Security Affairs

DECEMBER 27, 2024

North Korea-linked threat actors were spotted using new malware called OtterCookie as part of the Contagious Interview campaign that targets software developer community with fake job offers. Since November 2024, threat actors employed the malware OtterCookie, alongside BeaverTail and InvisibleFerret, in the campaign.

Malware 89

Malware Cryptocurrency Software Hacking 89

Security Affairs

JUNE 6, 2025

offers up to $10M for info on state hackers linked to RedLine malware and its creator, Maxim Rudometov, tied to attacks on U.S. “Maxim Alexandrovich Rudometov (Максим Александрович Рудомётов), born in 1999 in the Luhansk region of Ukraine, developed and has sold “information stealer” malware known as RedLine.”

Malware 87

Malware Passwords Identity Theft Accountability 87

Security Affairs

SEPTEMBER 22, 2022

Trend Micro researchers warn of an ongoing crypto mining campaign targeting Atlassian Confluence servers affected by the CVE-2022-26134 vulnerability. “We observed the active exploitation of CVE-2022-26134 , an unauthenticated remote code execution (RCE) vulnerability with a critical rating of 9.8 ” concludes the report.

Cryptocurrency 138

Cryptocurrency Firewall Malware Hacking 138

Security Affairs

MAY 24, 2025

Qakbot , also known as QBot, QuackBot and Pinkslipbot, is an info-stealing malware that has been active since 2008. The malware spreads via malspam campaigns, it inserts replies in active email threads. The DOJ has now filed to forfeit over $24 million in seized cryptocurrency. ” reads the press release published by DoJ.

Cybercrime 122

Cybercrime Cryptocurrency Ransomware Malware 122

Trend Micro

SEPTEMBER 21, 2022

Users are advised to patch immediately: We found exploit samples abusing the Atlassian Confluence vulnerability (CVE-2022-26134) in the wild for malicious cryptocurrency mining.

Cryptocurrency 110

Cryptocurrency Malware Cyber threats Mobile 110

Security Boulevard

MAY 11, 2022

With more people looking to cash in on hype surrounding the cryptocurrency market than ever before and an increasing digital workforce which may lack awareness of network security set-ups, cybercriminal activity remains rampant. The post Which phishing scams are trending in 2022? appeared first on Security Boulevard.

Scams 145

Scams Phishing Cryptocurrency Marketing 145

Security Affairs

DECEMBER 22, 2024

Panev and other developers were tasked to create and maintain the malware and infrastructure, while affiliates executed attacks and extorted ransoms, splitting the proceeds. Panev received over $230,000 in laundered cryptocurrency from Khoroshev between 2022 and 2024. ” reads the press release published by DoJ.

Ransomware 120

Ransomware Small Business Antivirus Malware 120

Krebs on Security

SEPTEMBER 5, 2023

In November 2022, the password manager service LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. Taylor Monahan is founder and CEO of MetaMask , a popular software cryptocurrency wallet used to interact with the Ethereum blockchain.

Cryptocurrency 361

Cryptocurrency Passwords Encryption Accountability 361

Trend Micro

MARCH 28, 2023

We discovered a new malware, which we named “OpcJacker” (due to its opcode configuration design and its cryptocurrency hijacking ability), that has been distributed in the wild since the second half of 2022.

Malware 145

Malware VPN Cryptocurrency 145

Security Affairs

DECEMBER 4, 2022

The North Korea-linked Lazarus APT spreads fake cryptocurrency apps under the fake brand BloxHolder to install the AppleJeus malware. Volexity researchers warn of a new malware campaign conducted by the North Korea-linked Lazarus APT against cryptocurrency users. ” reads the report published by Volexity.

Cryptocurrency 100

Cryptocurrency Malware Hacking Information Security 100

SecureList

NOVEMBER 10, 2022

Cryptocurrency prices were dropping from the end of 2021 and throughout the first half of 2022. Apart from cryptocurrency theft they extort digital money or illicitly mine it using victim’s devices instead of their own. Cybercriminals pay neither for equipment, nor for electricity, which is rather expensive in 2022.

Cryptocurrency 135

Cryptocurrency Malware Software Ransomware 135

Graham Cluley

JUNE 12, 2025

ⓘ Malware attack disguises itself as DeepSeek installer Graham Cluley @ 10:47 am, June 12, 2025 @grahamcluley.com @ [email protected] Cybercriminals are exploiting the growing interest in open source AI models by disguising malware as a legitimate installer for DeepSeek. How are the bad guys spreading the malware?

