deal).

Marketing

Marketing Government Hacking Accountability

UK Ad Campaign Seeks to Deter Cybercrime

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Webinars

Trending Sources

This Service Helps Malware Authors Fix Flaws in their Code

Webinars

Cybercrime Statistics in 2019

TA547 targets German organizations with Rhadamanthys malware

DarkGate malware campaign abuses Skype and Teams

Russian-speaking cybercrime evolution: What changed from 2016 to 2021

Russian cybercrime group likely behind ongoing exploitation of PaperCut flaws

EnemyBot malware adds new exploits to target CMS servers and Android devices

IcedID malware campaign targets Zoom users

Two PoS Malware used to steal data from more than 167,000 credit cards

Source code of Dharma ransomware now surfacing on public hacking forums

Three North Korean hackers charged for financial and revenge-motivated hacks

TheMoon bot infected 40,000 devices in January and February

TinyNuke banking malware targets French organizations

$10M Is Yours If You Can Get This Guy to Leave Russia

Group-IB presented latest cybercrime and nation-state hacking trends in Asia

Lemon_Duck cryptomining malware evolves to target Linux devices

Ransomware attack on Brazil Nuclear Power Facility via Vulnerability

Go-based Chaos malware is rapidly growing targeting Windows, Linux and more

US and UK link new Cyclops Blink malware to Russian state hackers?

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Karma Catches Up to Global Phishing Service 16Shop

A Ukrainian man is the third FIN7 member sentenced in the United States

Canada Charges Its “Most Prolific Cybercriminal”

FIN8 Hacking Group is back with an improved version of the ShellTea Backdoor

New MATA Multi-platform malware framework linked to NK Lazarus APT

Wannacry, the hybrid malware that brought the world to its knees

Sonicwall warns of a spike in the number of attacks involving encrypted malware and IoT malware

Tedrade banking malware families target users worldwide

The author of FastPOS PoS malware pleads guilty

TA544 group behind a spike in Ursnif malware campaigns targeting Italy

Crooks abuse website contact forms to deliver IcedID malware

North Korea-linked hackers stole $626 million in virtual assets in 2022

Marcus Hutchins pleads guilty to two counts of banking malware creation

SynAck ransomware gang releases master decryption keys for old victims

Russian nation sentenced to 48 months in prison for helping Kelihos Botnet to evade detection

More than 17,000 WordPress websites infected with the Balada Injector in September

Nissan Oceania data breach impacted roughly 100,000 people

Ticketmaster will pay $10 Million fine over hacking a competitor

Russian author of NeverQuest banking malware gets 4 Years in U.S. Prison

SEC announces sanctions against entities over email account hacking

Meet the Administrators of the RSOCKS Proxy Botnet

British hacker arraigned for running The Real Deal dark web marketplace

Stay Connected