Security Affairs

MAY 2, 2024

in March 2022. “Ransomware is malicious software designed to encrypt data on victim computers, allowing bad actors the ability to demand a ransom payment in exchange for the decryption key.” victims, and we are disrupting the broader cybercrime ecosystem.” Vasinskyi was extradited to the U.S.

Ransomware 83

Ransomware Cryptocurrency Cybercrime Encryption 83

Security Affairs

AUGUST 15, 2022

The SOVA Android banking trojan was improved, it has a new ransomware feature that encrypts files on Android devices, Cleafy researchers report. targets over 200 banking and cryptocurrency exchange apps. In March 2022, SOVA authors released version 3.0 The malware has been active since 2021 and evolves over time.

Encryption 97

Encryption Malware Banking Ransomware 97

SecureList

JULY 28, 2022

This is our latest installment, focusing on activities that we observed during Q2 2022. We identified a Windows variant of this sample using the same string encryption algorithm, internal modules, and functionalities. The actor used cryptocurrency-related contents or complaints from law enforcement as lure themes.

Malware 136

Malware Firmware Phishing Cryptocurrency 136

Krebs on Security

FEBRUARY 20, 2024

Kondratyev is also charged (PDF) with three criminal counts arising from his alleged use of the Sodinokibi (aka “ REvil “) ransomware variant to encrypt data, exfiltrate victim information, and extort a ransom payment from a corporate victim based in Alameda County, California. Matveev remains at large, presumably still in Russia.

Ransomware 283

Ransomware Cybercrime Encryption Insurance 283

SecureWorld News

JULY 3, 2023

According to PurpleSec, 98% of cybercrime relies on social engineering to accomplish it. Ransomware attacks grew by 41% in 2022, and identification and remediation for a breach took 49 days longer than the average breach. Ransomware is malware that encrypts the victim's data and demands a ransom for its decryption.

Cybercrime 83

Cybercrime Social Engineering Data breaches Education 83

Security Affairs

MAY 30, 2024

“According to an indictment unsealed on May 24, from 2014 through July 2022, Wang and others are alleged to have created and disseminated malware to compromise and amass a network of millions of residential Windows computers worldwide.” The compromised devices were recruited in the 911 S5 residential proxy service. export laws.

VPN 83

VPN Cryptocurrency Malware Software 83

Security Boulevard

MAY 27, 2022

The Exfiltration Phase of The Kill Chain of a Cryptocurrency-Based Attack Provides the Greatest Opportunity to Identify Cybercriminals. Cryptocurrency gained through illicit means is less useable than other assets due to the way cryptocurrency systems currently do not fully protect owner identity and allow for only limited liquidity.

Cryptocurrency 59

Cryptocurrency Risk Marketing Architecture 59

SecureList

NOVEMBER 22, 2022

A look back on the year 2022 and what to expect in 2023. This report assesses how accurately we predicted the developments in the financial threats landscape in 2022 and ponder at what to expect in 2023. Analysis of forecasts for 2022. Also of note in 2022 are campaigns impersonating well-known software brands like Notepad++.

Cryptocurrency 92

Cryptocurrency Mobile Ransomware Banking 92

SecureWorld News

MAY 30, 2024

The cybercrime gang RansomHub has claimed responsibility and is threatening to release "a massive trove of sensitive personal information" belonging wealthy clients of Christie's unless their ransom demand is met. The world-renowned auction house Christie's has become the latest major corporation to fall victim to a ransomware attack.

Identity Theft 74

Identity Theft Hacking Ransomware Data breaches 74

Security Affairs

AUGUST 6, 2023

Reptile Rootkit employed in attacks against Linux systems in South Korea New PaperCut flaw in print management software exposes servers to RCE attacks A cyberattack impacted operations of multiple hospitals in several US states Married couple pleaded guilty to laundering billions in cryptocurrency stolen from Bitfinex in 2016 Malicious packages in (..)

Malware 72

Malware Cybercrime Cryptocurrency Social Engineering 72

SecureList

JANUARY 17, 2024

To be more specific, in 2023, the volume of malware log files containing compromised user data and posted for free on the dark web surged by almost 30% compared to 2022. Notable among these was BunnyLoader , inexpensive and feature-rich malware capable of stealing sensitive data and cryptocurrency.

Marketing 111

Marketing Cryptocurrency Malware Ransomware 111

SecureWorld News

FEBRUARY 16, 2023

Cybersecurity and Infrastructure Security Agency (CISA) provides an overview of the DPRK's state-sponsored ransomware and "updates the July 6, 2022, joint CSA North Korean State-Sponsored Cyber Actors Use Maui Ransomware to Target the Healthcare and Public Health Sector. Demand ransom in cryptocurrency. Obfuscate identity.

