Security Affairs

APRIL 19, 2021

Avast researchers analyzed the activity of a simple cryptocurrency malware dubbed HackBoss that allowed its operators to earn over $560K. The antivirus company Avast analyzed the case of a simple malware dubbed HackBoss and how it allowed its operators to earn more $560K worth of cryptocurrency since November 2018.

Cryptocurrency 144

Cryptocurrency Malware Hacking Banking 144

Security Affairs

SEPTEMBER 2, 2020

Experts warn of the KryptoCibule Windows malware that has been active since late 2018 and has targeted users in the Czech Republic and Slovakia. Security researchers from ESET have shared technical detailts of a new piece of Windows malware tracked as KryptoCibule. ” reads the report. ” concludes ESET.

Cryptocurrency 134

Cryptocurrency Antivirus Malware Advertising 134

CyberSecurity Insiders

JANUARY 26, 2022

In November 2021, AT&T Alien Labs™ first published research on our discovery of new malware written in the open-source programming language Golang. The team named this malware “BotenaGo.” Key takeaways: BotenaGo malware source code is now available to any malicious hacker or malware developer.

Malware 81

Malware IoT Authentication Antivirus 81

Security Affairs

OCTOBER 30, 2018

Windows Defender, the Windows built-in anti-malware tool, implemented the ability to run in a secure sandbox mode. Since antivirus and anti-malware tools run with the highest level of privileges to scan all parts of a computer for malicious code, it has become a desired target for attackers. Wow, this is amazing.

Antivirus 79

Antivirus Advertising Malware Software 79

Security Affairs

MARCH 28, 2019

The discovery was made by experts at Kaspersky Lab, the campaign has been ongoing since at least November 2018, Kaspersky Lab reports. The activity of the Lazarus Group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks and experts that investigated on the crew consider it highly sophisticated.

Cryptocurrency 87

Cryptocurrency Malware Advertising Antivirus 87

Krebs on Security

APRIL 22, 2019

The owner of a Swedish company behind a popular remote administration tool (RAT) implicated in thousands of malware attacks shares the same name as a Swedish man who pleaded guilty in 2015 to co-creating the Blackshades RAT , a similar product that was used to infect more than half a million computers with malware, KrebsOnSecurity has learned.

Advertising 194

Advertising Antivirus Software Malware 194

Security Affairs

APRIL 7, 2021

Attackers are actively exploiting the CVE-2018-13379 flaw in Fortinet VPN to deploy the Cring ransomware to organizations in the industrial sector. Upon compromising the domain administrator account, threat actors could distributee malware to other systems on the same network. SecurityAffairs – hacking, Fortinet VPN).

VPN 95

VPN Ransomware Antivirus Firmware 95

Security Affairs

SEPTEMBER 22, 2018

The Latvian expert Ruslans Bondars (37), who developed and run the counter antivirus service Scan4You has been sentenced to 14 years in prison. Scan4you is a VirusTotal like online multi-engine antivirus scanning service that could be used by vxers to test evasion abilities of their malware against the major antiviruses.

Malware 90

Malware Antivirus Retail Advertising 90

Security Affairs

OCTOBER 11, 2018

ESET researchers have spotted a new strain of malware tracked as Exaramel that links the dreaded not Petya wiper to the Industroyer ICS malware. A few months ago, researchers from ESET discovered a new piece of malware that further demonstrates the existence of a link between Industroyer and the NotPetya wiper.

Malware 87

Malware Passwords Advertising Antivirus 87

Security Affairs

APRIL 11, 2019

Users that have downloaded the VSDC multimedia editing software between 2019-02-21 and 2019-03-23, may have been infected with malware. The hackers already compromised the official website of VSDC in the past, in previous attacks they hijacked the download links to deliver malware to the victims. SecurityAffairs – hacking, VSDC).

Software 68

Software Hacking Banking Malware 68

Security Affairs

JUNE 22, 2021

Experts defined DirtyMoe as a complex malware that has been designed as a modular system. The Windows botnet has been active since late 2017, it was mainly used to mine cryptocurrency, but it was also involved in DDoS attacks in 2018. “Both PurpleFox and DirtyMoe are still active malware and gaining strength.”

DNS 126

DNS Cryptocurrency Internet Internet 126

Security Affairs

APRIL 30, 2021

The weaponized RTF documents generated with the exploit builder are able to trigger the CVE-2017-11882 , CVE-2018-0798 , CVE-2018-0802 vulnerabilities in Microsoft’s Equation Editor. SecurityAffairs – hacking, Russian defense contractor). ” reads the analysis published by Cybereason. Pierluigi Paganini.

