Heimadal Security

NOVEMBER 22, 2022

A Google Chrome browser extension named VenomSoftX is being deployed by Windows malware to steal cryptocurrency and clipboard contents as people browse the web. It also hijacks other internet browsers, including Safari and Firefox. ViperSoftX has been around since 2020. The Chrome extension is a JavaScript-based Trojan.

Cryptocurrency 52

Cryptocurrency Passwords Internet Internet 52

SecureList

MAY 26, 2021

The statistics in this report cover the period from May 2020 to April 2021, inclusive. 70% of Internet user computers in the EU experienced at least one Malware-class attack. Number of EU users attacked by financial malware, May 2020 – April 2021 ( download ). Main figures. Threat geography. Country. %*. Threat geography.

Phishing 131

Phishing Malware Ransomware Adware 131

Malwarebytes

MARCH 1, 2023

Despite a very slim browser market share, Internet Explorer (IE) is still being exploited by exploit kits like the RIG exploit kit (EK). According to Malwarebytes’ Senior Director of Threat Intelligence Jérôme Segura: “RIG EK is probably one of the last exploit kits targeting Internet Explorer still around.

Internet 95

Internet Internet Social Engineering Malware 95

IT Security Guru

APRIL 2, 2021

Cryptocurrencies are a topic that touches many areas; not only finance and investing but technology and even political arenas. Although apolitical in itself, it is the structure behind these cryptocurrencies that make them a much talked about subject amongst political purists from across the political spectrum. Trillion stimulus plan.

Cryptocurrency 71

Cryptocurrency Banking Marketing Malware 71

Malwarebytes

APRIL 26, 2022

Rogue Google ads caused no end of misery for cryptocurrency enthusiasts, costing them roughly $4.31 This is an astonishing slice of cryptocurrency cash to lose for the sake of clicking on something in a search engine. Here’s a mockup: pic.twitter.com/aM9UAbSKtv — Google SearchLiaison (@searchliaison) January 13, 2020.

Cryptocurrency 116

Cryptocurrency Phishing Engineering Mobile 116

SecureList

MARCH 1, 2021

In 2020, Kaspersky mobile products and technologies detected: 5,683,694 malicious installation packages, 156,710 new mobile banking Trojans, 20,708 new mobile ransomware Trojans. It just so happened that the year 2020 gave hackers a large number of powerful news topics, with the COVID-19 pandemic as the biggest of these.

Mobile 138

Mobile Malware Adware Banking 138

SecureList

JANUARY 13, 2022

Also, we have previously reported on cryptocurrency-focused BlueNoroff attacks. It appears that BlueNoroff shifted focus from hitting banks and SWIFT-connected servers to solely cryptocurrency businesses as the main source of the group’s illegal income. Malware infection.

Cryptocurrency 131

Cryptocurrency Malware Accountability Banking 131

Krebs on Security

MAY 22, 2023

Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms. The messages said recipients had earned an investment credit at a cryptocurrency trading platform called moonxtrade[.]com. In May 2020, Zipper told another Lolzteam member that quot[.]pw

Scams 252

Scams DDOS Cryptocurrency Accountability 252

Krebs on Security

JANUARY 6, 2022

Norton 360 , one of the most popular antivirus products on the market today, has installed a cryptocurrency mining program on its customers’ computers. According to the FAQ posted on its site , “ Norton Crypto ” will mine Ethereum (ETH) cryptocurrency while the customer’s computer is idle.

Cryptocurrency 333

Cryptocurrency Computers and Electronics Antivirus Identity Theft 333

Security Affairs

MAY 4, 2020

Hackers are conducting a mass-scanning the Internet for vulnerable Salt installs that could allow them to hack the organizations, the last victim is the Ghost blogging platform. The two flaws, tracked as CVE-2020-11651 and CVE-2020-11652, are a directory traversal issue and an authentication bypass vulnerability respectively.

Internet 107

Internet Internet Hacking Advertising 107

SecureWorld News

MARCH 22, 2021

The FBI just released its annual Internet Crime Report, and it is truly a sign of the times. The FBI notes that the Internet Crime Complaint Center (IC3) has been key to its mission to track cybercrimes. The IC3 received 791,790 complaints from the American public in 2020, the most ever in one year, with reported losses exceeding $4.1

Cybercrime 54

Cybercrime Scams Banking Accountability 54

Krebs on Security

JANUARY 10, 2024

A California man who lost $100,000 in a 2021 SIM-swapping attack is suing the unknown holder of a cryptocurrency wallet that harbors his stolen funds. Dellone says the crooks then used his phone number to break into his account at Coinbase and siphon roughly $100,000 worth of cryptocurrencies. million cyberheist.