Healthcare 91

Healthcare Ransomware Cryptocurrency Cybercrime 91

SecureList

JANUARY 30, 2023

Just as any other business, cybercrime needs labor. We reviewed job ads and resumes that were posted on 155 dark web forums from January 2020 through June 2022 and analyzed those containing information about a long-term engagement or a full-time job. Offers like that come from hacker groups, among others.

Cybercrime 119

Cybercrime Marketing Encryption Risk 119

Security Affairs

MAY 6, 2023

Twitter confirmed that a security incident publicly exposed Circle tweets FBI seized other domains used by the shadow eBook library Z-Library WordPress Advanced Custom Fields plugin XSS exposes +2M sites to attacks Fortinet fixed two severe issues in FortiADC and FortiOS Pro-Russia group NoName took down multiple France sites, including the French (..)

Data breaches 90

Data breaches Malware Mobile Spyware 90

Security Affairs

SEPTEMBER 25, 2022

builder Over 39K unauthenticated Redis services on the internet targeted in cryptocurrency campaign Hackers stole $160 Million from Crypto market maker Wintermute U.S. builder Over 39K unauthenticated Redis services on the internet targeted in cryptocurrency campaign Hackers stole $160 Million from Crypto market maker Wintermute U.S.

Cryptocurrency 79

Cryptocurrency Data breaches DNS DDOS 79

The Last Watchdog

SEPTEMBER 28, 2022

According to a new study, phishing attacks rose 61 percent in 2022, with cryptocurrency fraud increasing 257 percent year-over-year. Because the address comes across as an internal team member, people trust them, ultimately exposing themselves to cybercrime. Encrypt all sensitive information and documentation.

Phishing 124

Phishing Scams Cybercrime Passwords 124

Malwarebytes

APRIL 17, 2023

Swatting is a crime that has evolved from a dangerous type of prank to a cybercrime that can be ordered as a service. NPR reported that in October 2022, 182 schools in 28 states received fake threat calls with a familiar pattern behind this wave of false calls. Payments are made in cryptocurrency to maintain anonymity.

Artificial Intelligence 95

Artificial Intelligence VPN Cryptocurrency Encryption 95

Security Affairs

JUNE 4, 2023

Xplain hack impacted the Swiss cantonal police and Fedpol Zyxel published guidance for protecting devices from ongoing attacks Kimsuky APT poses as journalists and broadcast writers in its attacks New Linux Ransomware BlackSuit is similar to Royal ransomware CISA adds Progress MOVEit Transfer zero-day to its Known Exploited Vulnerabilities catalog (..)

Spyware 82

Spyware Hacking Malware Social Engineering 82

Security Affairs

DECEMBER 17, 2023

CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6

Data breaches 77

Data breaches Cybercrime Firewall Artificial Intelligence 77

Security Affairs

MAY 2, 2022

The Russian police arrested 14 alleged members of the ransomware gang and raided 25 addresses seizing computer equipment and cryptocurrency wallets. The expert noticed that the sample does not encrypt files, it only adds a random extension to the victim’s files. Timestamp 2022-04-27, new config, new mutex, campaign ID, etc.

Ransomware 81

Ransomware Encryption Cryptocurrency Malware 81

SecureList

SEPTEMBER 28, 2023

Last month we covered a wide range of cybercrime topics. But there’s more going on in the cybercrime landscape, so we also published reports on new versions of the Lumma stealer and Zanubis Android banking trojan. Lumma itself first appeared on our radar in August 2022, when we detected new samples.

Banking 99

Banking Malware Cybercrime Encryption 99

Security Affairs

MAY 21, 2023

This week, ReversingLabs researchers warned of the presence of two malicious packages, respectively named nodejs-encrypt-agent and nodejs-cookie-proxy-agent, in the npm package repository containing an open-source info-stealer called TurkoRat.

Social Engineering 84

Social Engineering Malware Cryptocurrency Engineering 84

Security Affairs

MAY 7, 2023

Despite the FBI and law enforcement bodies always recommend not paying ransom in these attacks, in this case, the department opted to pay likely because they had no other way to recover the encrypted systems or to avoid the disclosure of sensitive data. “If We are in the final! ransom appeared first on Security Affairs.

Ransomware 93

Ransomware Insurance Cryptocurrency Encryption 93

Security Affairs

MARCH 23, 2023

However, Cleafy’s Threat Intelligence & Response Team reported having detected the first Nexus infections in June 2022, months before the MaaS was publicly advertised. The Nexus Trojan can target multiple banking and cryptocurrency in an attempt to take over customers’ accounts.

Banking 74

Banking Cryptocurrency Malware Advertising 74

SecureWorld News

JUNE 2, 2022

The Karakurt gang is a relatively new cybercrime group on the block, with researchers reporting it first emerged in late 2021. Interestingly, victims of the group have not reported encryption of compromised machines or files. Many cryptocurrency wallets used by Karakurt to receive victims' payments were sending money to Conti wallets.

