Security Affairs

JULY 6, 2021

The alleged perpetrator, who turned out to be a citizen of Morocco, was arrested in May by the Moroccan police based on the data about his cybercrimes that was provided by Group-IB. Almost each of the scripts contained in the phishing kit had its creator’s nickname, Dr HeX, and contact email address.

Cybercrime 95

Cybercrime Phishing Banking Telecommunications 95

Malwarebytes

JUNE 8, 2021

Sometimes, it’s used even if an attack being discussed is a basic phish, or maybe some very generic malware. This isn’t a good thing when tackling malware developments. ” Have you ever stopped to consider “what, exactly, are we up against” when dealing with malware? “How bad is it, really?”

Cybercrime 107

Cybercrime Malware Banking Phishing 107

Security Affairs

JANUARY 30, 2019

According to the ENISA Threat Landscape Report 2018, 2018 has brought significant changes in the techniques, tactics, and procedures associated with cybercrime organizations and nation-state actors. Nation-state hacking reduced the use of complex malware and appears to go towards low profile social engineering attacks.

Cyber threats 82

Cyber threats IoT Social Engineering Advertising 82

Security Affairs

MARCH 14, 2024

“The phishing campaign employed open redirect URLs from Google Ad technologies to distribute fake Microsoft software installers (.MSI) “The fake installers contained a sideloaded DLL file that decrypted and infected users with a DarkGate malware payload.” MSI) installers. In mid-February, U.S.

Phishing 104

Phishing Malware Software Internet 104

SecureList

OCTOBER 20, 2021

Having been in the field for so long, we have witnessed some major changes in the cybercrime world’s modus operandi. This report shares our insights into the Russian-speaking cybercrime world and the changes in how it operates that have happened in the past five years. Client-side attacks on the wane.

Cybercrime 137

Cybercrime Banking Malware Ransomware 137

Security Affairs

NOVEMBER 3, 2022

It focused on deploying POS malware and launching targeted spear-phishing attacks against organizations worldwide. In the background, the malware disables Windows Defender, EDR, and antivirus tools before dropping the ransomware payload. ” Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Cybercrime 95

Cybercrime Ransomware Antivirus Malware 95

Security Affairs

NOVEMBER 9, 2022

Experts noticed that the Amadey malware is being used to deploy LockBit 3.0 Researchers from AhnLab Security Emergency Response Center (ASEC) reported that the Amadey malware is being used to deploy LockBit 3.0 Amadey Bot is a data-stealing malware that was first spotted in 2018, it also allows operators to install additional payloads.

Malware 89

Malware Ransomware Cybercrime Phishing 89

Security Affairs

MAY 3, 2024

The threat actors used the botnet harvest credentials, collect NTLMv2 digests, proxy network traffic, and host spear-phishing landing pages and custom tools. This second botnet exhibits greater discretion and improved operational security, as the associated malware operates exclusively in memory, leaving no malicious files on the disk.

Phishing 96

Phishing Cryptocurrency Internet Internet 96

Security Affairs

JANUARY 2, 2020

Crooks are exploiting the popularity of the Star Wars saga to monetize their efforts, experts warn of online streaming sites delivering malware. Cybercriminals leverage popular movies like Star Wars to lure users into downloading malware to watch exclusive scenes or the full movie. Pierluigi Paganini.

Phishing 80

Phishing Malware Advertising Media 80

SiteLock

AUGUST 27, 2021

This is the reality for many website owners, and now more than ever, they need to be on alert for cyberattacks in 2018. In Q3 2017, SiteLock discovered alarming cybercrime trends that will likely affect websites for months to come. In Q2 2017, backdoors accounted for 23 percent of malware files. Phishing Kits.

Malware 52

Malware Engineering Phishing Accountability 52

Security Affairs

JULY 19, 2020

The four malware families are named Guildma, Javali, Melcoz, and Grandoreiro, experts believe are the result of a Brazilian banking group/operation that is evolving its capabilities targeting banking users abroad. Experts noticed that the malware uses the BITSAdmin tool to download the additional modules.

Banking 103

Banking Malware Phishing Advertising 103

Krebs on Security

JULY 20, 2021

A federal judge in Connecticut today handed down a sentence of time served to spam kingpin Peter “Severa” Levashov , a prolific purveyor of malicious and junk email, and the creator of malware strains that infected millions of Microsoft computers globally. Severa was a moderator on the Russian spam community Spamdot[.]biz.

Antivirus 297

Antivirus Cybercrime Identity Theft Scams 297

Malwarebytes

DECEMBER 5, 2022

In January of 2022 the Malwarebytes Intelligence Team uncovered a campaign where Lazarus conducted spear phishing attacks weaponized with malicious documents that used a familiar job opportunities theme. In October 2022, Lazarus Group started using a malicious Microsoft Office document to deliver the AppleJeus malware. Second wave.