Cryptocurrency 286

Cryptocurrency Government Cybercrime Accountability 286

SecureList

AUGUST 23, 2021

billion USD in 2021, which is slightly less than the total revenue in 2020 but still significantly above the pre-pandemic figures. Most of the statistics presented in the report were collected between July 1, 2020 and June 30, 2021. Pandemic-related statistics cover the period of January 2020 through June 2021.

Adware 119

Adware Mobile Phishing Malware 119

Krebs on Security

SEPTEMBER 5, 2023

Since then, a steady trickle of six-figure cryptocurrency heists targeting security-conscious people throughout the tech industry has led some security experts to conclude that crooks likely have succeeded at cracking open some of the stolen LastPass vaults. “The victim profile remains the most striking thing,” Monahan wrote.

Cryptocurrency 351

Cryptocurrency Passwords Encryption Accountability 351

Security Affairs

FEBRUARY 2, 2024

. “As part of a detailed study of the cyber threat, a study of the received samples of malicious programs was conducted, the peculiarities of the functioning of the management server infrastructure were established, and more than 2,000 affected computers were identified in the Ukrainian segment of the Internet.”

Malware 94

Malware Internet Internet DDOS 94

SecureWorld News

MARCH 28, 2022

The FBI's Internet Crime Complaint Center (IC3) has released its annual report, providing the public with specific details on how cybercrime has evolved in the last five years, what threats were the most persistent, and what groups were the most targeted, along with a flurry of other information and statistics.

Internet 70

Internet Internet Cybercrime Ransomware 70

Krebs on Security

FEBRUARY 26, 2023

But we do know the March 2020 attack was precipitated by a spear-phishing attack against a GoDaddy employee. GoDaddy described the incident at the time in general terms as a social engineering attack, but one of its customers affected by that March 2020 breach actually spoke to one of the hackers involved.

Hacking 278

Hacking Social Engineering Phishing Scams 278

SecureList

AUGUST 10, 2022

In late August 2020, we published an overview of DeathStalker’s profile and malicious activities, including their Janicab, Evilnum and PowerSing campaigns ( PowerPepper was later documented in 2020). Meanwhile, in August 2020, we also released a private report on VileRAT to our threat intelligence customers for the first time.

Cryptocurrency 93

Cryptocurrency Encryption Social Engineering Passwords 93

Krebs on Security

APRIL 11, 2022

Online scams that try to separate the unwary from their cryptocurrency are a dime a dozen, but a great many seemingly disparate crypto scam websites tend to rely on the same dodgy infrastructure providers to remain online in the face of massive fraud and abuse complaints from their erstwhile customers. The ark-x2[.]org The ark-x2[.]org

Scams 201

Scams Cryptocurrency Media Hacking 201

Security Affairs

FEBRUARY 19, 2024

In October 2020, the US Justice Department charged a Ukrainian national, Mark Sokolovsky (28), with computer fraud for allegedly infecting millions of computers with the Raccoon Infostealer. The Raccoon Infostealer operator, Mark Sokolovsky , was extradited to the US from the Netherlands to appear in a US court. in the stolen data.

Identity Theft 90

Identity Theft Cryptocurrency Cybercrime Hacking 90

Security Affairs

JUNE 22, 2021

DirtyMoe is a Windows botnet that is rapidly growing, it passed from 10,000 infected systems in 2020 to more than 100,000 in the first half of 2021. The Windows botnet has been active since late 2017, it was mainly used to mine cryptocurrency, but it was also involved in DDoS attacks in 2018. ” continues the report.

DNS 125

DNS Cryptocurrency Internet Internet 125

Hot for Security

JUNE 28, 2021

According to a newly-published report by the FBI’s Internet Crime Complaint Center (IC3), the elderly are more at risk from falling victim to online fraud and internet scammers than ever before. It’s also worth considering the impact that the global pandemic has had.

Scams 66

Scams Internet Internet Cryptocurrency 66

Security Affairs

MAY 1, 2021

. “To further secure your device, do not expose your NAS to the internet. If you must connect your NAS to the internet, we highly recommend using a trusted VPN or a myQNAPcloud link.” The malware was designed to abuse NAS resources and mine cryptocurrency.

Ransomware 109

Ransomware Cryptocurrency Malware Internet 109

SecureList

NOVEMBER 23, 2021

First of all, we are going to analyze the forecasts we made at the end of 2020 and see how accurate they were. We should expect more fraud, targeting mostly BTC , because this cryptocurrency is the most popular. In addition, bitcoin ended 2020 at around $28,000 and quickly rose to a peak of $40,000 in January 2021.

Cryptocurrency 112

Cryptocurrency Banking Cybercrime Ransomware 112

Malwarebytes

MARCH 19, 2021

Internet crime is ever present, and with the ongoing pandemic, levels of scams and fraud were exceptionally high in 2020. A state-by-state statistical breakdown of these cases were included in an accompanying report, 2020 State Reports, that you can browse through here. billion USD.