Ransomware 80

Ransomware Cybercrime Hacking Cryptocurrency 80

Security Affairs

MARCH 4, 2023

CISA and FBI warn of Royal ransomware operation Retailer WH Smith discloses data breach after a cyberattack GunAuction site was hacked and data of 565k accounts were exposed Cryptojacking campaign targets insecure deployments of Redis servers Cisco fixed a critical command injection bug in IP Phone Series Threat actors target law firms with GootLoader (..)

Spyware 78

Spyware Data breaches Retail Ransomware 78

Security Affairs

APRIL 9, 2023

billion rubles.

Computers and Electronics 76

Computers and Electronics Backups Cybercrime Marketing 76

Security Affairs

FEBRUARY 21, 2024

In wider action coordinated by Europol, two LockBit actors have been arrested this morning in Poland and Ukraine, over 200 cryptocurrency accounts linked to the group have been frozen.” The NCA will reach out to victims based in the UK in the coming days and weeks, providing support to help them recover encrypted data.

Energy and Utilities 85

Energy and Utilities Ransomware Manufacturing Financial Services 85

SecureList

OCTOBER 24, 2023

A good example of this is GoPIX, a malware campaign that has been active since December 2022. Next, Lumar starts three different threads, each one looking for specific data: txt,doc,jpg,rdp,xls, etc files; browser cookies and cached passwords; files associated with cryptocurrency wallets.

Ransomware 99

Ransomware Malware Advertising Passwords 99

eSecurity Planet

SEPTEMBER 14, 2022

Cybercrime is a growth industry like no other. of the wealth in the United States as of Q1 2022, compared to 6.5% Read More At: Top Secure Email Gateway Solutions for 2022. One particularly potent emergent technology for scammers is blockchain and the related cryptocurrency and NFTs. billion in reported losses.

Social Engineering 117

Social Engineering Energy and Utilities Phishing Scams 117

SecureWorld News

AUGUST 8, 2022

It has been sold on underground hacker forums for stealing browser data, user credentials, and cryptocurrency information. LokiBot LokiBot is a Trojan malware for stealing sensitive information, including user credentials, cryptocurrency wallets, and other credentials. AZORult's developers are constantly updating its capabilities.

Malware 82

Malware Banking Healthcare Penetration Testing 82

Security Affairs

MARCH 27, 2023

The threat actor abused Bitly shortener and an ad hoc BlogSpot account to protect the malicious code, lastly stored in an encrypted zip archive hosted on Mega.nz. The final download link is presented on BlogSpot This particular modus operandi matches a particular threat Kaspersky researchers spotted in September 2022 ( link ): NullMixer.

Malware 78

Malware Social Engineering Encryption Marketing 78

eSecurity Planet

NOVEMBER 2, 2022

billion malware attacks worldwide in just the first half of 2022. Read Top Endpoint Detection & Response (EDR) Solutions in 2022. Read More: Top Secure Email Gateway Solutions for 2022. The Rise of Ransomware: 2011-2022. It later evolved to also include file encryption. From Theory to Reality: 1948-1971.

Malware 140

Malware Ransomware Antivirus Internet 140

SecureList

APRIL 10, 2023

In 2022, Kaspersky security solutions detected 1,661,743 malware or unwanted software installers, targeting mobile users. The most popular application categories to hide malware and unwanted software include cryptocurrency trackers, financial apps, QR-code scanners and even dating apps.

Malware 106

Malware Encryption Mobile Accountability 106

Security Affairs

FEBRUARY 20, 2024

In wider action coordinated by Europol, two LockBit actors have been arrested this morning in Poland and Ukraine, over 200 cryptocurrency accounts linked to the group have been frozen.” The NCA will reach out to victims based in the UK in the coming days and weeks, providing support to help them recover encrypted data.

Energy and Utilities 93

Energy and Utilities Ransomware Manufacturing Financial Services 93

SecureList

NOVEMBER 14, 2023

However, instead of encrypting the data, it purposefully destroyed it in the affected systems. In June, Microsoft published a report on a threat actor named Cadet Blizzard, responsible for WhisperGate and other wipers targeting Ukrainian government agencies early in 2022. We have not seen anything of the kind in 2023. Drone hacking!

Hacking 109

Hacking Energy and Utilities Media Malware 109

eSecurity Planet

OCTOBER 21, 2022

Since 2008, antivirus and cybersecurity software testers AV-TEST have kept track of the number of newly-developed malware worldwide, totaling at nearly 1 billion as of September 2022. An August 2022 Statista report counted 2.8 billion malware attacks worldwide in the first half of 2022 alone. Ransomware.

Malware 75

Malware Adware Spyware Antivirus 75