Security Affairs

DECEMBER 1, 2022

Redigo is a new Go-based malware employed in attacks against Redis servers affected by the CVE-2022-0543 vulnerability. Researchers from security firm AquaSec discovered a new Go-based malware that is used in a campaign targeting Redis servers. In March 2022, the U.S. ” reads the analysis published by AquaSec.

Malware 139

Malware DDOS Architecture Cryptocurrency 139

Security Affairs

NOVEMBER 22, 2022

Researchers warn of threat actors employing a new Go-based malware dubbed Aurora Stealer in attacks in the wild. Aurora Stealer is an info-stealing malware that was first advertised on Russian-speaking underground forums in April 2022. Aurora was offered as Malware-as-a-Service (MaaS) by a threat actor known as Cheshire.

Cybercrime 89

Cybercrime Malware Cryptocurrency Advertising 89

Security Affairs

DECEMBER 12, 2022

Researchers spotted a cryptocurrency mining campaign targeting Linux users with Go-based CHAOS malware (Trojan.Linux.CHAOSRAT). In November 2022, Trend Micro researchers discovered a cryptocurrency mining campaign targeting Linux users with Go-based CHAOS malware (Trojan.Linux.CHAOSRAT). Download files. Open a URL.

Malware 98

Malware Cryptocurrency Hacking Software 98

Security Affairs

APRIL 4, 2023

Threat actors behind the 3CX supply chain attack have targeted a limited number of cryptocurrency companies with a second-state implant. The products from multiple cybersecurity vendors started detecting the popular software as malware suggesting that the company has suffered a supply chain attack. The wirexpro[.]com

Cryptocurrency 75

Cryptocurrency Malware Software Manufacturing 75

Security Affairs

DECEMBER 22, 2022

billion worth of cryptocurrency and other virtual assets in the past five years. billion) in cryptocurrency and other virtual assets in the past five years. The Government of Pyongyang focuses on crypto hacking to fund its military program following harsh U.N. million in cryptocurrency through this program.

Cryptocurrency 122

Cryptocurrency Cybercrime Media Government 122

Krebs on Security

SEPTEMBER 5, 2023

In November 2022, the password manager service LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. Taylor Monahan is founder and CEO of MetaMask , a popular software cryptocurrency wallet used to interact with the Ethereum blockchain.

Cryptocurrency 351

Cryptocurrency Passwords Encryption Accountability 351

Security Affairs

AUGUST 30, 2022

Researchers spotted three campaigns delivering multiple malware, including ModernLoader, RedLine Stealer, and cryptocurrency miners. The attackers also compromised vulnerable web applications to change their configuration to use malicious PHP scripts to deliver malware to their users. SecurityAffairs – hacking, malware).

Malware 124

Malware Cryptocurrency Hacking Technology 124

Security Affairs

APRIL 28, 2024

Hackers may have accessed thousands of accounts on the California state welfare platform Brokewell Android malware supports an extensive set of Device Takeover capabilities Experts warn of an ongoing malware campaign targeting WP-Automatic plugin Cryptocurrencies and cybercrime: A critical intermingling Kaiser Permanente data breach may have impacted (..)

Cybercrime 90

Cybercrime Spyware Data breaches Antivirus 90

SecureList

JANUARY 17, 2024

To be more specific, in 2023, the volume of malware log files containing compromised user data and posted for free on the dark web surged by almost 30% compared to 2022. Notable among these was BunnyLoader , inexpensive and feature-rich malware capable of stealing sensitive data and cryptocurrency.

Marketing 111

Marketing Cryptocurrency Malware Ransomware 111

SecureList

MAY 27, 2022

IT threat evolution in Q1 2022. IT threat evolution in Q1 2022. IT threat evolution in Q1 2022. Our analysis of the rogue firmware, and other malicious artefacts from the target’s network, revealed that the threat actor behind it had tampered with the firmware to embed malware that we call MoonBounce.

Phishing 110

Phishing Spyware Firmware Malware 110

Security Affairs

SEPTEMBER 14, 2023

Researchers discovered a free download manager site that has been compromised to serve Linux malware to users for more than three years. Researchers from Kaspersky discovered a free download manager site that has been compromised to serve Linux malware. org domain and they were not containing any malware. org subdomain.

Malware 111

Malware Software Cryptocurrency Passwords 111

Security Affairs

MARCH 10, 2023

A new version of the Xenomorph Android malware includes a new automated transfer system framework and targets 400 banks. The author of the Xenomorph Android malware, the Hadoken Security Group, continues to improve their malicious code. Experts warn that a new variant recently discovered, tracked as Xenomorph.C,

Banking 98

Banking Malware Cryptocurrency Engineering 98

SecureList

NOVEMBER 18, 2022

IT threat evolution in Q3 2022. IT threat evolution in Q3 2022. IT threat evolution in Q3 2022. Rootkits are malware implants that are installed deep in the operating system. Nevertheless, in our APT predictions for 2022 , we noted that more attackers would reach the sophistication level required to develop such tools.

