Krebs on Security

JANUARY 30, 2024

authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. technology companies during the summer of 2022. stole at least $800,000 from at least five victims between August 2022 and March 2023. 9, 2024, U.S.

Social Engineering 359

Social Engineering Mobile Cybercrime Passwords 359

Krebs on Security

DECEMBER 29, 2022

Thanks to your readership and support, I was able to spend more time in 2022 on some deep, meaty investigative stories — the really satisfying kind with the potential to affect positive change. Some of that work is highlighted in the 2022 Year in Review review below. agencies].

Cryptocurrency 309

Cryptocurrency Cybercrime Computers and Electronics Scams 309

Krebs on Security

APRIL 4, 2024

The disclosure revealed a profitable network of phishing sites that behave and look like the real Privnote, except that any messages containing cryptocurrency addresses will be automatically altered to include a different payment address controlled by the scammers. co showing the site did indeed swap out any cryptocurrency addresses.

Phishing 293

Phishing Cryptocurrency DDOS Internet 293

SecureList

NOVEMBER 10, 2022

Cryptocurrency prices were dropping from the end of 2021 and throughout the first half of 2022. Apart from cryptocurrency theft they extort digital money or illicitly mine it using victim’s devices instead of their own. Cybercriminals pay neither for equipment, nor for electricity, which is rather expensive in 2022.

Cryptocurrency 135

Cryptocurrency Malware Software Ransomware 135

SecureList

MAY 28, 2025

Introduction Zanubis is a banking Trojan for Android that emerged in mid-2022. The threat actors behind Zanubis continue to refine its code adding features, switching between encryption algorithms, shifting targets, and tweaking social engineering techniques to accelerate infection rates.

Banking 107

Banking Malware Energy and Utilities Encryption 107

Security Affairs

SEPTEMBER 22, 2022

Threat actors targeted tens thousands of unauthenticated Redis servers exposed on the internet as part of a cryptocurrency campaign. This may allow hackers to gain server privileges, delete or steal data, or even lead to an encryption extortion, critically endangering normal business services.” ” warns Censys.

Cryptocurrency 120

Cryptocurrency Internet Internet Hacking 120

Anton on Security

JULY 7, 2022

for “ransomware” in the cloud] observed was where attackers were seen brute forcing SQL databases, cloning a database table into a new table , encrypting the data, and proceeding to drop the original table. ” [A.C.?—?cloud cloud ransomware isn’t really ‘a ware’, but a RansomOp where humans?—?not not malware?—?do

Cybersecurity 246

Cybersecurity Cryptocurrency Ransomware Education 246

SecureList

JULY 28, 2022

This is our latest installment, focusing on activities that we observed during Q2 2022. We identified a Windows variant of this sample using the same string encryption algorithm, internal modules, and functionalities. The actor used cryptocurrency-related contents or complaints from law enforcement as lure themes.

Malware 145

Malware Firmware Phishing Cryptocurrency 145

eSecurity Planet

JANUARY 6, 2022

About the only consensus on cybersecurity in 2022 is that things will get uglier, but in what ways? Here are some of the more interesting predictions for 2022 we’ve seen from cybersecurity researchers. Here are some of the more interesting predictions for 2022 we’ve seen from cybersecurity researchers.

Ransomware 136

Ransomware Cybersecurity Artificial Intelligence CISO 136

eSecurity Planet

DECEMBER 7, 2023

Encryption scrambles data to make it unreadable to those without decryption keys. Proper use of encryption preserves secrecy and radically lowers the potential damage of a successful cybersecurity attack. Encryption algorithm types will provide an overview of the mathematical algorithms used to encrypt data (AES, RSA, etc.),

Encryption 109

Encryption Authentication Passwords Password Management 109

Security Affairs

APRIL 29, 2023

xyz pic.twitter.com/VLhISark8Y — Goldwave (@OGoldwave) March 13, 2023 The variant employed in the campaign supports a more sophisticated encryption method of byte remapping and a monthly rotation of the C2 server. #ViperSoftX is back, doesn't look like much has changed. c2 arrowlchat[.]com ” concludes the report.

Encryption 98

Encryption Malware Cryptocurrency Software 98

SecureList

NOVEMBER 18, 2022

IT threat evolution in Q3 2022. IT threat evolution in Q3 2022. IT threat evolution in Q3 2022. Nevertheless, in our APT predictions for 2022 , we noted that more attackers would reach the sophistication level required to develop such tools. Non-mobile statistics. Mobile statistics. Targeted attacks. Other malware.

Malware 123

Malware Computers and Electronics Adware Cryptocurrency 123

Centraleyes

DECEMBER 16, 2024

By 2027, 75% of employees are expected to acquire or modify technology outside of ITs control, up from 41% in 2022. Expect to see more investments in privacy-enhancing technologies (PETs) such as encryption, anonymization, and data masking. In 2025, more attention will be given to developing quantum-resistant encryption techniques.

