Security Affairs

MAY 13, 2025

He is internationally wanted for multiple cybercrime, including ransomware attacks, blackmail, and money laundering, targeting Dutch companies. “He is wanted internationally for committing several cybercrimes (ransomware attacks, blackmail, and money laundering) against companies based in the Netherlands.” million euros.”

Ransomware 107

Ransomware Cybercrime Malware Banking 107

Security Affairs

OCTOBER 9, 2023

A threat actor has leaked the source code for the first version of the HelloKitty ransomware on a Russian-speaking cybercrime forum. The availability of the source in the cybercrime ecosystem can allow threat actors to develop their own version of the Hello Kitty ransomware.

Cybercrime 140

Cybercrime Ransomware DDOS Encryption 140

Krebs on Security

FEBRUARY 17, 2021

million in a 2018 ATM cash out scheme targeting a Pakistani bank; and a total of $112 million in virtual currencies stolen between 2017 and 2020 from cryptocurrency companies in Slovenia, Indonesia and New York. In reality, prosecutors say, the programs were malware or downloaded malware after the applications were installed.

Cryptocurrency 344

Cryptocurrency Financial Services Banking Government 344

Krebs on Security

JANUARY 27, 2021

and Bulgarian authorities this week seized the darkweb site used by the NetWalker ransomware cybercrime group to publish data stolen from its victims. “It picked up steam in mid-2020, growing the average ransom to $65,000 last year, up from $18,800 in 2019.” ” Image: Chainalysis.

Ransomware 349

Ransomware Cybercrime Antivirus Encryption 349

Security Affairs

MAY 5, 2021

A new cybercrime gang, tracked as UNC2529 , has targeted many organizations in the US and other countries using new sophisticated malware. A new financially motivated threat actor, tracked by FireEye Experts as UNC2529, has targeted many organizations in the United States and other countries using several new pieces of malware.

Cybercrime 135

Cybercrime Malware Manufacturing Retail 135

Krebs on Security

MARCH 20, 2020

This week, security researchers said they spotted that same vulnerability being exploited by a new variant of Mirai , a malware strain that targets vulnerable Internet of Things (IoT) devices for use in large-scale attacks and as proxies for other cybercrime activity. A joint advisory on CVE-2020-9054 from the U.S.

IoT 301

IoT DDOS VPN Firewall 301

Krebs on Security

AUGUST 19, 2021

Apparently now that includes emailing employees directly and asking them to unleash the malware inside their employer’s network in exchange for a percentage of any ransom amount paid by the victim company. billion in 2020. Image: Abnormal Security. Image: FBI. For example, the Lockbit 2.0

Ransomware 363

Ransomware Social Engineering Cybercrime Scams 363

Security Affairs

MARCH 26, 2025

New ReaderUpdate malware variants, now written in Crystal, Nim, Rust, and Go, targets macOS users, SentinelOne warns. SentinelOne researchers warn that multiple versions of the ReaderUpdate malware written in Crystal, Nim, Rust, and Go programming languages, are targeting macOS users. The malware maintains persistence via a.plist file.

Malware 71

Malware Adware Antivirus Marketing 71

Security Boulevard

NOVEMBER 16, 2021

Ethical hackers proved their worth over the 14 months that the pandemic ravaged economies and organizations were at their most vulnerable, preventing $27 billion in cybercrime during the time when flaws threatened to overwhelm security teams worldwide. During the period from May 1, 2020 to August 31, 2021, eight in 10 ethical hackers found a.

Cybercrime 134

Cybercrime Penetration Testing Security Awareness Risk 134

Krebs on Security

DECEMBER 16, 2020

A key malicious domain name used to control potentially thousands of computer systems compromised via the months-long breach at network monitoring software vendor SolarWinds was commandeered by security experts and used as a “killswitch” designed to turn the sprawling cybercrime operation against itself, KrebsOnSecurity has learned.

Hacking 362

Hacking Malware Software Cybercrime 362

SecureList

SEPTEMBER 13, 2021

The Incident response analyst report provides insights into incident investigation services conducted by Kaspersky in 2020. We deliver a range of services to help organizations when they are in need: incident response, digital forensics and malware analysis. Geography of incident responses by region, 2020.

Social Engineering 145

Social Engineering Healthcare Ransomware Government 145

Krebs on Security

OCTOBER 8, 2020

But judging from the proliferation of help-wanted ads for offensive pentesters in the cybercrime underground, today’s attackers have exactly zero trouble gaining that initial intrusion: The real challenge seems to be hiring enough people to help everyone profit from the access already gained. THE DOCTOR IS IN. ” WHO IS DR. SAMUIL?