Malware 105

Malware Computers and Electronics Adware Cryptocurrency 105

SecureList

JULY 28, 2022

This is our latest installment, focusing on activities that we observed during Q2 2022. On January 24, a hash for sophisticated Solaris SPARC malware was posted on Twitter. Pangolin is private malware we discovered in 2021, exclusively used by ZexCone, the threat actor behind ExCone and DexCone. The most remarkable findings.

Malware 136

Malware Firmware Phishing Cryptocurrency 136

Security Affairs

MAY 30, 2024

Since 2011, Wang and his co-conspirators had been distributing malware through malicious VPN applications, including MaskVPN, DewVPN, PaladinVPN, ProxyGate, ShieldVPN, and ShineVPN. The compromised devices were recruited in the 911 S5 residential proxy service. ” reads the press release published by DoJ. based online service providers.

VPN 83

VPN Cryptocurrency Malware Software 83

Security Affairs

SEPTEMBER 26, 2023

A new campaign is spreading Xenomorph malware to Android users in the United States, Spain, Portugal, Italy, Canada, and Belgium. Researchers from ThreatFabric uncovered a new campaign spreading Xenomorph malware to Android users in the United States and all over the world. that was significantly improved. ” concludes the report.

Malware 105

Malware Banking Phishing Engineering 105

Security Affairs

SEPTEMBER 28, 2022

North Korea-linked Lazarus APT group is targeting macOS Users searching for jobs in the cryptocurrency industry. North Korea-linked Lazarus APT group continues to target macOS with a malware campaign using job opportunities as a lure. The malicious code was uploaded to VirusTotal from Brazil on August 11, 2022.

Malware 87

Malware Cryptocurrency Architecture Advertising 87

SecureList

NOVEMBER 23, 2021

Finally, we will make some forecasts about financial attacks in 2022. We should expect more fraud, targeting mostly BTC , because this cryptocurrency is the most popular. First of all, we are going to analyze the forecasts we made at the end of 2020 and see how accurate they were. Analysis of forecasts for 2021.

Cryptocurrency 112

Cryptocurrency Banking Cybercrime Ransomware 112

Security Affairs

FEBRUARY 14, 2023

The threat actors behind a massive AdSense fraud campaign infected 10,890 WordPress sites since September 2022. In November 2022, researchers from security firm Sucuri reported to have tracked a surge in WordPress malware redirecting website visitors to fake Q&A sites via ois[.]is. ” concludes the report.

Malware 73

Malware DDOS Cryptocurrency Hacking 73

SecureList

FEBRUARY 16, 2023

Fake donation sites started popping up after the Ukraine crisis broke out in 2022, pretending to accept money as aid to Ukraine. These sites referenced public figures and humanitarian groups, offering to accept cash in cryptocurrency, something that should have raised a red flag in itself.

Phishing 96

Phishing Scams Accountability Energy and Utilities 96

Security Affairs

FEBRUARY 14, 2023

Threat actors published more than 451 unique malware-laced Python packages on the official Python Package Index (PyPI) repository. Phylum researchers spotted more than 451 unique Python packages on the official Python Package Index (PyPI) repository in an attempt to deliver clipper malware on the developer systems.

Malware 68

Malware Cryptocurrency Hacking Software 68

Security Affairs

DECEMBER 8, 2022

While investigating a new malware campaign targeting Android and Windows systems, researchers at Threat Fabric discovered a darknet service, dubbed Zombinder, used to embed malicious payloads in legitimate Android apps. Clicking on the “Download for Android” button leads to downloading the Ermac malware. Keylogging. Stealing 2FA codes.

Malware 94

Malware Banking Cryptocurrency Advertising 94

Malwarebytes

MAY 16, 2022

2021 saw a massive surge in detections of malware, adware, and Potentially Unwanted Programs (PUPs). Detections of malware on Windows business machines were 143% higher in 2021 than in 2020, and 65% higher on consumer machines. Windows malware detection totals 2019-2021. Mac malware, adware and PUP detection totals 2019-2021.

Malware 87

Malware Adware Cryptocurrency Cybercrime 87

Security Affairs

MAY 1, 2023

The previously undetected LOBSHOT malware is distributed using Google ads and gives operators VNC access to Windows devices. Threat actors are using an elaborate scheme of fake websites through Google Ads to spread their malware, the backdoors are embedded in installers for apparently legitimate applications, such as AnyDesk.

Malware 83

Malware Cybercrime Banking Software 83

Security Affairs

OCTOBER 6, 2022

Researchers linked the threat actor behind the Eternity malware-as-a-service (MaaS) to a new malware strain called LilithBot. Zscaler researchers linked a recently discovered sample of a new malware called LilithBot to the Eternity group (aka EternityTeam; Eternity Project). ” reads the report published by Zscaler.