Phishing 129

Phishing Malware Antivirus Encryption 129

Security Affairs

NOVEMBER 11, 2021

Beta, D6220, D6400, D7000 CVE-2018-10561, CVE-2018-10562 GPON home routers CVE-2013-3307 Linksys X3000 1.0.03 CVE-2018-10088 XiongMai uc-httpd 1.0.0 BotenaGo was written in Golang (Go) and at the time of the report published by the experts, it had a low antivirus (AV) detection rate (6/62). Beta, R6400 before 1.0.1.18.Beta,

IoT 121

IoT Firmware Malware Wireless 121

Security Affairs

AUGUST 3, 2020

He allegedly subscribed the GandCrab ransomware-as-a-service to create his own version of the malware and spread it running a spam campaign. The GandCrab ransomware-as-a-service first emerged from Russian crime underground in early 2018. SecurityAffairs – hacking, malware). reads the translation of the ad.

Ransomware 116

Ransomware Advertising Malware Hacking 116

Security Affairs

FEBRUARY 1, 2019

Security experts at Cybaze – Yoroi ZLab have analyzed a new sample of the AdvisorsBot malware, a downloader that was first spotted in August 2018. As usual, the malware looks like a legitimate e-mail attachment, named as “invoice.doc”. Figure 3 – Piece of VBS script that starts malware infection. DLL Analysis.

Malware 84

Malware DNS Social Engineering Advertising 84

Security Affairs

NOVEMBER 3, 2022

Sentinel Labs found evidence that links the Black Basta ransomware gang to the financially motivated hacking group FIN7. It focused on deploying POS malware and launching targeted spear-phishing attacks against organizations worldwide. SecurityAffairs – hacking, FIN7). Pierluigi Paganini.

Cybercrime 94

Cybercrime Ransomware Antivirus Malware 94

Krebs on Security

SEPTEMBER 30, 2023

The government says Snatch used a customized ransomware variant notable for rebooting Microsoft Windows devices into Safe Mode — enabling the ransomware to circumvent detection by antivirus or endpoint protection — and then encrypting files when few services are running. Details after contacting on jabber: truniger@xmpp[.]jp.”

Ransomware 215

Ransomware Accountability Cybercrime Backups 215

CyberSecurity Insiders

JANUARY 6, 2023

First launched in 2004 and updated most recently in 2018, the PCI Data Security (PCI DSS) standard is continually updated to reflect the evolving challenges of the cyberthreat landscape. Requirement 5: It is no longer sufficient to just have standard antivirus software. The current version, PCI DSS v3.2.1,

Antivirus 138

Antivirus Retail Software Accountability 138

Krebs on Security

JULY 18, 2022

re network uses at least two free VPN services to lure its users to install a malware-like software that achieves persistence on the user’s computer,” the researchers wrote. These two software are currently unknown to most if not all antivirus companies.” “The 911[.]re ” A depiction of the Proxygate service.

VPN 300

VPN Computers and Electronics Antivirus Software 300

Krebs on Security

JULY 28, 2022

” Microleaves has long been classified by antivirus companies as adware or as a “potentially unwanted program” (PUP), the euphemism that antivirus companies use to describe executable files that get installed with ambiguous consent at best, and are often part of a bundle of software tied to some “free” download.

Advertising 213

Advertising Software Computers and Electronics Internet 213

Security Affairs

APRIL 17, 2019

A new variant of the HawkEye data stealer emerges in the threat landscape as part of ongoing malware distribution campaigns. New malware campaigns leveraging a new variant of the HawkEye data stealer have been observed by experts at Talos. has been under active development since at least 2013. ” continues the analysis. .

Antivirus 82

Antivirus Malware Advertising Passwords 82

Security Affairs

FEBRUARY 7, 2020

The operators behind the infamous RobbinHood ransomware are exploiting a vulnerable GIGABYTE driver to kill antivirus products. Ransomware operators leverage a custom antivirus killing p ackage that is delivered to workstations to disable security solution before starting encryption. . Pierluigi Paganini.

Software 120

Software Ransomware Antivirus Encryption 120

Security Affairs

OCTOBER 17, 2018

Yoroi security firm uncovered a targeted attack against one of the most important companies in the Italian Naval Industry leveraging MartyMcFly Malware. Using an encrypted payload is quite a common way to evade Antivirus, since the encrypted payload changes depending on the used key. Stage1: Encrypted Content. But what is the key?

Malware 86

Malware Computers and Electronics Encryption Penetration Testing 86

The Last Watchdog

JANUARY 28, 2019

And the malware that subsequently gets installed continues to get more stealthy and capable with each advancing iteration. Researchers recently flushed out a new variety of the Xbash family of malware tuned to seek out administrators’ rights and take control of Linux servers. Apps from other sources can carry malware or spyware.

Passwords 196

Passwords Password Management Antivirus Internet 196

Malwarebytes

MARCH 17, 2021

But over the last few years, credible threats, exploits, and hacks of Apple products have become more persistent. Several effective Mac-facing miners joined the crypto-rush in 2018. ThiefQuest , a Mac malware masquerading as ransomware, was discovered in mid-2020. No matter the malware. Securing themselves in the foot.