Cybercrime 353

Cybercrime Malware Ransomware VPN 353

Security Affairs

APRIL 30, 2021

UNC2447 cybercrime gang exploited a zero-day in the Secure Mobile Access (SMA), addressed by SonicWall earlier this year, before the vendor released a fix. The UNC2447 gang targeted organizations in Europe and North America using a broad range of malware over the past months. ” reads the analysis published by FireEye.

Cybercrime 142

Cybercrime Ransomware Malware Mobile 142

Security Affairs

NOVEMBER 5, 2024

UNC5537 is systematically compromising Snowflake customer instances using stolen customer credentials, advertising victim data for sale on cybercrime forums, and attempting to extort many of the victims.” ” UNC5537 used stolen credentials obtained via infostealer malware.

Unstructured Data 121

Unstructured Data Media Cybercrime Hacking 121

Krebs on Security

MARCH 28, 2021

New data suggests someone has compromised more than 21,000 Microsoft Exchange Server email systems worldwide and infected them with malware that invokes both KrebsOnSecurity and Yours Truly by name. “web shells”) that various cybercrime groups worldwide have been using to commandeer any unpatched Exchange servers.

Hacking 363

Hacking Cybercrime DNS Antivirus 363

Krebs on Security

MARCH 1, 2022

A Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti , an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million in annual revenue. 22, 2020, the U.S. On Sunday, Feb.

Ransomware 303

Ransomware Healthcare Cybercrime Government 303

Security Affairs

APRIL 30, 2025

Their campaigns involve multi-phase intrusions, initial access, privilege escalation, and data exfiltration, using modular malware, LOTL techniques, and evasive C2 infrastructure. The APT group uses RomCom malware in multi-stage attacks. Tools like WinRAR and Plink are deployed, with data exfiltrated from c:userspublicmusic.

Encryption 101

Encryption Ransomware Malware Phishing 101

SecureList

AUGUST 23, 2021

billion USD in 2021, which is slightly less than the total revenue in 2020 but still significantly above the pre-pandemic figures. We examined malware and unwanted software disguised as popular PC and mobile games. We also looked in greater detail at some of the strains of malware being distributed and the dangers they pose for users.

Adware 140

Adware Mobile Malware Phishing 140

Krebs on Security

JANUARY 28, 2022

“ BlackCat “), considered to be the first professional cybercrime group to create and use a ransomware strain written in the Rust programming language. One concern about more malware shifting to Rust is that it is considered a much more secure programming language compared to C and C++, writes Catalin Cimpanu for The Record.

Ransomware 338

Ransomware Accountability Cybercrime Malware 338

Krebs on Security

FEBRUARY 9, 2023

Authorities in the United States and United Kingdom today levied financial sanctions against seven men accused of operating “ Trickbot ,” a cybercrime-as-a-service platform based in Russia that has enabled countless ransomware attacks and bank account takeovers since its debut in 2016. companies and government entities.

Hacking 250

Hacking Cybercrime Ransomware Government 250

SecureList

OCTOBER 20, 2021

Having been in the field for so long, we have witnessed some major changes in the cybercrime world’s modus operandi. This report shares our insights into the Russian-speaking cybercrime world and the changes in how it operates that have happened in the past five years. Client-side attacks on the wane.

Cybercrime 145

Cybercrime Banking Malware Ransomware 145

SecureList

FEBRUARY 16, 2021

In Q4 2020, Citrix ADC (application delivery controller) devices became one such tool, when perpetrators abused their DTLS interface. Overall, Q4 remained within the parameters of 2020 trends. Extortionists’ activity regularly made the news throughout 2020. This trend continued in the last months of 2020.

DDOS 145

DDOS Cryptocurrency Marketing Internet 145

Krebs on Security

DECEMBER 8, 2021

” The Ontario Provincial Police (OPP) on Tuesday said the investigation began in January 2020 when the U.S. Perhaps the earliest and most important cybercrime forum DCReavers2 frequented was Darkode , where he was among the first two-dozen members. DCReavers2 was just the 22nd account to register on the Darkode cybercrime forum.

Cybercrime 338

Cybercrime Ransomware Accountability Advertising 338

Krebs on Security

JUNE 30, 2020

The economic laws of supply and demand hold just as true in the business world as they do in the cybercrime space. An ad for a site selling stolen payment card data, circa March 2020. “This is likely due to the fact that most of the sold data is still coming from breaches that occurred in 2019 and early 2020.”

Retail 347

Retail Banking Hacking Cybercrime 347

Krebs on Security

FEBRUARY 8, 2021

Brad Marden , superintendent of cybercrime operations for the Australian Federal Police (AFP), said their investigation into who was behind U-Admin began in late 2018, after Australian citizens began getting deluged with phishing attacks via mobile text messages that leveraged the software. Credit: blog.bushidotoken.net.

