Security Affairs

OCTOBER 20, 2021

A Cookie Theft malware was employed in phishing attacks against YouTube creators, Google’s Threat Analysis Group (TAG) warns. Financially motivated threat actors are using Cookie Theft malware in phishing attacks against YouTube creators since late 2019. Below are the job descriptions used to recruit the hackers.

Accountability 126

Accountability Malware Phishing Social Engineering 126

Security Affairs

FEBRUARY 19, 2024

The Raccoon stealer was first spotted in April 2019, it was designed to steal victims’ credit card data, email credentials, cryptocurrency wallets, and other sensitive data. The Raccoon stealer is written in C++ by Russian-speaking developers who initially promoted it exclusively on Russian-speaking hacking forums.

Identity Theft 94

Identity Theft Cryptocurrency Cybercrime Hacking 94

Malwarebytes

MAY 16, 2022

2021 saw a massive surge in detections of malware, adware, and Potentially Unwanted Programs (PUPs). Detections of malware on Windows business machines were 143% higher in 2021 than in 2020, and 65% higher on consumer machines. Windows malware detection totals 2019-2021.

Malware 81

Malware Adware Cryptocurrency Cybercrime 81

Security Affairs

MARCH 3, 2020

The Department of Justice has charged the two Chinese nationals for laundering cryptocurrency for North Korea-linked APT groups. for helping North Korea-linked hackers in laundering cryptocurrency. The cryptocurrency have been stolen by the APT groups from two cryptocurrency exchanges. and Li Jiadong (???),

Cryptocurrency 99

Cryptocurrency Banking Hacking Accountability 99

Security Boulevard

AUGUST 2, 2022

Current threat actor activity is incentivized by a broad attack surface represented through high volumes of users and systems, and high potential profits represented through the variety of cryptocurrency offerings. It is easy to detect and block things like malicious cryptocurrency apps or crypto-phishing websites.

Cryptocurrency 98

Cryptocurrency Ransomware Government Risk 98

Security Affairs

JANUARY 9, 2020

In the last 18 months, North Korea-linked Lazarus APT group has continued to target cryptocurrency exchanges evolving its TTPs. Kaspersky researchers have analyzed the attacks carried out by North Korea-linked Lazarus APT group in the past 18 months and confirmed their interest in banks and cryptocurrency exchanges.

Cryptocurrency 60

Cryptocurrency Malware Advertising Encryption 60

Security Affairs

FEBRUARY 24, 2020

Raccoon Malware is a recently discovered infostealer that can extract sensitive data from about 60 applications on a targeted system. Racoon malware , Legion, Mohazo, and Racealer, is an infostealer that recently appeared in the threat landscape that is advertised in hacking forums.

Cybercrime 91

Cybercrime Malware Cryptocurrency Advertising 91

Security Affairs

NOVEMBER 18, 2020

Experts from Cybereason Nocturnus uncovered an active campaign that targets users of a large e-commerce platform in Latin America with Chaes malware. Experts at Cybereason Nocturnus have uncovered an active campaign targeting the users of a large e-commerce platform in Latin America with malware tracked as Chaes.

Phishing 116

Phishing Malware Cryptocurrency Information Security 116

Security Affairs

DECEMBER 22, 2022

billion worth of cryptocurrency and other virtual assets in the past five years. billion) in cryptocurrency and other virtual assets in the past five years. The Government of Pyongyang focuses on crypto hacking to fund its military program following harsh U.N. million in cryptocurrency through this program.

Cryptocurrency 129

Cryptocurrency Cybercrime Media Government 129

Security Affairs

MAY 17, 2020

Organizations managing supercomputers across Europe reported their systems have been compromised to deploy cryptocurrency miners. Crooks have compromised supercomputers across Europe to deploy cryptocurrency miners, incidents have been already reported in the UK, Germany, and Switzerland. SecurityAffairs – supercomputers, hacking).

Hacking 96

Hacking Cryptocurrency Advertising Malware 96

Security Affairs

AUGUST 30, 2020

The US DoJ has filed a civil forfeiture complaint with the intent to seize control over 280 Bitcoin and Ethereum accounts that are believed to be holding funds which are the proceeds of hacking campaigns conducted by North Korea-linked APT groups against two cryptocurrency exchanges. In the second attack, threat actors stole $2.5

Cryptocurrency 117

Cryptocurrency Hacking Advertising Accountability 117

Security Affairs

MAY 2, 2024

Vasinskyi is a REvil ransomware affiliate since at least March 1st, 2019. ” The co-conspirators demanded ransom payments in cryptocurrency and used cryptocurrency exchangers and mixing services to hide their ill-gotten gains. . Vasinskyi was extradited to the U.S. in March 2022.

Ransomware 89

Ransomware Cryptocurrency Cybercrime Encryption 89

Security Affairs

AUGUST 28, 2020

A new variant of the infamous Lemon_Duck cryptomining malware has been updated to targets Linux devices. Security researchers from Sophos have spotted a new variant of the Lemon_Duck cryptomining malware that has been updated to compromise Linux machines via SSH brute force attacks. SecurityAffairs – hacking, Lemon_Duck).