Malware 62

Malware Cryptocurrency Accountability Advertising 62

The Hacker News

DECEMBER 12, 2022

A cryptocurrency mining attack targeting the Linux operating system also involved the use of an open source remote access trojan (RAT) dubbed CHAOS.

Cryptocurrency 98

Cryptocurrency Malware Software 98

Krebs on Security

AUGUST 29, 2023

government today announced a coordinated crackdown against QakBot , a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. Qakbot/Qbot was once again the top malware loader observed in the wild in the first six months of 2023. Emerging in 2007 as a banking trojan, QakBot (a.k.a.

Hacking 315

Hacking Malware Ransomware Government 315

eSecurity Planet

DECEMBER 21, 2021

There are few guarantees in the IT industry, but one certainty is that as the world steps into 2022, ransomware will continue to be a primary cyberthreat. Cryptocurrency Fuels Ransomware. One constant in all this will be cryptocurrency, the coin of the realm when it comes to ransomware. It is because of the cash cow.

Cryptocurrency 140

Cryptocurrency Ransomware Cybercrime Social Engineering 140

SecureList

DECEMBER 16, 2024

Review of last year’s predictions The number of services providing AV evasion for malware (cryptors) will increase We continuously monitor underground markets for the emergence of new “cryptors,” which are tools specifically designed to obfuscate the code within malware samples.

Marketing 105

Marketing Data breaches Cryptocurrency Malware 105

SecureList

SEPTEMBER 8, 2022

H1 2022 in numbers. In H1 2022, malicious objects were blocked at least once on 31.8% Percentage of ICS computers on which malicious objects were blocked, January – June 2020, 2021, and 2022. 15 countries and territories with the highest percentage of ICS computers on which malicious objects were blocked, H1 2022.

Spyware 126

Spyware Cryptocurrency Phishing Ransomware 126

Security Boulevard

MARCH 16, 2023

Ben is disappointed: FBI reports huge rise in cryptocurrency investment scams. The post Scams Lost US $10 BILLION in 2022 — Crypto Fraud Grows Fast appeared first on Security Boulevard. Why am I not surprised?

Scams 140

Scams Cryptocurrency Social Engineering Internet 140

Security Affairs

DECEMBER 1, 2022

Redigo is a new Go-based malware employed in attacks against Redis servers affected by the CVE-2022-0543 vulnerability. Researchers from security firm AquaSec discovered a new Go-based malware that is used in a campaign targeting Redis servers. In March 2022, the U.S. ” reads the analysis published by AquaSec.

Malware 145

Malware DDOS Architecture Cryptocurrency 145

The Hacker News

MARCH 29, 2023

Trojanized installers for the TOR anonymity browser are being used to target users in Russia and Eastern Europe with clipper malware designed to siphon cryptocurrencies since September 2022. Clipboard injectors [.]

Malware 134

Malware Cryptocurrency 134

SecureList

AUGUST 15, 2022

IT threat evolution in Q2 2022. IT threat evolution in Q2 2022. IT threat evolution in Q2 2022. According to Kaspersky Security Network, in Q2 2022: 5,520,908 mobile malware, adware and riskware attacks were blocked. Number of attacks targeting users of Kaspersky mobile solutions, Q1 2020 — Q2 2022 ( download ).

Mobile 141

Mobile Adware Banking Malware 141

Malwarebytes

DECEMBER 5, 2022

In January of 2022 the Malwarebytes Intelligence Team uncovered a campaign where Lazarus conducted spear phishing attacks weaponized with malicious documents that used a familiar job opportunities theme. One of the group's preferred tactics is to use trojanized cryptocurrency related apps, like AppleJeus. Lazarus Group. Second wave.

Cryptocurrency 94

Cryptocurrency Malware Scams Cybercrime 94

Krebs on Security

APRIL 20, 2023

Researchers at ESET say this job offer from a phony HSBC recruiter on LinkedIn was North Korean malware masquerading as a PDF file. Mandiant found the compromised 3CX software would download malware that sought out new instructions by consulting encrypted icon files hosted on GitHub. Image: Mandiant.

Malware 331

Malware Software Technology Accountability 331

Krebs on Security

DECEMBER 29, 2022

Thanks to your readership and support, I was able to spend more time in 2022 on some deep, meaty investigative stories — the really satisfying kind with the potential to affect positive change. Some of that work is highlighted in the 2022 Year in Review review below. agencies].

Cryptocurrency 309

Cryptocurrency Cybercrime Computers and Electronics Scams 309

Krebs on Security

FEBRUARY 26, 2023

Web hosting giant GoDaddy made headlines this month when it disclosed that a multi-year breach allowed intruders to steal company source code, siphon customer and employee login credentials, and foist malware on customer websites. GoDaddy’s latest SEC filing indicates the company had nearly 7,000 employees as of December 2022.

