Security Affairs

SEPTEMBER 12, 2020

“There was an uncontrolled resource consumption and out-of-memory (OOM) vulnerability that could have been easily exploited in a denial-of-service (DoS/DDoS) attack against many Bitcoin, Litecoin, Namecoin and Decred nodes by any other network participant.” SecurityAffairs – hacking, invdos). server crash). server crash).

Advertising 100

Advertising Cryptocurrency Engineering DDOS 100

SecureList

NOVEMBER 23, 2021

We should expect more fraud, targeting mostly BTC , because this cryptocurrency is the most popular. In fact, from January through the end of October, Kaspersky detected more than 2,300 fraudulent global resources aimed at 85,000 potential crypto investors or users who are interested in cryptocurrency mining.

Cryptocurrency 104

Cryptocurrency Banking Cybercrime Ransomware 104

Krebs on Security

MARCH 22, 2022

years in a Russian penal colony for convincing one of his top affiliates to launch a distributed denial-of-service (DDoS) attack against a competitor that shut down the ticketing system for the state-owned Aeroflot airline. A Google-translated snippet of the hacked ChronoPay Confluence installation. Click to enlarge.

Banking 193

Banking Marketing DDOS Risk 193

Security Affairs

MARCH 21, 2022

The Windows botnet has been active since late 2017, it was mainly used to mine cryptocurrency, but it was also involved in DDoS attacks in 2018. SecurityAffairs – hacking, botnet). Experts defined DirtyMoe as a complex malware that has been designed as a modular system. Pierluigi Paganini.

Malware 73

Malware Passwords DDOS Internet 73

Security Affairs

MAY 20, 2020

The Ukrainian Secret Service (SSU) has arrested a hacker known as Sanix, who was selling billions of stolen credentials on hacking forums and Telegram channels. Sanix has been active on the cybercrime underground at least since 2018, he focuses in the sale of stolen data from organizations. SecurityAffairs – Sanix, hacking).

Cybercrime 60

Cybercrime Passwords Advertising Hacking 60

SecureList

FEBRUARY 16, 2021

While the resource was down, cryptocurrency newbies were invited to download a copy of Bitcoin Core via a torrenting service. Cybercriminals used the names of well-known APT groups to intimidate victims, demanded ransoms in cryptocurrency, and carried out demonstration attacks to back up their threats.

DDOS 129

DDOS Cryptocurrency Marketing Internet 129

Security Affairs

FEBRUARY 27, 2019

Security researchers at Cisco Talos are warning of a spike in attacks on unsecured Elasticsearch clusters to drop cryptocurrency miners. Experts observed working exploits for the CVE-2018-7600 in Drupal (aka Drupalgeddon2 ) and the CVE-2017-10271 in Oracle WebLogic, and CVE-2018-1273 in Spring Data Commons. Pierluigi Paganini.

Cryptocurrency 83

Cryptocurrency Advertising DDOS Malware 83

Krebs on Security

DECEMBER 20, 2018

The seizure notice appearing on the homepage this week of more than a dozen popular “booter” or “stresser” DDoS-for-hire Web sites. They accept payment via PayPal, Google Wallet, and/or cryptocurrencies, and subscriptions can range in price from just a few dollars to several hundred per month. bullstresser[.]net.

DNS 182

DNS Computers and Electronics Government Internet 182

Security Affairs

SEPTEMBER 29, 2018

. “Unlike the aforementioned IoT botnets, this one tries to be more stealthy and persistent once the device is compromised, and it does not (yet) do the usual stuff a botnet does like DDOS , attacking all the devices connected to the internet, or, of course, mining cryptocurrencies.” pic.twitter.com/BrQzdfMFVB.

IoT 84

IoT Architecture Advertising DDOS 84

Security Affairs

APRIL 28, 2020

The Outlaw Hacking Group is back, malware researchers from Cybaze-Yoroi ZLab have uncovered a new botnet that is targeting European organizations. The Linux malware is the well-known “ Shellbot ”, it is a crimetool belonging to the arsenal of a threat actor tracked as the “Outlaw Hacking Group. ”. Introduction. Technical Analysis.

Architecture 101

Architecture Malware Hacking DDOS 101

Security Affairs

AUGUST 8, 2018

DDoS attacks, ransomware-based campaigns, cryptocurrency mining campaigns). “This C&C server has actually been active since 6 th March 2018 but didn’t attract attention because of the low capacity of the “black” botnet at that time. ” reads the analysis published by Checkpoint security.

