SC Magazine

FEBRUARY 17, 2021

Charges against one of the three were first brought in 2018. The Department of Justice has unsealed an indictment against three members of Lazarus Group for a wide range of financially-motivated hacks against private businesses that authorities said were designed to steal $1.3 Mario Tama/Getty Images).

Hacking 103

Hacking Cryptocurrency Banking Malware 103

Security Affairs

APRIL 19, 2021

Avast researchers analyzed the activity of a simple cryptocurrency malware dubbed HackBoss that allowed its operators to earn over $560K. The antivirus company Avast analyzed the case of a simple malware dubbed HackBoss and how it allowed its operators to earn more $560K worth of cryptocurrency since November 2018.

Cryptocurrency 144

Cryptocurrency Malware Hacking Banking 144

Security Affairs

JUNE 24, 2020

The CryptoCore hacker group that is believed to be operating out of Eastern Europe has stolen around $200 million from online cryptocurrency exchanges. Experts from ClearSky states that a hacker group tracked as CryptoCore, which is believed to be operating out of Eastern Europe, has stolen around $200 million from cryptocurrency exchanges.

Cryptocurrency 103

Cryptocurrency Phishing Accountability Passwords 103

Security Affairs

MARCH 3, 2020

The Department of Justice has charged the two Chinese nationals for laundering cryptocurrency for North Korea-linked APT groups. for helping North Korea-linked hackers in laundering cryptocurrency. The cryptocurrency have been stolen by the APT groups from two cryptocurrency exchanges. and Li Jiadong (???),

Cryptocurrency 99

Cryptocurrency Banking Hacking Accountability 99

Security Affairs

MAY 8, 2019

Threat actors are exploiting a Jenkins vulnerability (CVE-2018-1000861) disclosed in 2018 to deliver a cryptocurrency miner using the Kerberods dropper. According to SANS handler Renato Marinho, a proof-of-concept (PoC) exploit for CVE-2018-1000861 was released in early March. Pierluigi Paganini.

Malware 87

Malware Cryptocurrency Advertising Internet 87

Security Affairs

SEPTEMBER 28, 2022

North Korea-linked Lazarus APT group is targeting macOS Users searching for jobs in the cryptocurrency industry. North Korea-linked Lazarus APT group continues to target macOS with a malware campaign using job opportunities as a lure. The second-stage malware extracts and executes the third-stage binary.

Malware 93

Malware Cryptocurrency Architecture Advertising 93

Security Affairs

DECEMBER 13, 2020

Researchers have discovered a botnet dubbed PgMiner that targets PostgreSQL databases running on Linux servers to install a cryptocurrency miner. Security researchers from Palo Alto Networks have discovered a new botnet, tracked as PgMiner, that targets PostgreSQL databases running on Linux servers to install a cryptocurrency miner.

Hacking 133

Hacking Cryptocurrency Authentication Passwords 133

Security Affairs

MAY 13, 2020

The United States Cyber Command (USCYBERCOM) has uploaded five new North Korean malware samples to VirusTotal. The United States Cyber Command (USCYBERCOM) has shared five new malware samples attributed to the North Korea-linked Lazarus APT , it has uploaded the malicious code to VirusTotal. SecurityAffairs – North Korea, hacking).

Malware 118

Malware Advertising Government Cryptocurrency 118

Security Affairs

SEPTEMBER 17, 2018

Palo Alto Network researchers discovered a new malware, tracked as XBash, that combines features from ransomware, cryptocurrency miners, botnets, and worms. Security researchers at Palo Alto Networks have discovered a new piece of malware, dubbed XBash piece that is targeting both Linux and Microsoft Windows servers.

Cryptocurrency 90

Cryptocurrency Malware Ransomware Cybercrime 90

Security Affairs

SEPTEMBER 19, 2018

The researchers set up a honeypot to collect data on infected IoT devices, the way threat actors infect IoT devices and what families of malware are involved. In the first six months of 2018, the experts observed a number of malware samples that was up three times as many samples targeting IoT devices as in the whole of 2017.

IoT 81

IoT Passwords Malware Advertising 81

Security Affairs

JANUARY 9, 2020

In the last 18 months, North Korea-linked Lazarus APT group has continued to target cryptocurrency exchanges evolving its TTPs. Kaspersky researchers have analyzed the attacks carried out by North Korea-linked Lazarus APT group in the past 18 months and confirmed their interest in banks and cryptocurrency exchanges.

Cryptocurrency 60

Cryptocurrency Malware Advertising Encryption 60

Malwarebytes

NOVEMBER 24, 2021

When free games lead to Malware. In 2018, Fortnite gamers were targeted by scammers pushing Trojan.Malpack files as Fortnite freebies. Researchers at Cluster25 spotted similar activity , targeting a multitude of interests including how-to guides, cryptocurrency, VPN software, and more. Comments disabled.