Scams 68

Scams Internet Internet Identity Theft 68

SecureWorld News

FEBRUARY 7, 2022

Cyberattacks targeting cryptocurrency exchanges were on a roll in 2021 and have continued into 2022. The panel also said one cybersecurity firm anonymously reported that North Korean "cyber-actors stole a total of $400 million worth of cryptocurrency through seven intrusions into cryptocurrency exchanges and investment firms.".

Cryptocurrency 72

Cryptocurrency Cybercrime Social Engineering Engineering 72

SecureList

FEBRUARY 23, 2022

share in 2020 to the second most common in 2021 with 12.2%. Emotet (9.3%), described by Europol as “the world’s most dangerous malware”, underwent a drop of five percentage points between 2020 and 2021.This The mass change in cybercriminals’ objectives and methods seen in 2020 continued in 2021.

Banking 101

Banking Phishing Cryptocurrency Malware 101

SecureList

SEPTEMBER 8, 2022

Percentage of ICS computers on which malicious objects were blocked, January – June 2020, 2021, and 2022. The main sources of threats to computers in the operational technology infrastructure of organizations are internet (16.5%), removable media (3.5%), and email (7.0%). since 2020. This percentage has been growing since 2020.

Spyware 88

Spyware Cryptocurrency Phishing Ransomware 88

Security Affairs

JANUARY 21, 2021

QNAP is warning customers of a new piece of malware dubbed Dovecat that is targeting NAS devices to mine cryptocurrency. The malware was designed to abuse NAS resources and mine cryptocurrency. “According to analysis, QNAP NAS can become infected when they are connected to the Internet with weak user passwords.”

Cryptocurrency 112

Cryptocurrency Firmware Malware Passwords 112

Malwarebytes

SEPTEMBER 19, 2023

Cryptocurrency investigators use specialized strategies to track down criminals. Although cryptocurrency is anonymous, that doesn't mean it's untraceable. The investigations by the German authorities, which have been ongoing since 2020, led to the international public search for Igor Olegovich Turashev and Igor Garshin in March 2023.

Ransomware 119

Ransomware Backups Cryptocurrency Cybercrime 119

Malwarebytes

MAY 18, 2022

The variant they focused on uses a range of known exploits for vulnerabilities in web apps and databases to install cryptocurrency miners on both Windows and Linux systems. The Sysrv botnet first received attention at the end of 2020 because at the time it was one of the rare malware binaries written in Golang (aka GO). Background.

Cryptocurrency 69

Cryptocurrency IoT Malware DDOS 69

SecureWorld News

FEBRUARY 18, 2021

And the targets in this case are widespread: banks, ATMs, cryptocurrency exchanges, online casinos, movie studios such as Sony Pictures, and theater chains such as AMC. million from an Indonesian cryptocurrency company in September 2018; and $11.8 million from an Indonesian cryptocurrency company in September 2018; and $11.8

Hacking 97

Hacking Cryptocurrency Computers and Electronics Banking 97

Security Boulevard

MAY 23, 2022

We highly recommend organizations to secure internet-facing systems, including timely application of security updates and building credential hygiene,” Microsoft added. At its core a cryptocurrency miner. At its core, Sysrv is a worm and a cryptocurrency miner, Cujo AI, a cyberseucrity company, said in a September 2021 blog.

Cryptocurrency 64

Cryptocurrency Backups Malware Passwords 64

Krebs on Security

MARCH 28, 2021

The group looks for attacks on Exchange systems using a combination of active Internet scans and “honeypots” — systems left vulnerable to attack so that defenders can study what attackers are doing to the devices and how.

Hacking 357

Hacking Cybercrime DNS Antivirus 357

eSecurity Planet

FEBRUARY 19, 2024

Among the vulnerabilities is CVE-2024-21412 , an Internet Shortcut Files flaw that allows an unauthenticated attacker to send a malicious file to a user. It bypasses Internet Shortcut Files’ security measures. The vulnerability, CVE-2020-3259 , was first discovered in May 2020.

VPN 111

VPN DNS Ransomware Software 111

Security Affairs

JANUARY 9, 2023

The crypto-miner Kinsing was first spotted by security firm Aqua Security in April 2020, at the time the experts spotted threat actors scanning the Internet for Docker servers running API ports exposed without a password. The Kinsing malware abuses the resources of the Docker installations to mine cryptocurrency.

Malware 90

Malware Authentication Cryptocurrency Internet 90

CyberSecurity Insiders

FEBRUARY 8, 2021

Later security firm ENKI said that Lazarus could have carried out the latest file encrypting malware attack by exploiting a zero day vulnerability in Internet Explorer browser of Windows operating system. And all the expenses are borne by the Kim Jung UN led nation who steals cryptocurrency to fund its nuclear programs.

Ransomware 134

Ransomware Social Engineering Cryptocurrency Cybercrime 134