Cybersecurity 98

Cybersecurity Insurance Cyber Insurance Technology 98

Webroot

OCTOBER 14, 2022

In other words, 2022 has been an eventful year in the threat landscape, with malware continuing to take center stage. The 6 Nastiest Malware of 2022. 2022 was no different. 2022 was no different. With that, here are the 6 Nastiest Malware of 2022. Here are this year’s wicked winners.

Malware 95

Malware Antivirus DDOS Cyber Insurance 95

Webroot

JANUARY 7, 2022

In 2022, the widespread growth of mobile access will increase the prevalence of mobile malware, given all of the behavior tracking capabilities,” says Grayson Milbourne, security intelligence director, Carbonite + Webroot, OpenText companies. “As Cryptocurrency. What to expect in 2022? Malware made leaps and bounds in 2021.

Cybercrime 116

Cybercrime Ransomware Phishing Cryptocurrency 116

SecureList

AUGUST 10, 2022

VileRAT is a Python implant, part of an evasive and highly intricate attack campaign against foreign exchange and cryptocurrency trading companies. We have indeed been able to identify more samples of VileRAT-associated malicious files and new infrastructure since March 2022, which may be a symptom of an increase in compromise attempts.

Cryptocurrency 118

Cryptocurrency Encryption Social Engineering Passwords 118

Security Affairs

AUGUST 15, 2022

The SOVA Android banking trojan was improved, it has a new ransomware feature that encrypts files on Android devices, Cleafy researchers report. targets over 200 banking and cryptocurrency exchange apps. In March 2022, SOVA authors released version 3.0 The malware has been active since 2021 and evolves over time.

Encryption 98

Encryption Malware Banking Ransomware 98

eSecurity Planet

FEBRUARY 24, 2025

A glimpse inside Black Basta Active since 2022, Black Basta has built a reputation for high-profile attacks using double-extortion tactics. The group typically encrypts victims data, threatening to leak it unless a hefty ransom is paid. In 2022, the Conti ransomware group collapsed after its internal communications were exposed.

Ransomware 67

Ransomware Phishing Healthcare Cryptocurrency 67

Security Affairs

JULY 23, 2022

“The Justice Department today announced a complaint filed in the District of Kansas to forfeit cryptocurrency paid as ransom to North Korean hackers or otherwise used to launder such ransom payments. In May 2022, the FBI filed a sealed seizure warrant for the funds worth approximately half a million dollars.”

Ransomware 145

Ransomware Healthcare Cryptocurrency Encryption 145

Krebs on Security

FEBRUARY 20, 2024

Kondratyev is also charged (PDF) with three criminal counts arising from his alleged use of the Sodinokibi (aka “ REvil “) ransomware variant to encrypt data, exfiltrate victim information, and extort a ransom payment from a corporate victim based in Alameda County, California. Matveev remains at large, presumably still in Russia.

Ransomware 331

Ransomware Cybercrime Encryption Insurance 331

Krebs on Security

APRIL 20, 2023

3CX hired incident response firm Mandiant , which released a report on Wednesday that said the compromise began in 2022 when a 3CX employee installed a malware-laced software package distributed via an earlier software supply chain compromise that began with a tampered installer for X_TRADER , a software package provided by Trading Technologies.

Malware 331

Malware Software Technology Accountability 331

Security Affairs

JULY 15, 2022

The Holy Ghost ransomware appends the file extension.h0lyenc to filenames of encrypted files. The HolyRS.exe was first detected in October 2021, HolyLocker.exe in March 2022 and BTLC.exe in April 2022. The group maintains an.onion site, which is used by the group to interact with their victims.

Ransomware 145

Ransomware Cryptocurrency Government Small Business 145

Malwarebytes

MAY 1, 2025

The hackers hijacked the channels to spread cryptocurrency scams, while deleting some of the groups old videos in the process. The attack was largely reminiscent of a 2022 YouTube account hack that repurposed a 2018 interview with Apple CEO Tim Cook to fool viewers into following a separate cryptocurrency scam.

Small Business 103

Small Business Cybersecurity Scams Passwords 103

SecureList

APRIL 21, 2025

Among these threats, Lumma Stealer has emerged as a particularly sophisticated player since its introduction in 2022 by the threat actor known as Lumma. Fake Telegram channels for pirated content and cryptocurrencies. Communication with these servers is typically via encrypted HTTP POST requests.

Malware 83

Malware Cryptocurrency Software Phishing 83

Security Affairs

SEPTEMBER 19, 2024

An international law enforcement operation infiltrated the encrypted messaging app Ghost, which was widely used by criminals, resulting in the arrest of dozens of individuals. An international law enforcement operation infiltrated the encrypted communications app Ghost, designed for criminal use, leading to numerous arrests.

