Security Affairs

DECEMBER 12, 2022

Researchers spotted a cryptocurrency mining campaign targeting Linux users with Go-based CHAOS malware (Trojan.Linux.CHAOSRAT). In November 2022, Trend Micro researchers discovered a cryptocurrency mining campaign targeting Linux users with Go-based CHAOS malware (Trojan.Linux.CHAOSRAT). Download files. Open a URL.

Malware 98

Malware Cryptocurrency Hacking Software 98

Security Affairs

DECEMBER 22, 2022

billion worth of cryptocurrency and other virtual assets in the past five years. billion) in cryptocurrency and other virtual assets in the past five years. Cyber security and intelligence experts believe that attacks aimed at the cryptocurrency industry will continue to increase next year. trillion won ($1.2 380 billion.

Cryptocurrency 122

Cryptocurrency Cybercrime Media Government 122

Security Affairs

AUGUST 30, 2022

Researchers spotted three campaigns delivering multiple malware, including ModernLoader, RedLine Stealer, and cryptocurrency miners. The attackers also compromised vulnerable web applications to change their configuration to use malicious PHP scripts to deliver malware to their users. SecurityAffairs – hacking, malware).

Malware 124

Malware Cryptocurrency Hacking Technology 124

Security Affairs

SEPTEMBER 14, 2023

Researchers discovered a free download manager site that has been compromised to serve Linux malware to users for more than three years. Researchers from Kaspersky discovered a free download manager site that has been compromised to serve Linux malware. org domain and they were not containing any malware. org subdomain.

Malware 111

Malware Software Cryptocurrency Passwords 111

Security Affairs

SEPTEMBER 26, 2023

A new campaign is spreading Xenomorph malware to Android users in the United States, Spain, Portugal, Italy, Canada, and Belgium. Researchers from ThreatFabric uncovered a new campaign spreading Xenomorph malware to Android users in the United States and all over the world. that was significantly improved. ” concludes the report.

Malware 105

Malware Banking Phishing Engineering 105

Security Affairs

MAY 30, 2024

Since 2011, Wang and his co-conspirators had been distributing malware through malicious VPN applications, including MaskVPN, DewVPN, PaladinVPN, ProxyGate, ShieldVPN, and ShineVPN. The compromised devices were recruited in the 911 S5 residential proxy service. ” reads the press release published by DoJ. based online service providers.

VPN 83

VPN Cryptocurrency Malware Software 83

Security Affairs

SEPTEMBER 28, 2022

North Korea-linked Lazarus APT group is targeting macOS Users searching for jobs in the cryptocurrency industry. North Korea-linked Lazarus APT group continues to target macOS with a malware campaign using job opportunities as a lure. The malicious code was uploaded to VirusTotal from Brazil on August 11, 2022.

Malware 87

Malware Cryptocurrency Architecture Advertising 87

Security Affairs

FEBRUARY 14, 2023

Threat actors published more than 451 unique malware-laced Python packages on the official Python Package Index (PyPI) repository. Phylum researchers spotted more than 451 unique Python packages on the official Python Package Index (PyPI) repository in an attempt to deliver clipper malware on the developer systems.

Malware 68

Malware Cryptocurrency Hacking Software 68

Security Affairs

DECEMBER 8, 2022

While investigating a new malware campaign targeting Android and Windows systems, researchers at Threat Fabric discovered a darknet service, dubbed Zombinder, used to embed malicious payloads in legitimate Android apps. Clicking on the “Download for Android” button leads to downloading the Ermac malware. Keylogging. Stealing 2FA codes.

Malware 94

Malware Banking Cryptocurrency Advertising 94

Security Affairs

OCTOBER 6, 2022

Researchers linked the threat actor behind the Eternity malware-as-a-service (MaaS) to a new malware strain called LilithBot. Zscaler researchers linked a recently discovered sample of a new malware called LilithBot to the Eternity group (aka EternityTeam; Eternity Project). ” reads the report published by Zscaler.

Malware 87

Malware DDOS Ransomware Cryptocurrency 87

Security Affairs

FEBRUARY 14, 2023

The threat actors behind a massive AdSense fraud campaign infected 10,890 WordPress sites since September 2022. In November 2022, researchers from security firm Sucuri reported to have tracked a surge in WordPress malware redirecting website visitors to fake Q&A sites via ois[.]is. ” concludes the report.

Malware 73

Malware DDOS Cryptocurrency Hacking 73

Security Affairs

MAY 1, 2023

The previously undetected LOBSHOT malware is distributed using Google ads and gives operators VNC access to Windows devices. Researchers from Elastic Security Labs spotted a new remote access trojan dubbed LOBSHOT was being distributed through Google Ads. ” reads the report published by Elastic Security Labs.