Malware 143

Malware Scams Passwords Cryptocurrency 143

Security Affairs

MAY 3, 2024

This second botnet exhibits greater discretion and improved operational security, as the associated malware operates exclusively in memory, leaving no malicious files on the disk. The analysis of memory dumps and command-and-control connections revealed that the botnet is running a variant of the Ngioweb malware.

Phishing 97

Phishing Cryptocurrency Internet Internet 97

Security Affairs

SEPTEMBER 2, 2020

Experts warn of the KryptoCibule Windows malware that has been active since late 2018 and has targeted users in the Czech Republic and Slovakia. Security researchers from ESET have shared technical detailts of a new piece of Windows malware tracked as KryptoCibule. ” reads the report. ” concludes ESET.

Cryptocurrency 135

Cryptocurrency Antivirus Malware Advertising 135

Security Affairs

DECEMBER 22, 2022

billion worth of cryptocurrency and other virtual assets in the past five years. billion) in cryptocurrency and other virtual assets in the past five years. The Government of Pyongyang focuses on crypto hacking to fund its military program following harsh U.N. million in cryptocurrency through this program.

Cryptocurrency 129

Cryptocurrency Cybercrime Media Government 129

Security Affairs

SEPTEMBER 17, 2021

A new malware written in Golang programming language, tracked as Capoae, is targeting WordPress installs and Linux systems. Akamai researchers spotted a new strain of malware written in Golang programming language, dubbed Capoae, that was involved in attacks aimed at WordPress installs and Linux systems. . Pierluigi Paganini.

Malware 88

Malware Cryptocurrency Encryption Hacking 88

Security Affairs

MARCH 13, 2019

Security experts at 360 Total Security have discovered a new modular cryptocurrency malware that implements worm capabilities to spread. The Monero cryptocurrency miner uses a worm module (Systemctl.exe) dubbed PsMiner written in the Go language which includes exploit modules used to hack into vulnerable servers.

Malware 78

Malware Cryptocurrency Advertising Passwords 78

Security Affairs

JUNE 27, 2021

Researchers have discovered a strain of cryptocurrency-mining malware, tracked as Crackonosh, that abuses Windows Safe mode to avoid detection. . Researchers from Avast have spotted a strain of cryptocurrency miner, tracked as Crackonosh, that abuses Windows Safe mode to avoid detection. ” continues the report.

Antivirus 110

Antivirus Cryptocurrency Malware Software 110

Security Affairs

AUGUST 30, 2020

The US DoJ has filed a civil forfeiture complaint with the intent to seize control over 280 Bitcoin and Ethereum accounts that are believed to be holding funds which are the proceeds of hacking campaigns conducted by North Korea-linked APT groups against two cryptocurrency exchanges. In the second attack, threat actors stole $2.5

Cryptocurrency 116

Cryptocurrency Hacking Advertising Accountability 116

Adam Levin

JULY 8, 2020

Many of these faux-Zoom sites were used to distribute malware under the guise of links to online meetings. Hackers were also quick to pounce on the disruption caused by the 2018 shutdown of the U.S. ” Hacking campaigns exploiting poor domain name security can be more subtle. . All of these can be extinction-level events.

Hacking 130

Hacking Retail Cyber Insurance Authentication 130

Krebs on Security

APRIL 7, 2022

The DOJ said it did not seek to disinfect compromised devices; instead, it obtained court orders to remove the Cyclops Blink malware from its “command and control” servers — the hidden machines that allowed the attackers to orchestrate the activities of the botnet. energy facilities. ” HYDRA. ” HYDRA. .

Marketing 247

Marketing Energy and Utilities Malware Ransomware 247

Security Affairs

AUGUST 8, 2019

Avast spotted a new strain of Clipsa malware that is used to mine and steal cryptocurrencies along with carrying out brute-force attacks on WordPress sites. Clipsa is a malware that is well known to cyber security community is able to steal cryptocurrency via clipoard hijacking and mine cryptocurrency after installing a miner. .

Malware 88

Malware Cryptocurrency Passwords Internet 88

SiteLock

AUGUST 27, 2021

In fact, website attacks increased 14 percent in Q1 2018 compared to Q4 2017 as cybercriminals set their sights on independent websites and small businesses. The SiteLock Website Security Insider Q1 2018 analyzes data from over 10 million websites to pinpoint the threats website owners need to be aware of.

Small Business 52

Small Business Media Risk Data breaches 52

Security Affairs

MAY 12, 2019

Two hacking groups associated with large-scale crypto mining campaigns, Pacha Group and Rocke Group , wage war to compromise as much as possible cloud-based infrastructure. The first group tracked as Pacha Group has Chinese origins, it was first detected in September 2018 and is known to deliver the Linux.GreedyAntd miner.

Hacking 65

Hacking Cryptocurrency Advertising Cybercrime 65

Security Affairs

MARCH 19, 2019

Security experts at Group-IB presented at Money2020 Asia the results of an interesting analysis of hi-tech crime landscape in Asia in 2018. The number of leaked cards increased in 2018 by 56%. The total underground market value of Singaporean banks’ cards compromised in 2018 is estimated at nearly $640 000.