Encryption 130

Encryption Cryptocurrency Mobile Hacking 130

Security Affairs

MAY 2, 2022

The Russian police arrested 14 alleged members of the ransomware gang and raided 25 addresses seizing computer equipment and cryptocurrency wallets. The expert noticed that the sample does not encrypt files, it only adds a random extension to the victim’s files. Timestamp 2022-04-27, new config, new mutex, campaign ID, etc.

Ransomware 116

Ransomware Encryption Cryptocurrency Malware 116

Malwarebytes

FEBRUARY 17, 2023

Depending on the flow of infection, targets can expect to find a demand for payment to unlock encrypted files or sneaky malware looking to grab cryptocurrency details from system clipboard functions. The email is cryptocurrency themed, and claims that a payment of yours has “timed out” and will need resending.

Ransomware 98

Ransomware Malware Cryptocurrency Encryption 98

eSecurity Planet

JUNE 16, 2022

Cyber criminals may damage, destroy, steal, encrypt, expose, or leak data as well as cause harm to a system. Also read: Best Antivirus Software of 2022. The 2022 SonicWall Cyber Threat Report found that all types of cyberattacks increased in 2021. Encrypted threats spiked 167%, ransomware increased 105%, and 5.4

Backups 145

Backups Ransomware Firewall Malware 145

CyberSecurity Insiders

APRIL 19, 2022

M-Trends 2022 report not only disclosed what threat actors are doing, but has also offered ways to mitigate risks. And from early 2022, the focus of the cyber criminals has shifted towards core business environments such as virtualization as any attack on such operations will lead to complex IT disasters.

Ransomware 120

Ransomware Cyber Insurance Insurance Cryptocurrency 120

CyberSecurity Insiders

JANUARY 7, 2022

So, all those school districts that were hosting their web portals on the servers of the web development company were inaccessible to students, parents, and staff since Tuesday this week- January 6th,2022. And the name of the group that launched the file encrypting malware attack will be revealed as soon as the investigation gets over.

Ransomware 114

Ransomware Encryption Cryptocurrency Education 114

Security Affairs

DECEMBER 15, 2023

GokuMarket, a cryptocurrency exchange, was recently acquired by Canada-based crypto exchange ByteX. The move came after GokuMarket, which had around a million users at the time, almost went bankrupt after denying users a withdrawal option in mid-2022, a disastrous year for crypto.

Passwords 134

Passwords Cryptocurrency Scams Mobile 134

Security Affairs

MAY 2, 2024

in March 2022. “Ransomware is malicious software designed to encrypt data on victim computers, allowing bad actors the ability to demand a ransom payment in exchange for the decryption key.” Vasinskyi was extradited to the U.S. Vasinskyi is a REvil ransomware affiliate since at least March 1st, 2019.

Ransomware 128

Ransomware Cryptocurrency Cybercrime Encryption 128

CyberSecurity Insiders

JANUARY 3, 2022

LA Secure” is the free application that is available from January 3rd,2022 and will be open to Android and iOS platforms. LA Secure app will also assist consumers in protecting them from phishing links and other malicious threats such as cryptocurrency mining malware.

Adware 121

Adware Cyber threats Mobile Malware 121

SecureList

NOVEMBER 22, 2022

A look back on the year 2022 and what to expect in 2023. This report assesses how accurately we predicted the developments in the financial threats landscape in 2022 and ponder at what to expect in 2023. Analysis of forecasts for 2022. Also of note in 2022 are campaigns impersonating well-known software brands like Notepad++.

Cryptocurrency 106

Cryptocurrency Mobile Ransomware Banking 106

CyberSecurity Insiders

JANUARY 23, 2023

The threat actors are adamant in their demand for charging cryptocurrency in millions and are not ready to entertain any negotiation of hackers. NOTE- Play Ransomware aka PlayCrypt is a kind of file encrypting malware that was first identified in June 2022.

Identity Theft 127

Identity Theft Data breaches Insurance Ransomware 127

Security Affairs

SEPTEMBER 25, 2022

builder Over 39K unauthenticated Redis services on the internet targeted in cryptocurrency campaign Hackers stole $160 Million from Crypto market maker Wintermute U.S. builder Over 39K unauthenticated Redis services on the internet targeted in cryptocurrency campaign Hackers stole $160 Million from Crypto market maker Wintermute U.S.

Cryptocurrency 100

Cryptocurrency Data breaches DNS DDOS 100

Security Affairs

JUNE 27, 2022

Threat actors have stolen $100 million in cryptocurrency from the Blockchain company Harmony on Thursday evening. Last week threat actors have stolen $100 million in cryptocurrency from the Blockchain company Harmony. peckshield) June 24, 2022. — Harmony (@harmonyprotocol) June 26, 2022. 99,334,302.58 99,334,302.58

Cryptocurrency 98

Cryptocurrency Encryption Hacking Accountability 98