Malware 87

Malware DDOS Ransomware Cryptocurrency 87

eSecurity Planet

JANUARY 26, 2023

Security researchers are warning that Google Ads are being actively leveraged to distribute malware to unsuspecting victims searching for software downloads. On January 20, CronUp researcher Germán Fernández warned that the DEV-0569 ransomware group is using Google Ads to distribute Gozi/Ursnif malware, RedLine stealer, and Royal ransomware.

Malware 120

Malware Ransomware Software Cryptocurrency 120

SecureList

NOVEMBER 18, 2022

IT threat evolution in Q3 2022. IT threat evolution in Q3 2022. IT threat evolution in Q3 2022. According to Kaspersky Security Network, in Q3 2022: Kaspersky solutions blocked 956,074,958 attacks from online resources across the globe. Number of users attacked by banking malware. TOP 10 banking malware families.

Mobile 90

Mobile Malware Ransomware IoT 90

eSecurity Planet

JANUARY 6, 2022

About the only consensus on cybersecurity in 2022 is that things will get uglier, but in what ways? Here are some of the more interesting predictions for 2022 we’ve seen from cybersecurity researchers. Here are some of the more interesting predictions for 2022 we’ve seen from cybersecurity researchers.

Ransomware 135

Ransomware Cybersecurity Artificial Intelligence CISO 135

Security Affairs

FEBRUARY 19, 2024

The Raccoon stealer was first spotted in April 2019, it was designed to steal victims’ credit card data, email credentials, cryptocurrency wallets, and other sensitive data. The Raccoon stealer is written in C++ by Russian-speaking developers who initially promoted it exclusively on Russian-speaking hacking forums. in the stolen data.

Identity Theft 87

Identity Theft Cryptocurrency Cybercrime Hacking 87

Security Affairs

JUNE 15, 2022

PrivacyAffairs released the Dark Web Index 2022, the document provides the prices for illegal services/products available in the black marketplaces. The document updates the information provided in the Dark Web Index 2022 report. The document updates the information provided in the Dark Web Index 2022 report. 50 in 2021).

Identity Theft 90

Identity Theft Accountability DDOS Cybercrime 90

Security Affairs

AUGUST 15, 2022

Security researchers from Cleafy reported that the SOVA Android banking malware is back and is rapidly evolving. The malware has been active since 2021 and evolves over time. targets over 200 banking and cryptocurrency exchange apps. targets over 200 banking and cryptocurrency exchange apps. Pierluigi Paganini.

Encryption 97

Encryption Malware Banking Ransomware 97

Security Affairs

AUGUST 21, 2022

A new Grandoreiro banking malware campaign is targeting organizations in Mexico and Spain, Zscaler reported. Zscaler ThreatLabz researchers observed a Grandoreiro banking malware campaign targeting organizations in the Spanish-speaking nations of Mexico and Spain. SecurityAffairs – hacking, Log4Shell). Pierluigi Paganini.

Banking 85

Banking Malware Antivirus Phishing 85

eSecurity Planet

NOVEMBER 2, 2022

If you’ve used a computer for more than 5 minutes, you probably know a thing or two about computer viruses and malware. On the modern Internet, malware is a near-constant presence. Though often conflated with one another, malware and computer viruses aren’t necessarily the same thing. Looking to Protect Yourself Against Malware?

Malware 140

Malware Ransomware Antivirus Internet 140

Security Affairs

JULY 21, 2022

A threat actor tracked as TA4563 is using EvilNum malware to target European financial and investment entities. A threat actor, tracked as TA4563, leverages the EvilNum malware to target European financial and investment entities, Proofpoint reported. “EvilNum malware and the TA4563 group poses a risk to financial organizations.

Malware 74

Malware Cryptocurrency Hacking Risk 74

Malwarebytes

APRIL 16, 2023

A campaign running since November 2022 is using hacked sites to push fake web browser updates to potential victims. Monero miners are trojans which hog your computer's CPU to mine for cryptocurrency. Monero miners can be seen doing the rounds in everything from Linux malware to Windows botnets.

Malware 98

Malware Cryptocurrency Hacking Ransomware 98

SecureList

MAY 27, 2022

IT threat evolution in Q1 2022. IT threat evolution in Q1 2022. IT threat evolution in Q1 2022. According to Kaspersky Security Network, in Q1 2022: Kaspersky solutions blocked 1,216,350,437 attacks from online resources across the globe. Number of unique users attacked by financial malware, Q1 2022 ( download ).

Mobile 104

Mobile Adware Ransomware Malware 104

Krebs on Security

APRIL 20, 2023

Researchers at ESET say this job offer from a phony HSBC recruiter on LinkedIn was North Korean malware masquerading as a PDF file. Mandiant found the compromised 3CX software would download malware that sought out new instructions by consulting encrypted icon files hosted on GitHub. Image: Mandiant.

Malware 290

Malware Software Technology Accountability 290