Banking 80

Banking Government Passwords Marketing 80

Security Affairs

SEPTEMBER 9, 2018

Researchers from Kaspersky have published a new report on the attacks on ICS systems observed by its products in the first half of 2018. Kaspersky Lab experts have published a new report titled “Threat Landscape for Industrial Automation Systems” report for H1 2018, that includes interesting data related to attacks against the ICS systems.

Internet 53

Internet Internet Advertising Malware 53

CyberSecurity Insiders

APRIL 19, 2023

Trigona was first spotted in October 2022 by MalwareHunterTeam, who analyzed the possibilities and concluded that the malware-spreading gang uses Monero Cryptocurrency from their victims to offer a decryption key in exchange.

Ransomware 96

Ransomware Cryptocurrency Banking Cyber Attacks 96

Security Affairs

MARCH 28, 2019

Security experts at Group-IB have detected the activity of Gustuff a mobile Android Trojan, which includes potential targets of customers in leading international banks, users of cryptocurrency services, popular ecommerce websites and marketplaces. Gustuff has previously never been reported.

Banking 89

Banking Cryptocurrency Mobile Advertising 89

Security Affairs

MARCH 17, 2022

Microsoft released an open-source tool to secure MikroTik routers and check for indicators of compromise for Trickbot malware infections. Microsoft has released an open-source tool, dubbed RouterOS Scanner, that can be used to secure MikroTik routers and check for indicators of compromise associated with Trickbot malware infections.

Malware 121

Malware DNS Passwords Ransomware 121

Security Affairs

JULY 29, 2018

New Underminer exploit kit delivers a bootkit that infects the system’s boot sectors as well as a cryptocurrency miner dubbed Hidden Mellifera. “Underminer delivers a bootkit that infects the system’s boot sectors as well as a cryptocurrency-mining malware named Hidden Mellifera.” Pierluigi Paganini.

Cryptocurrency 45

Cryptocurrency Advertising Malware Encryption 45

Security Affairs

JUNE 22, 2021

Experts defined DirtyMoe as a complex malware that has been designed as a modular system. The Windows botnet has been active since late 2017, it was mainly used to mine cryptocurrency, but it was also involved in DDoS attacks in 2018. “Both PurpleFox and DirtyMoe are still active malware and gaining strength.”

DNS 129

DNS Cryptocurrency Internet Internet 129

Krebs on Security

MAY 22, 2023

Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms. The messages said recipients had earned an investment credit at a cryptocurrency trading platform called moonxtrade[.]com. In May 2020, Zipper told another Lolzteam member that quot[.]pw

Scams 243

Scams DDOS Cryptocurrency Accountability 243

Security Affairs

FEBRUARY 17, 2021

The indictment unsealed today charges two North Korean officials, Jon Chang Hyok (31), and Kim Il (27), and expands the charges initially brought against Park Jin- hyok in 2018 by the DoJ. In 2018, the U.S. Department of Justice charged Park over WannaCry and 2014 Sony Pictures Entertainment Hack. sanctions.

Cryptocurrency 74

Cryptocurrency Banking Hacking Ransomware 74

Security Affairs

NOVEMBER 4, 2020

KPOT Stealer is a “stealer” malware that focuses on exfiltrating account information and other data from web browsers, instant messengers, email, VPN, RDP, FTP, cryptocurrency, and gaming software. The KPOT Stealer was written in C/C++, it was offered in the cybercrime underground as a Malware-as-a-Service (MaaS).

Ransomware 137

Ransomware Malware Advertising Cybercrime 137

Security Affairs

NOVEMBER 19, 2021

Since 2018, Proofpoint researchers tracked the activity associated with TA406 as three distinct threat actors, namely TA406, TA408 and TA427. TA406 doesn’t usually employ malware in its campaigns, however, researchers tracked two campaigns that were attempting to distribute information-stealer malware. ” reads the report.

Cryptocurrency 86

Cryptocurrency Malware Government Education 86

Security Affairs

APRIL 5, 2019

Researchers at AT&T Alien Labs have spotted a malware called Xwo that is actively scanning the Internet for exposed web services and default passwords. Experts at AT&T Alien Labs discovered a new piece of malware called Xwo that is actively scanning the Internet for exposed web services and default passwords. Www backup paths.

Internet 90

Internet Internet Passwords Malware 90

Security Affairs

OCTOBER 18, 2018

Group-IB has estimated that crypto exchanges suffered a total loss of $882 million due to targeted attacks between 2017 and 2018. According to Group-IB experts, at least 14 crypto exchanges were hacked. Some of the exchanges went bankrupt after the hacks, i.e. Bitcurex, YouBit, Bitgrail. rimeCon conference.

Cyber Attacks 86

Cyber Attacks Cryptocurrency Phishing Social Engineering 86