Phishing 341

Phishing Scams Banking Mobile 341

Krebs on Security

OCTOBER 15, 2020

Q6Cyber CEO Eli Dominitz said the breach appears to extend from May 2019 through September 2020. Gemini says its data indicated some 156 Dickey’s locations across 30 states likely had payment systems compromised by card-stealing malware, with the highest exposure in California and Arizona.

Data breaches 361

Data breaches Cybercrime Retail Banking 361

Krebs on Security

APRIL 30, 2020

In many ways, the COVID-19 pandemic has been a boon to cybercriminals: With unprecedented numbers of people working from home and anxious for news about the virus outbreak, it’s hard to imagine a more target-rich environment for phishers, scammers and malware purveyors. ” Alex Holden , founder and CTO of Hold Security , agreed.

Cybercrime 359

Cybercrime Computers and Electronics Marketing Scams 359

Security Affairs

OCTOBER 14, 2021

Since 2020, at least 130 different ransomware families have been active. The analysis of the temporal distribution of ransomware-related submissions revealed a sequence of peaks in the first two quarters of 2020. Second, attackers are using a range of different approaches, including well-known botnet malware and other RATs.

Ransomware 125

Ransomware Malware Accountability Hacking 125

Security Affairs

MAY 4, 2025

When the malware was successful, the ransomware then created a ransom note on the victims system that directed the victim to send $10,000 worth of Bitcoin to a cryptocurrency address controlled by a co-conspirator and to send proof of this payment to a Black Kingdom email address.” .” reads the press release published by DoJ.

Ransomware 114

Ransomware Encryption VPN Malware 114

Security Affairs

DECEMBER 17, 2024

The FBI warned of a fresh wave of HiatusRAT malware attacks targeting internet-facing Chinese-branded web cameras and DVRs. The Federal Bureau of Investigation (FBI) released a Private Industry Notification (PIN) to warn of HiatusRAT malware campaigns targeting Chinese-branded web cameras and DVRs. ” reads the PIN report.

Architecture 108

Architecture Internet Internet Malware 108

Krebs on Security

OCTOBER 28, 2020

Department of Homeland Security hastily assembled a conference call with healthcare industry executives warning about an “imminent cybercrime threat to U.S. hospitals and healthcare providers.” ” The agencies on the conference call, which included the U.S.

Ransomware 279

Ransomware Healthcare Computers and Electronics Cybercrime 279

Krebs on Security

JANUARY 8, 2024

In 2020, the United States brought charges against four men accused of building a bulletproof hosting empire that once dominated the Russian cybercrime industry and supported multiple organized cybercrime groups. From January 2005 to April 2013, there were two primary administrators of the cybercrime forum Spamdot (a.k.a

Cybercrime 283

Cybercrime Banking Computers and Electronics DDOS 283

Security Affairs

DECEMBER 10, 2021

Malware researchers from Recorded Future and MalwareHunterTeam discovered ALPHV (aka BlackCat), the first professional ransomware strain that was written in the Rust programming language. Unlike other malware, ALPHV (BlackCat) is the first Rust ransomware that was used in attacks in the wild by a cybercrime organization.

Ransomware 121

Ransomware Malware Cybercrime Encryption 121

Herjavec Group

AUGUST 26, 2021

We can learn a lot from the cybercrime of the past…the history of cybercrime is a glimpse into what we can expect in the future. In the past 18 months, we’ve experienced the beginning of an era that has seen cybersecurity and cybercrime at the center of it all. Dateline Cybercrime . Robert Herjavec.

Cybercrime 135

Cybercrime Computers and Electronics Banking Hacking 135

Security Affairs

NOVEMBER 29, 2024

Russian authorities arrested ransomware affiliate Mikhail Matveev, aka Wazawaka, for developing malware and ties to hacking groups. On or about June 25, 2020, Matveev and his LockBit coconspirators targeted a law enforcement agency in Passaic County, New Jersey. The attacks hit law enforcement agencies in Washington, D.C.

Ransomware 118

Ransomware Healthcare Hacking Malware 118

Security Affairs

MAY 30, 2022

The researchers attribute the botnet to the cybercrime group Keksec which focuses on DDoS-based extortion. Experts pointed out that the malware is being actively developed. RCE CVE-2020-5902 F5 BigIP RCE No CVE (vulnerability published on 2019) ThinkPHP 5.X Upon installing the threat, the bot drops a file in /tmp/.pwned

Malware 145

Malware DDOS IoT Cybercrime 145

Security Affairs

DECEMBER 20, 2024

The US Department of Justice sentenced the Ukrainian national Mark Sokolovsky (28) for his role in the distribution of the Raccoon Infostealer malware. In October 2020, the US Justice Department charged Sokolovsky with computer fraud for allegedly infecting millions of computers with the Raccoon Infostealer. in restitution.”

Cryptocurrency 63

Cryptocurrency Identity Theft Cybercrime Malware 63