Malware 138

Malware Authentication Passwords Internet 138

Krebs on Security

APRIL 7, 2022

The DOJ said it did not seek to disinfect compromised devices; instead, it obtained court orders to remove the Cyclops Blink malware from its “command and control” servers — the hidden machines that allowed the attackers to orchestrate the activities of the botnet. energy facilities. ” HYDRA. ” HYDRA. .

Marketing 247

Marketing Energy and Utilities Malware Ransomware 247

Security Affairs

JUNE 22, 2022

Threat actors are using the Rig Exploit Kit to spread the Dridex banking trojan instead of the Raccoon Stealer malware. The Raccoon stealer was first spotted in April 2019, it was designed to steal victims’ credit card data, email credentials, cryptocurrency wallets, and other sensitive data. Pierluigi Paganini.

Banking 86

Banking Cryptocurrency Malware Hacking 86

Security Affairs

FEBRUARY 2, 2021

ESET experts uncovered a previously undocumented piece of malware that had been observed targeting high-performance computing clusters (HPC). ESET analyzed a new piece of malware, dubbed Kobalos, that was employed in attacks against high-performance computing clusters (HPC). SecurityAffairs – hacking, Intel).

Malware 95

Malware Internet Internet Cryptocurrency 95

Security Affairs

APRIL 1, 2020

Racoon malware (aka Legion, Mohazo, and Racealer) is an info-stealer that recently appeared in the threat landscape that is advertised in hacking forums. The malware is cheap compared to similar threats, it is able to steal sensitive data from about 60 applications, including (browsers, cryptocurrency wallets, email and FTP clients).

Cryptocurrency 101

Cryptocurrency Malware Advertising Hacking 101

Security Affairs

JULY 16, 2020

Researchers spotted a new Android banking trojan dubbed BlackRock malware that steals credentials and credit card data from hundreds of apps. The BlackRock malware borrows the code from the Xerxes banking malware, which is a strain of the popular LokiBot Android trojan. Coinbase, BitPay, and Coinbase), and banks (i.e.

Malware 89

Malware Banking Mobile Spyware 89

SecureWorld News

JUNE 23, 2022

In the 2019 incident, Thompson used her hacking prowess—and insider knowledge of AWS vulnerability scanning—to steal the personal data of more than 100 million people in the U.S. The hacker, operating under the online alias of "erratic," went on to illegally install malware on unlawfully accessed servers to mine for cryptocurrency.

Cryptocurrency 83

Cryptocurrency Data breaches Hacking Malware 83

Security Affairs

OCTOBER 26, 2022

The Raccoon stealer was first spotted in April 2019, it was designed to steal victims’ credit card data, email credentials, cryptocurrency wallets, and other sensitive data. The Raccoon stealer is written in C++ by Russian-speaking developers that initially promoted it exclusively on Russian-speaking hacking forums.

Identity Theft 81

Identity Theft Cryptocurrency Cyber threats Cybercrime 81

Security Boulevard

MAY 27, 2022

The Exfiltration Phase of The Kill Chain of a Cryptocurrency-Based Attack Provides the Greatest Opportunity to Identify Cybercriminals. Cryptocurrency gained through illicit means is less useable than other assets due to the way cryptocurrency systems currently do not fully protect owner identity and allow for only limited liquidity.

Cryptocurrency 59

Cryptocurrency Risk Marketing Architecture 59

Security Affairs

APRIL 28, 2023

to disrupt the operations of the CryptBot malware, which experts estimate infected approximately 670,000 computers this past year. Google targeted the distributors of the malware who are paid to spread and deliver the malicious code and infect a larger number of systems as possible. ” reads the announcement published by Google.

Malware 91

Malware Cybercrime Cryptocurrency Media 91

Security Affairs

DECEMBER 29, 2023

One of the key significant improvements are support of more software clients (including browser-based cryptocurrency wallets), upgraded credit card (CC) grabber, and additional advanced mechanisms for password storage dump on various platforms to extract credentials and tokens.

Password Management 126

Password Management Cryptocurrency Passwords Authentication 126

Security Affairs

AUGUST 18, 2020

Ukrainian authorities arrested the members of a cybercrime gang who ran 20 cryptocurrency exchanges involved in money laundering. Police in Ukraine announced the arrest of the members of a cybercrime gang composed of three individuals who ran 20 cryptocurrency exchanges used in money laundering activities. Pierluigi Paganini.

Cryptocurrency 104

Cryptocurrency Computers and Electronics Cybercrime Digital transformation 104

Security Affairs

JUNE 1, 2019

As with all cryptocurrency miners, it uses the resources of the host system to mine cryptocurrency (Monero in this instance) without the owner’s knowledge.” “An interesting characteristic of the attack is that it uses a cryptocurrency miner that it is being built from scratch instead of an existing one.”