Cryptocurrency 76

Cryptocurrency Malware Scams Cybercrime 76

Security Affairs

NOVEMBER 16, 2018

According to Group-IB’s report findings, Asia is one of the most actively attacked regions in the world, the company presented latest cybercrime trends. In 2017-2018 hackers’ interest in cryptocurrency exchanges ramped up. In 2018 the direct financial losses from these attacks amounted to almost $20 million. Attacks on Crypto.

Cybercrime 83

Cybercrime Hacking Banking Phishing 83

CyberSecurity Insiders

APRIL 5, 2023

North Korea has established a hacking group named APT43 to fund its cybercrime activities, aimed at advancing Pyongyang’s geopolitical interests. Additionally, a new spying team named Archipelago, a subset of APT43, has emerged and is using phishing tactics to tar-get potential victims.

Hacking 105

Hacking Social Engineering Cryptocurrency Manufacturing 105

Security Affairs

APRIL 8, 2019

Bahrain, 08.04.2019 – Group-IB, an international company that specializes in preventing cyberattacks , and NGN International, a global system integrator, analyzed cybersecurity landscape in Gulf countries in 2018. According to Group-IB’s annual Hi-Tech Crime Trends 2018 report, on average, from June 2017 to August 2018, the details of 1.8

Artificial Intelligence 64

Artificial Intelligence Government Banking Advertising 64

SecureList

FEBRUARY 23, 2022

SpyEye, developed in 2009 and described as a “bank Trojan with a form grabbing capability”, surged from the eighth most common banking malware tool with a 3.4% Emotet (9.3%), described by Europol as “the world’s most dangerous malware”, underwent a drop of five percentage points between 2020 and 2021.This

Banking 94

Banking Phishing Cryptocurrency Malware 94

Threatpost

MARCH 20, 2019

Despite the 2018 crackdown on Fin7, the cybercrime group has been ramping up its efforts with two new malware samples and an attack panel.

Malware 50

Malware Cybercrime Banking Phishing 50

Security Affairs

OCTOBER 23, 2018

The latest version of the Azorult was delivered through the RIG exploit kit as well as other sources, previous variants were mainly distributed via weaponized Office documents as attachment of phishing messages. Later it was involved in many malspam attacks, but only in July 2018, the authors released a substantially updated variant.

Marketing 78

Marketing Cybercrime Cryptocurrency Advertising 78

Security Affairs

APRIL 8, 2022

A Ukrainian man was sentenced in the US to 5 years in prison for his criminal activity in the cybercrime group FIN7. for high-level hacking activity in the cybercrime group FIN7 (aka Carbanak Group and the Navigator Group). Iarmak was involved in FIN7 criminal activities from approximately November 2016 through November 2018.

Cybercrime 106

Cybercrime Hacking Software Phishing 106

Security Affairs

OCTOBER 18, 2020

Researchers from FireEye’s Mandiant observed FIN11 hackers using spear-phishing messages distributing a malware downloader dubbed FRIENDSPEAK. ” The attack chain starts when the victims enable the macro embedded in an Excel spreadsheet that came with the phishing e-mails. . ” reads the analysis published by FireEye.

Ransomware 132

Ransomware Malware Telecommunications Advertising 132

Krebs on Security

SEPTEMBER 6, 2021

In May 2015, KrebsOnSecurity briefly profiled “ The Manipulaters ,” the name chosen by a prolific cybercrime group based in Pakistan that was very publicly selling spam tools and a range of services for crafting, hosting and deploying malicious email. One of several current Fudtools sites run by The Manipulaters.

Software 239

Software Phishing Cybercrime Accountability 239

Security Affairs

OCTOBER 3, 2021

TA544 is a financially motivated threat actor that is active at least since 2017, it focuses on attacks on banking users, it leverages banking malware and other payloads to target organizations worldwide, mainly in Italy and Japan. Since 2018, attackers have employed very sophisticated techniques in their attacks. Pierluigi Paganini.

Malware 83

Malware Banking Social Engineering Retail 83

SecureList

MARCH 29, 2023

However, traditional financial threats – such as banking malware and financial phishing, continue to take up a significant share of such financially-motivated cyberattacks. For instance, malicious spam campaigns targeting organizations grew 10-fold in April 2022, spreading Qbot and Emotet malware.

Banking 71

Banking Phishing Cryptocurrency Mobile 71

SC Magazine

FEBRUARY 17, 2021

Charges against one of the three were first brought in 2018. Park was already charged in 2018 for the WannaCry attacks, and the indictment expands charges against him for other hacking campaigns. The advisory contains technical analysis as well as indicators of compromise that security teams can use to detect the malware.