Malware 83

Malware Cybercrime Banking Software 83

Security Affairs

APRIL 28, 2024

Hackers may have accessed thousands of accounts on the California state welfare platform Brokewell Android malware supports an extensive set of Device Takeover capabilities Experts warn of an ongoing malware campaign targeting WP-Automatic plugin Cryptocurrencies and cybercrime: A critical intermingling Kaiser Permanente data breach may have impacted (..)

Cybercrime 90

Cybercrime Spyware Data breaches Antivirus 90

Krebs on Security

APRIL 20, 2023

Researchers at ESET say this job offer from a phony HSBC recruiter on LinkedIn was North Korean malware masquerading as a PDF file. Mandiant found the compromised 3CX software would download malware that sought out new instructions by consulting encrypted icon files hosted on GitHub. Image: Mandiant.

Malware 290

Malware Software Technology Accountability 290

Security Affairs

AUGUST 15, 2022

Security researchers from Cleafy reported that the SOVA Android banking malware is back and is rapidly evolving. The malware has been active since 2021 and evolves over time. targets over 200 banking and cryptocurrency exchange apps. targets over 200 banking and cryptocurrency exchange apps. Pierluigi Paganini.

Encryption 97

Encryption Malware Banking Ransomware 97

Security Affairs

AUGUST 21, 2022

A new Grandoreiro banking malware campaign is targeting organizations in Mexico and Spain, Zscaler reported. Zscaler ThreatLabz researchers observed a Grandoreiro banking malware campaign targeting organizations in the Spanish-speaking nations of Mexico and Spain. ” reads the post published by Zscaler. Pierluigi Paganini.

Banking 85

Banking Malware Antivirus Phishing 85

Security Affairs

JULY 21, 2022

A threat actor tracked as TA4563 is using EvilNum malware to target European financial and investment entities. A threat actor, tracked as TA4563, leverages the EvilNum malware to target European financial and investment entities, Proofpoint reported. “EvilNum malware and the TA4563 group poses a risk to financial organizations.

Malware 74

Malware Cryptocurrency Hacking Risk 74

Security Affairs

JUNE 15, 2022

PrivacyAffairs released the Dark Web Index 2022, the document provides the prices for illegal services/products available in the black marketplaces. The document updates the information provided in the Dark Web Index 2022 report. The document updates the information provided in the Dark Web Index 2022 report.

Identity Theft 90

Identity Theft Accountability DDOS Cybercrime 90

Security Affairs

JULY 3, 2023

Researchers spotted a new version of the RustBucket Apple macOS malware that supports enhanced capabilities. Researchers from the Elastic Security Labs have spotted a new variant of the RustBucket Apple macOS malware. The RustBucket malware allows operators to download and execute various payloads.

Malware 73

Malware Architecture Cryptocurrency Hacking 73

Security Affairs

SEPTEMBER 27, 2022

Threat actors behind the new ‘Erbium’ information-stealing malware are distributing it as fake cracks and cheats for popular video games to steal victims’ credentials and cryptocurrency wallets. The Malware-as-a-Service (MaaS) was advertised on a Dark Web forum by a Russian-speaking threat actor.

Malware 77

Malware Password Management Authentication Passwords 77

Security Affairs

FEBRUARY 19, 2024

The Raccoon stealer was first spotted in April 2019, it was designed to steal victims’ credit card data, email credentials, cryptocurrency wallets, and other sensitive data. The malware is now promoted on English-speaking hacking forums, it works on both 32-bit and 64-bit operating systems. in the stolen data.

Identity Theft 87

Identity Theft Cryptocurrency Cybercrime Hacking 87

Security Affairs

JUNE 10, 2022

Threat actors are exploiting the recently disclosed CVE-2022-26134 RCE in Atlassian Confluence servers to deploy cryptocurrency miners. CheckPoint researchers have observed threat actors exploiting the recently disclosed CVE-2022-26134 remote code execution vulnerability in Atlassian Confluence servers to deploy cryptocurrency miners.

Cryptocurrency 112

Cryptocurrency Malware Hacking Cybersecurity 112

Security Affairs

AUGUST 1, 2023

Researchers spotted a Python variant of the NodeStealer that was designed to take over Facebook business accounts and cryptocurrency wallets. The malicious code was designed to take over Facebook business accounts and steal funds from cryptocurrency wallets. environment. The author used Node.js

Accountability 83

Accountability Cryptocurrency Malware Phishing 83

Security Affairs

JUNE 18, 2022

Malibot is a new Android malware targeting online banking and cryptocurrency wallet customers in Spain and Italy. F5 Labs researchers spotted a new strain of Android malware, named Malibot, that is targeting online banking and cryptocurrency wallet customers in Spain and Italy. ” concludes the report.

Banking 110

Banking Cryptocurrency Malware Mobile 110

Security Affairs

JUNE 3, 2022

The bot focuses on cryptocurrency mining and cryptocurrency theft via clipboard hijacking. “The malware includes a total of 4,375 unique addresses of wallets controlled by the attacker. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS.