Malware 47

Malware DNS Encryption Banking 47

SecureList

OCTOBER 20, 2021

It could be compromised directly or by hacking the account of someone with access to the website management. Cybercriminals also used to hack into servers of organizations to use them as relay servers to throw investigators off the scent and make it harder to trace the main C&C center.

Cybercrime 137

Cybercrime Banking Malware Ransomware 137

Security Affairs

AUGUST 27, 2020

While security experts have been aware of printer vulnerabilities for quite a while, even previous large-scale attacks on printers like the Stackoverflowin hack in 2017 and the PewDiePie hack in 2018 did not seem to shock the public into securing their networked devices. SecurityAffairs – hacking, printers).

Hacking 144

Hacking IoT Firmware Internet 144

SecureList

MAY 31, 2021

If the victim organization is slow to pay up, even though its files are encrypted and some of its confidential data has been stolen, the attackers additionally threaten to carry out a DDoS attack. In addition to DDoS attacks, it has added spam and calls to clients and partners of the victim company to its toolbox.

Mobile 87

Mobile Adware Ransomware Malware 87

Krebs on Security

DECEMBER 14, 2023

KrebsOnSecurity began revisiting the research into Rescator’s real-life identity in 2018, after the U.S. Unbeknownst to Ika at the time, his Pustota forum also had been completely hacked that week, and a copy of its database shared with this author. Archive.org shows that Hot Spot’s website — myhotspot[.]ru

Cybercrime 225

Cybercrime Accountability Advertising Computers and Electronics 225

SecureList

MAY 27, 2022

In January, we reported a malicious campaign targeting companies that work with cryptocurrencies, smart contracts, decentralized finance and blockchain technology: the attackers are interested in fintech in general. The campaign has two goals: gathering information and stealing cryptocurrency. Roaming Mantis reaches Europe.

Phishing 103

Phishing Spyware Firmware Malware 103

SecureList

NOVEMBER 18, 2022

LockBit themselves attributed the leakage to one of their developers’ personal initiative, not the group’s getting hacked. In particular, researchers found Operation In(ter)ception , a campaign operated by North Korean Lazarus group, which targets macOS users looking for cryptocurrency jobs. Attacks via web resources.

Mobile 83

Mobile Malware Ransomware IoT 83

Security Affairs

OCTOBER 31, 2018

Ahead of the 2018 US midterm elections , sellers are flooding the cybercrime underground markets with data from voter databases. “Thousands of Instagram followers, Facebook likes, YouTube views and Twitter retweets are available for a small amount of cryptocurrency on the dark web. ” continues the report.

Identity Theft 87

Identity Theft Advertising Hacking Cybercrime 87

SecureList

AUGUST 15, 2022

Cybercriminals were spreading malicious documents that exploited CVE-2017-11882 and CVE-2018-0802 , which are the best-known vulnerabilities in the Equation Editor component. For instance, a new APT group Earth Berberoka (GamblingPuppet) that specializes in hacking online casinos, uses malware for Windows, Linux, and macOS.

Mobile 61

Mobile Adware Malware Ransomware 61

SecureList

MAY 27, 2022

million) including denominated in cryptocurrency; $600,000; 500,000 euros; computer equipment, the crypto wallets that were used to perpetrate crimes, and 20 luxury cars that were purchased with illicitly obtained money.” Similar IoT-threat statistics are published in the DDoS report for Q1 2022. Attacks via web resources.

Mobile 96

Mobile Adware Ransomware Malware 96

eSecurity Planet

NOVEMBER 2, 2022

In July 2001, the Code Red Worm attempted to subject the entire Internet to a distributed denial of service (DDoS) attack. Welcome to [link] Hacked By Chinese!”. Eventually, the infected computers were all directed to attempt a DDoS specifically on whitehouse.gov, though the White House managed to sidestep the assault.

Malware 138

Malware Ransomware Antivirus Internet 138

Adam Levin

DECEMBER 27, 2019

With what we experienced in 2016 and 2018, is there any doubt there will be a rise in disinformation–homegrown and imported–of all stripe in the upcoming elections? Cryptocurrency miners will continue to get rich off of stolen electricity. Buckle up, because that driverless car might be hacked along the way.

Cybersecurity 100

Cybersecurity CISO IoT Insurance 100

SecureList

MAY 9, 2024

Based on our telemetry, we pinpointed two victims within the South Korean cryptocurrency sector. Most of them are disguised as cryptocurrency-related programs and capable of downloading an additional payload from the actor-controlled server. This small group, active since 2022, mainly performs hack-and-leak operations.

Malware 119

Malware Government DDOS Cryptocurrency 119