Hacking 103

Hacking Cryptocurrency Banking Malware 103

Security Affairs

JUNE 24, 2020

The CryptoCore group, aks Crypto-gang, “Dangerous Password”, and “Leery Turtle” has been active since 2018. “While the group’s key infiltration vector to the exchange is usually through spear-phishing against the corporate network, the executives’ personal email accounts are the first to be targeted.”

Cryptocurrency 102

Cryptocurrency Phishing Accountability Passwords 102

Malwarebytes

APRIL 19, 2022

These days, financial cybercrimes often involve Bitcoin and other cryptocurrencies. Since 2018, one of the Lazarus Group’s tactics has been to disguse AppleJeus malware as cryptocurrency trading platforms for both Windows and Mac. Use endpoint protection to detect exploits and stop malware. Spearphishing campaigns.

Social Engineering 115

Social Engineering Cryptocurrency Computers and Electronics Engineering 115

Security Affairs

FEBRUARY 8, 2022

The Roaming Mantis SMS phishing campaign is now targeting Android and iPhone users in Europe with malicious apps and phishing pages. Roaming Mantis surfaced in March 2018 when hacked routers in Japan redirecting users to compromised websites. ” concludes Kaspersky.

Phishing 86

Phishing DNS Malware Hacking 86

The Last Watchdog

JUNE 21, 2020

Balaban This ransomware was doing the rounds over spam generated by the Gameover ZeuS botnet, which had been originally launched in 2011 as a toolkit for stealing victim’s banking credentials and was repurposed for malware propagation. RaaS rollout 2015 – 2018. Targeting enterprises Late 2018 – present day.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

SiteLock

AUGUST 27, 2021

What is malware? The first real instance of malware occurred in the early 1970s — when BBN Technologies engineer Bob Thomas wrote the code behind the so-called “ Creeper worm.” Malware originally targeted computers themselves: logging keystrokes, stealing data, and spreading to other machines whenever possible. As many as 17.6

Small Business 52

Small Business Malware Data breaches Insurance 52

Security Affairs

SEPTEMBER 4, 2021

FIN7 cybercrime gang used weaponized Windows 11 Alpha-themed Word documents to drop malicious payloads, including a JavaScript backdoor. Anomali Threat Research experts have monitored recent spear-phishing attacks conducted by financially motivated threat actor FIN7. The attack chain began with a Microsoft Word document (.doc)

Cybercrime 116

Cybercrime Retail Phishing Hacking 116

Security Affairs

JANUARY 28, 2023

The recent Hive infrastructure takedown as well as other major gangs dissolution such as Conti in 2022, is making room in the cybercrime business The Lockbit locker leaked a few months ago in the underground, is increasing its popularity and adoption among micro-criminal actors.

Penetration Testing 89

Penetration Testing Ransomware Firewall Social Engineering 89

Cisco Security

AUGUST 12, 2021

For several years, Cisco Secure provided DNS visibility and architecture intelligence with Cisco Umbrella and Cisco Umbrella Investigate ; and automated malware analysis and threat intelligence with Cisco Secure Malware Analytics (Threat Grid) , backed by Cisco Talos Intelligence and Cisco SecureX. CyberCrime Tracker.

DNS 144

DNS Firewall Phishing Mobile 144

Security Affairs

FEBRUARY 12, 2020

The FBI’s Internal Crime Complaint Center (IC3) released the FBI 2019 Internet Crime Report , a document that outlines cybercrime trends over the past year. The figure that most of all capture our attention is that victims of cybercrime activities lost $3.5 SecurityAffairs – IC3, cybercrime). Billion in 2019. million. .

Internet 110

Internet Internet Scams Cybercrime 110

Malwarebytes

APRIL 20, 2021

In 2018 three high-ranking members of a sophisticated international cybercrime group operating out of Eastern Europe were arrested and taken into custody by US authorities. The Carbanak campaign first made international headlines in 2015 as one of the first malware campaigns that specialized in remote ATM robberies. The malware.

System Administration 82

System Administration Banking Malware Penetration Testing 82

Security Affairs

JANUARY 13, 2019

Proofpoint analyzed two strains of malware tracked as ServHelper and FlawedGrace distributed through phishing campaigns by the TA505 crime gang. Security researchers at Proofpoint researchers discovered two strains of malware tracked as ServHelper and FlawedGrace distributed through phishing campaigns by the TA505 crime gang.

Malware 91

Malware DNS Financial Services Retail 91

SiteLock

AUGUST 27, 2021

If you’ve ever visited a website only to be greeted by a red screen warning you about a malware infection , you’ve found a blacklisted site. Search engines do their part to protect users everywhere from malware and cybercrime through a process known as “blacklisting.” What is malware? What is blacklisting?

Malware 98

Malware Engineering Phishing Cybercrime 98