2018, Accountability, Cryptocurrency and DNS

Hackers hijacked Coincheck ‘s domain registrar account and targeted some users

Security Affairs

JUNE 4, 2020

Hackers hijacked one of the domains of the Japanese cryptocurrency exchange Coincheck and used it for spear-phishing attacks. The Japanese cryptocurrency exchange Coincheck announced that threat actors have accessed their account at the Oname.com domain registrar and hijacked one of its domain names. NS ???????????? awsdns-61[.]org

Accountability

Accountability Phishing DNS Cryptocurrency

The BlueNoroff cryptocurrency hunt is still on

SecureList

JANUARY 13, 2022

Also, we have previously reported on cryptocurrency-focused BlueNoroff attacks. It appears that BlueNoroff shifted focus from hitting banks and SWIFT-connected servers to solely cryptocurrency businesses as the main source of the group’s illegal income.

Cryptocurrency

Cryptocurrency Malware Accountability Banking

When Low-Tech Hacks Cause High-Impact Breaches

Krebs on Security

FEBRUARY 26, 2023

The hackers were able to change the Domain Name System (DNS) records for the transaction brokering site escrow.com so that it pointed to an address in Malaysia that was host to just a few other domains, including the then brand-new phishing domain servicenow-godaddy[.]com.

Hacking

Hacking Social Engineering Phishing Scams

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Who’s Behind the Screencam Extortion Scam?

Krebs on Security

AUGUST 25, 2018

On August 7, 2018, a user on the forum of free email service hMailServer posted a copy of the sextortion email he received, noting that it included a password he’d formerly used online. All of those two-name domains used domain name servers (DNS servers) from uscourtsgov-dot-com at the time these emails were sent.

Scams

Scams Internet Internet Passwords

TA505 Group adds new ServHelper Backdoor and FlawedGrace RAT to its arsenal

Security Affairs

JANUARY 13, 2019

“In November 2018, TA505 , a prolific actor that has been at the forefront of this trend, began distributing a new backdoor we named “ServHelper”. “On December 13, 2018, we observed another large ServHelper “downloader” campaign targeting retail and financial services customers.” DOC , PUB, and. WIZ documents.

Malware

Malware DNS Financial Services Retail

Why 83 Percent of Large Companies Are Vulnerable to This Basic Domain Hack

Adam Levin

JULY 8, 2020

Hackers were also quick to pounce on the disruption caused by the 2018 shutdown of the U.S. A recent domain hijack of Japanese cryptocurrency exchange Coincheck.com was used to spoof the company in a spear-phishing campaign. Many of these faux-Zoom sites were used to distribute malware under the guise of links to online meetings.

Hacking

Hacking Retail Cyber Insurance Authentication

StripedFly: Perennially flying under the radar

SecureList

OCTOBER 25, 2023

Introduction It’s just another cryptocurrency miner… Nobody would even suspect the mining malware was merely a mask, masquerading behind an intricate modular framework that supports both Linux and Windows. During that time, it had effectively evaded analysis and had previously been misclassified as a cryptocurrency miner.

Malware

Malware DNS Encryption Cryptocurrency

IT threat evolution in Q2 2023

SecureList

AUGUST 30, 2023

While investigating an infection of a cryptocurrency company in Southeast Asia, we found Gopuram coexisting on target computers with AppleJeus , a backdoor attributed to the Lazarus. The threat actor specifically targeted cryptocurrency companies. We observed that they have a specific interest in cryptocurrency companies.

Malware

Malware Spyware Cryptocurrency Government

IT threat evolution Q3 2023

SecureList

DECEMBER 1, 2023

This included all contacts, sent and received messages with attached files, names of chats/channels, name and phone number of the account owner – the target’s entire correspondence. Upon startup, this backdoor makes a type A DNS request for the <hex-encoded 20-byte string> u.fdmpkg[.]org org domain.

Malware

Malware Ransomware Encryption Energy and Utilities

The State of Blockchain Applications in Cybersecurity

eSecurity Planet

JULY 28, 2021

Since blockchain’s arrival, cryptocurrency has framed the technology as permissionless, or a public blockchain. Going back to RSA 2018’s Cryptographers’ Panel , it was the ‘S’ in RSA, Adi Samir, who said blockchain could address threats presented by quantum computing. More robust security for Domain Name Systems (DNS).

Cybersecurity

Cybersecurity Cryptocurrency Technology Energy and Utilities

IT threat evolution Q1 2022

SecureList

MAY 27, 2022

In January, we reported a malicious campaign targeting companies that work with cryptocurrencies, smart contracts, decentralized finance and blockchain technology: the attackers are interested in fintech in general. The campaign has two goals: gathering information and stealing cryptocurrency. Roaming Mantis reaches Europe.

Phishing

Phishing Spyware Firmware Malware

DDoS attacks in Q4 2020

SecureList

FEBRUARY 16, 2021

The DTLS (Datagram Transport Layer Security) protocol is used to establish secure connections over UDP, through which most DNS queries, as well as audio and video traffic, are sent. While the resource was down, cryptocurrency newbies were invited to download a copy of Bitcoin Core via a torrenting service.

DDOS

DDOS Cryptocurrency Marketing Internet

IT threat evolution in Q3 2022. Non-mobile statistics

SecureList

NOVEMBER 18, 2022

Attempts to run malware for stealing money from online bank accounts were stopped on the computers of 99,989 unique users. The former threatened files accessible from the internet over SMB protocol and protected by a weak account password. Web Anti-Virus recognized 251,288,987 unique URLs as malicious. Local threats.

Mobile

Mobile Malware Ransomware IoT

NullMixer: oodles of Trojans in a single dropper

SecureList

SEPTEMBER 26, 2022

RedLine’s main purpose is to steal credentials and information from browsers, in addition to stealing credit card details and cryptocurrency wallets from the compromised machine. After retrieving this information, the malware attempts to extract additional information like access tokens, account IDs, etc. ColdStealer.

Malware

Malware Cryptocurrency Passwords Software

Cyber Security Informer

Hackers hijacked Coincheck ‘s domain registrar account and targeted some users

The BlueNoroff cryptocurrency hunt is still on

Webinars

Trending Sources

When Low-Tech Hacks Cause High-Impact Breaches

Webinars

Who’s Behind the Screencam Extortion Scam?

TA505 Group adds new ServHelper Backdoor and FlawedGrace RAT to its arsenal

Why 83 Percent of Large Companies Are Vulnerable to This Basic Domain Hack

StripedFly: Perennially flying under the radar

IT threat evolution in Q2 2023

IT threat evolution Q3 2023

The State of Blockchain Applications in Cybersecurity

IT threat evolution Q1 2022

DDoS attacks in Q4 2020

IT threat evolution in Q3 2022. Non-mobile statistics

NullMixer: oodles of Trojans in a single dropper

Stay Connected