Malware 96

Malware Adware Software Passwords 96

Security Affairs

NOVEMBER 19, 2019

To bypass antivirus systems, hackers send out malicious emails in non-working hours with delayed activation. The second half of 2018 saw a drop in the number of malicious programs downloaded via browsers reaching its minimum at less than 5%, while in the first half of 2019 only every 19 th download was initiated via means other than email.

Ransomware 70

Ransomware Antivirus Malware Banking 70

Malwarebytes

NOVEMBER 30, 2023

ScamClub is a threat actor who’s been involved in malvertising activities since 2018. To be clear, AP, ESPN, CBS and other sites were not hacked, but rather showed malicious ads. This is in part because we hunt for Windows malware and the occasional Mac ones too. azureedge[.]net/oc.js azureedge[.]net/lz.js azureedge[.]net/pt.js

Mobile 128

Mobile Scams Antivirus Malware 128

Security Affairs

MAY 19, 2023

The Lemon Group cybercrime ring has reportedly pre-installed malware known as Guerilla on almost 9 million Android devices. A cybercrime group tracked has Lemon Group has reportedly pre-installed malware known as Guerilla on almost 9 million Android devices. 231 banking malware.

Mobile 85

Mobile Advertising Malware Cybercrime 85

Security Affairs

MARCH 19, 2019

rar) spread by #WinRAR exploit ( #CVE -2018-20250). The vulnerability, tracked as CVE-2018-20250, was discovered by experts at Check Point in February, it could allow an attacker to gain control of the target system. At the moment of writing, 29 antivirus engines detect JNEC.a a ransomware , hacking ). The post New JNEC.a

Ransomware 70

Ransomware Antivirus Encryption Advertising 70

Security Affairs

JULY 10, 2020

Evilnum threat actor was first spotted in 2018 while using the homonym malware. Over the years, the group added new tools to its arsenal, including custom and homemade malware along with software purchased from the Golden Chickens malware-as-a-service (MaaS) provider. SecurityAffairs – hacking, Evilnum).

eCommerce 97

eCommerce Advertising Malware Spyware 97

Security Affairs

APRIL 4, 2020

The attack described by Microsoft begun with a phishing message that was opened by an internal employee, the malware infected its systems and made lateral movements infected other systems in the same network. The virus halted core services by saturating the CPU usage on Windows devices. ” reads the Microsoft DART announcement.

Antivirus 114

Antivirus Malware Phishing Advertising 114

Security Affairs

JULY 9, 2019

Microsoft Defender ATP Research Team discovered a fileless malware campaign that was spreading the information stealing Astaroth Trojan. Experts at the Microsoft Defender ATP Research Team discovered a fileless malware campaign that is delivering the information stealing Astaroth Trojan. SecurityAffairs – hacking, Astaroth Trojan).

Antivirus 72

Antivirus Malware Advertising Security Intelligence 72

Security Affairs

AUGUST 20, 2018

The popular malware researchers Marco Ramilli has analyzed a malware that remained under the radar for more than two years. During the analysis time, only really few Antivirus (6 out of 60) were able to “detect” the sample. AntiVirus Coverage. Resource (a.k.a package in where it will be contextualized).

Engineering 62

Engineering Malware Computers and Electronics Penetration Testing 62

Security Affairs

MARCH 8, 2019

Malware researchers from Trend Micro have spotted a new piece of malware dubbed SLUB that leverages GitHub and Slack for C&C communications. Malware researchers at Trend Micro have spotted a new backdoor dubbed SLUB that abuse GitHub and Slack for command and control (C&C) communications. ” concludes the experts.

Malware 82

Malware Advertising Antivirus Engineering 82

Security Affairs

MAY 27, 2019

Security researchers are monitoring a new hacking campaign aimed at Joomla and WordPress websites, attackers used.htaccess injector for malicious redirect. The website was used by attackers to redirect traffic to advertising sites that attempted to deliver malware. htaccess, hacking). htaccess code injection. Pierluigi Paganini.

Advertising 76

Advertising Malware Antivirus Software 76

Security Affairs

OCTOBER 12, 2019

FireEye Mandiant discovered that the FIN7 hacking group added new tools to its cyber arsenal, including a module to target remote administration software of ATM vendor. In March, the group carried out attacks delivering a previously unseen malware tracked as SQLRat that drops files and executes SQL scripts on the host.

Identity Theft 75

Identity Theft Hacking Advertising DNS 75

Security Affairs

DECEMBER 29, 2019

In August 2018, three members of the notorious cybercrime gang have been indicted and charged with 26 felony counts of conspiracy, wire fraud, computer hacking, access device fraud and aggravated identity theft. SecurityAffairs – FIN7, malware). Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Cybercrime 60

Cybercrime Antivirus Identity Theft Advertising 60