Hacking 91

Hacking Cryptocurrency Advertising Accountability 91

Security Affairs

JULY 21, 2022

The gang focuses on infecting cloud hosts to deploy cryptocurrency miners by exploiting known vulnerabilities and conducting brute-force attacks. In a recent campaign, the group targeted i686 and x86_64 Linux systems and uses RCE exploits for CVE-2022-26134 (Atlassian Confluence) and CVE-2019-2725 (WebLogic) for initial access.

Cryptocurrency 89

Cryptocurrency Malware Internet Internet 89

Security Affairs

MAY 22, 2022

The PowerShell command installs the NukeSped backdoor on the vulnerable server, this backdoor was first analyzed by Fortinet researchers in 2019 that attributed it to the Lazarus APT. The 2 malware types discovered are both console types, not saving the leak result in separate files. SecurityAffairs – hacking, domain name system).

Cryptocurrency 136

Cryptocurrency Internet Internet Malware 136

Security Affairs

DECEMBER 7, 2021

Taiwanese vendor QNAP warns customers of ongoing attacks targeting their NAS devices with cryptocurrency miners. Taiwanese vendor QNAP warns customers of threat actors targeting their NAS devices with cryptocurrency miners. Install and update Malware Remover to the latest version. SecurityAffairs – hacking, IoT).

Cryptocurrency 99

Cryptocurrency Ransomware Malware Passwords 99

Security Affairs

JANUARY 31, 2021

The Rocke group is using a new piece of cryptojacking malware dubbed Pro-Ocean to target Apache ActiveMQ, Oracle WebLogic, and Redis installs. The cybercrime group Rocke is using a new piece of cryptojacking malware called Pro-Ocean to target vulnerable Apache ActiveMQ, Oracle WebLogic, and Redis intalls.

Malware 84

Malware Cryptocurrency Firewall Cybercrime 84

Security Affairs

JUNE 26, 2020

As a result of the raids on 232 sites, the agents have found weapons, drugs, computers, around 50,000 euros ($56,300) in cash, cryptocurrency, the police also seized 300 terabytes of data. ” Local authorities arrested a 26-year-old man suspected to be the administrator of the forum in May 2019 while he was entering Germany. .

Advertising 127

Advertising Cryptocurrency Malware Hacking 127

Security Affairs

JULY 6, 2020

In the past, the APT targeted banks and cryptocurrency exchanges , according to the experts the overall operations allowed the group to earn $2 billion. “Sansec has found proof of global skimming activity that has multiple, independent links to previously documented, North Korea attributed hacking operations. .

Retail 98

Retail Advertising Malware Cryptocurrency 98

Security Affairs

FEBRUARY 8, 2020

Hackers have infected with a piece of malware some IoT devices running Windows 7 designed by three of the world’s largest manufacturers. Security experts from TrapX reported that some IoT devices running Windows 7 have been infected with a piece of malware, is it a supply chain attack? ” reads the report p ublished by TrapX.”First,

Manufacturing 123

Manufacturing IoT Malware Cryptocurrency 123

Security Affairs

OCTOBER 13, 2021

Avast researchers reported that since 2019, MyKings operators have amassed at least $24 million in the Bitcoin, Ethereum, and Dogecoin. However, experts pointed out that the botnet uses more than 20 cryptocurrencies in total, for this reason the total financial gains could be greater than $24M. Pierluigi Paganini.

Cryptocurrency 102

Cryptocurrency Encryption Malware Hacking 102

Security Affairs

MARCH 21, 2022

Experts defined DirtyMoe as a complex malware that has been designed as a modular system. The Windows botnet has been active since late 2017, it was mainly used to mine cryptocurrency, but it was also involved in DDoS attacks in 2018. The malware implements six methods to generate IPs with the help of a pseudo-random generator.

Malware 73

Malware Passwords DDOS Internet 73

Security Affairs

NOVEMBER 15, 2023

The IPStorm botnet was first uncovered in May 2019 while targeting Windows systems, not experts from Intezer reported that the bot evolved to infect other platforms, including Android, Linux, and Mac devices. reads the Intezer’s report. ” reads the press release published by DoJ. and proxx.net.” and proxx.net.”

Hacking 91

Hacking Cryptocurrency Cyber Attacks Advertising 91

Security Affairs

SEPTEMBER 3, 2022

Google rolled out emergency fixes to address actively exploited Chrome zero-day Samsung discloses a second data breach this year The Prynt Stealer malware contains a secret backdoor. SecurityAffairs – hacking, newsletter). Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Data breaches 65

Data breaches Malware Surveillance Ransomware 65

Security Affairs

SEPTEMBER 17, 2020

US Department of Justice announced indictments against 5 Chinese nationals alleged members of a state-sponsored hacking group known as APT41. The attacks also aimed at carrying out other criminal activities, such as the deployment of ransomware and cryptocurrency malware. SecurityAffairs – hacking, APT41 ).

Identity Theft 100

Identity Theft Advertising Government Technology 100