Cryptocurrency 135

Cryptocurrency Malware Hacking Software 135

Security Affairs

MAY 3, 2024

This second botnet exhibits greater discretion and improved operational security, as the associated malware operates exclusively in memory, leaving no malicious files on the disk. The analysis of memory dumps and command-and-control connections revealed that the botnet is running a variant of the Ngioweb malware.

Phishing 91

Phishing Cryptocurrency Internet Internet 91

Security Affairs

MAY 18, 2022

Microsoft researchers warn of the rising threat of cryware targeting non-custodial cryptocurrency wallets, also known as hot wallets. Microsoft warns of the rise of cryware, malicious software used to steal info an dfunds from non-custodial cryptocurrency wallets, also known as hot wallets. Ransomware. Password and info stealers.

Cryptocurrency 86

Cryptocurrency Social Engineering Malware Cybercrime 86

Security Affairs

JULY 15, 2022

Dragos researchers uncovered a small-scale campaign targeting industrial engineers and operators with Sality malware. During a routine vulnerability assessment, Dragos researchers discovered a campaign targeting industrial engineers and operators with Sality malware. “Dragos only tested the DirectLogic-targeting malware.

Passwords 106

Passwords Software Firmware Malware 106

Security Affairs

DECEMBER 11, 2022

Samsung S22 hacked Sophos fixed a critical flaw in its Sophos Firewall version 19.5 Samsung S22 hacked Sophos fixed a critical flaw in its Sophos Firewall version 19.5

Firewall 87

Firewall Banking Hacking DDOS 87

Security Affairs

OCTOBER 22, 2022

Threat actors are exploiting a now-patched vulnerability, tracked as CVE-2022-22954, in VMware Workspace ONE Access in attacks in the wild. Threat actors are actively exploiting a now-patched vulnerability, tracked as CVE-2022-22954, in VMware Workspace ONE Access to deliver cryptocurrency miners and ransomware.

Ransomware 69

Ransomware Cryptocurrency Malware Hacking 69

Security Affairs

APRIL 28, 2023

Google announced that a federal judge in the Southern District of New York unsealed its civil action against the operators of the information stealer Cryptbot. to disrupt the operations of the CryptBot malware, which experts estimate infected approximately 670,000 computers this past year. ” concludes the announcemebt.

Malware 88

Malware Cybercrime Cryptocurrency Media 88

Security Affairs

AUGUST 6, 2023

Reptile Rootkit employed in attacks against Linux systems in South Korea New PaperCut flaw in print management software exposes servers to RCE attacks A cyberattack impacted operations of multiple hospitals in several US states Married couple pleaded guilty to laundering billions in cryptocurrency stolen from Bitfinex in 2016 Malicious packages in (..)

Malware 72

Malware Cybercrime Cryptocurrency Social Engineering 72

Security Affairs

MAY 27, 2022

According to the experts, ERMAC is operated by threat actors behind the BlackRock mobile malware. The malware is available for rent on underground forums for $5000 per month since March 2022. Available for rent on underground forums for $5K/month since March 2022, ERMAC 2.0 A new #Android banker ERMAC 2.0 “ERMAC 2.0

Banking 140

Banking Malware Cybercrime Phishing 140

Security Affairs

FEBRUARY 26, 2023

Clasiopa group targets materials research in Asia CERT of Ukraine says Russia-linked APT backdoored multiple govt sites UK won the Military Cyberwarfare exercise Defence Cyber Marvel 2 (DCM2) CISA warns of disruptive attacks amid the anniversary of Russia’s invasion of Ukraine Highly evasive cryptocurrency miner targets macOS Hackers are actively exploiting (..)

Social Engineering 76

Social Engineering Cryptocurrency Insurance Malware 76

Security Affairs

APRIL 29, 2023

A new variant of the information-stealing malware ViperSoftX implements sophisticated techniques to avoid detection. Trend Micro researchers observed a new ViperSoftX malware campaign that unlike previous attacks relies on DLL sideloading for its arrival and execution technique. c2 arrowlchat[.]com ” continues the report.

Encryption 82

Encryption Malware Cryptocurrency Software 82

Security Affairs

JULY 23, 2022

“The Justice Department today announced a complaint filed in the District of Kansas to forfeit cryptocurrency paid as ransom to North Korean hackers or otherwise used to launder such ransom payments. In May 2022, the FBI filed a sealed seizure warrant for the funds worth approximately half a million dollars.”

Ransomware 122

Ransomware Healthcare Cryptocurrency Encryption 122

Security Affairs

JANUARY 25, 2023

According to Proofpoint the group is targeting cryptocurrencies since at least 2017. Federal Bureau of Investigation (FBI) this week confirmed that in June 2022 the North Korea-linked Lazarus APT group and APT38 stole $100 million worth of cryptocurrency assets from the Blockchain company Harmony Horizon Bridge.

Cryptocurrency 70

Cryptocurrency Phishing Healthcare Malware 70