SecureList

NOVEMBER 1, 2022

Since the malware in this incident was compiled on April 15, 2021, and compilation dates are the same for all known samples, this incident is likely to be the first involving Maui ransomware. This report included technical details of malware used in the campaign, such as Ecipekac, SodaMaster, P8RAT, FYAnti and QuasarRAT.

Malware 138

Malware Ransomware Spyware Encryption 138

SecureList

AUGUST 30, 2023

Both infection methods resulted in the same malware (the DeathNote downloader), which uploaded the target’s information and retrieved the next-stage payload at the discretion of the C2 (Command and Control) server. It’s thought that the malware was spread through a vulnerability in the software.

Malware 72

Malware Spyware Cryptocurrency Government 72

Security Affairs

APRIL 8, 2019

This data comes not only from the analysis of underground forums and phishing websites, but also from the analysis of cybercriminals’ infrastructure (including but not limited to C&Cs) and malware disassembling. According to Group-IB’s annual Hi-Tech Crime Trends 2018 report, on average, from June 2017 to August 2018, the details of 1.8

Artificial Intelligence 63

Artificial Intelligence Government Banking Advertising 63

SecureList

NOVEMBER 17, 2021

Last year, we foresaw the APT and cybercrime worlds becoming more porous on an operational level. The Israeli Defense Forces (IDF) have claimed that threat actors have been using catfishing to lure Israeli soldiers into installing spyware. Let’s start by looking at the predictions we made for 2021.

Mobile 127

Mobile Surveillance Ransomware Government 127

Security Affairs

MARCH 19, 2019

New malware in gang’s arsenal. In January 2019, Group-IB specialists obtained information about previously unknown malware sample used in this attack, dubbed by Group-IB RATv3.ps The malware spreader as part of this campaign was primarily aimed at collecting information from the victim’s computer according to various commands.

Banking 79

Banking Government Passwords Marketing 79

Security Affairs

AUGUST 1, 2022

An Australian national has been charged for the creation and sale of the Imminent Monitor (IM) spyware, which was also used for criminal purposes. The 24-year-old Australian national Jacob Wayne John Keen has been charged for his alleged role in the development and sale of spyware known as Imminent Monitor (IM).

Spyware 103

Spyware Malware Cybercrime Hacking 103

Krebs on Security

JULY 16, 2019

For at least the past decade, a computer crook variously known as “ Yalishanda ,” “ Downlow ” and “ Stas_vl ” has run one of the most popular “bulletproof” Web hosting services catering to a vast array of phishing sites, cybercrime forums and malware download servers.

Cybercrime 183

Cybercrime Phishing Banking Malware 183

SecureList

JULY 27, 2023

The most remarkable findings Early in June, we issued an early warning of a long-standing campaign that we track under the name Operation Triangulation , involving a previously unknown iOS malware platform distributed via zero-click iMessage exploits. Kaspersky employees were also affected by this threat.

Malware 82

Malware Government Phishing Social Engineering 82

SecureList

APRIL 27, 2021

In our initial report on Sunburst , we examined the method used by the malware to communicate with its C2 (command-and-control) server and the protocol used to upgrade victims for further exploitation. This campaign made use of a previously unknown malware family we dubbed FourteenHi. webshells and Exaramel implants.

Malware 137

Malware Spyware Government Social Engineering 137

Security Affairs

JULY 7, 2019

ViceLeaker Android spyware targets users in the Middle East. US Cyber Command warns of Iran-linked hackers exploiting CVE-2017-11774 Outlook flaw. Cryptomining Campaign involves Golang malware to target Linux servers. Godlua backdoor, the first malware that abuses the DNS over HTTPS (DoH).

Scams 48

Scams Spyware DNS Advertising 48

Security Affairs

APRIL 28, 2024

Hackers may have accessed thousands of accounts on the California state welfare platform Brokewell Android malware supports an extensive set of Device Takeover capabilities Experts warn of an ongoing malware campaign targeting WP-Automatic plugin Cryptocurrencies and cybercrime: A critical intermingling Kaiser Permanente data breach may have impacted (..)

Cybercrime 96

Cybercrime Spyware Data breaches Antivirus 96

SecureList

OCTOBER 26, 2021

Following this, they were tricked into downloading previously unknown malware. The backdoor, dubbed Tomiris, bears a number of similarities to the second-stage malware, Sunshuttle (aka GoldMax), used by DarkHalo last year. ShadowPad is a highly sophisticated, modular cyberattack platform that APT groups have used since 2017.

Malware 139

Malware Government Surveillance Spyware 139

Herjavec Group

AUGUST 26, 2021

We can learn a lot from the cybercrime of the past…the history of cybercrime is a glimpse into what we can expect in the future. In the past 18 months, we’ve experienced the beginning of an era that has seen cybersecurity and cybercrime at the center of it all. Dateline Cybercrime . Robert Herjavec.

Cybercrime 135

Cybercrime Computers and Electronics Banking Hacking 135