Hacking 332

Hacking Social Engineering Phishing Scams 332

CyberSecurity Insiders

MAY 1, 2022

A Texas school district has hit Google headlines as one of its employees was caught mining cryptocurrency without permission of the school management or the government officials. And a separate IT probe has been ordered to audit the entire IT infrastructure of the school district to find any malware or botnet operations.

Cryptocurrency 123

Cryptocurrency Firewall Government Education 123

Security Affairs

OCTOBER 30, 2023

A sophisticated malware tracked as StripedFly remained undetected for five years and infected approximately one million devices. Researchers from Kaspersky discovered a sophisticated malware, dubbed StripedFly, that remained under the radar for five years masquerading as a cryptocurrency miner.

Malware 139

Malware Cryptocurrency Ransomware Hacking 139

Security Affairs

DECEMBER 22, 2022

billion worth of cryptocurrency and other virtual assets in the past five years. billion) in cryptocurrency and other virtual assets in the past five years. Cyber security and intelligence experts believe that attacks aimed at the cryptocurrency industry will continue to increase next year. trillion won ($1.2 billion (about 2.7

Cryptocurrency 141

Cryptocurrency Cybercrime Media Government 141

SecureList

MAY 27, 2022

IT threat evolution in Q1 2022. IT threat evolution in Q1 2022. IT threat evolution in Q1 2022. Our analysis of the rogue firmware, and other malicious artefacts from the target’s network, revealed that the threat actor behind it had tampered with the firmware to embed malware that we call MoonBounce.

Phishing 134

Phishing Spyware Firmware Malware 134

Malwarebytes

APRIL 26, 2022

Rogue Google ads caused no end of misery for cryptocurrency enthusiasts, costing them roughly $4.31 This is an astonishing slice of cryptocurrency cash to lose for the sake of clicking on something in a search engine. pic.twitter.com/aucIcnsCd7 — SlowMist (@SlowMist_Team) April 21, 2022. Bad ads are at it again.

Cryptocurrency 132

Cryptocurrency Phishing Engineering Mobile 132

Security Affairs

APRIL 3, 2025

The operation, which has been ongoing since 2022, identified 1,393 suspects, arrested 79, and seized over 3,000 devices. million users worldwide logged on to the platform between April 2022 and March 2025. Unlike other platforms, Kidflix allowed streaming and used cryptocurrency-based payments. “A total of 1.8

Cryptocurrency 100

Cryptocurrency Cybercrime Hacking Information Security 100

SecureList

JULY 28, 2022

This is our latest installment, focusing on activities that we observed during Q2 2022. On January 24, a hash for sophisticated Solaris SPARC malware was posted on Twitter. Pangolin is private malware we discovered in 2021, exclusively used by ZexCone, the threat actor behind ExCone and DexCone. The most remarkable findings.

Malware 145

Malware Firmware Phishing Cryptocurrency 145

Security Affairs

AUGUST 30, 2022

Researchers spotted three campaigns delivering multiple malware, including ModernLoader, RedLine Stealer, and cryptocurrency miners. The attackers also compromised vulnerable web applications to change their configuration to use malicious PHP scripts to deliver malware to their users. SecurityAffairs – hacking, malware).

Malware 142

Malware Cryptocurrency Hacking Technology 142

Heimadal Security

DECEMBER 13, 2022

Linux users have been targeted in a cryptocurrency mining campaign that uses CHAOS, an open-source remote access trojan (RAT). The post Linux Users Hit With CHAOS Malware in Cybersecurity Mining Campaign appeared first on Heimdal Security Blog.

Malware 119

Malware Cybersecurity Cryptocurrency 119

Security Affairs

FEBRUARY 24, 2023

Researchers warn of an evasive cryptojacking malware targeting macOS which spreads through pirated applications Jamf Threat Labs researchers reported that an evasive cryptojacking malware targeting macOS was spotted spreading under the guise of the Apple-developed video editing software, Final Cut Pro. ” concludes the report.

Cryptocurrency 98

Cryptocurrency Malware Software Passwords 98

SecureList

APRIL 23, 2025

We found that the malware was running in the memory of a legitimate SyncHost. Although the exact method by which Cross EX was exploited to deliver malware remains unclear, we believe that the attackers escalated their privileges during the exploitation process as we confirmed the process was executed with high integrity level in most cases.

Malware 143

Malware Software Encryption Internet 143

Security Affairs

JANUARY 11, 2025

Department of Justice charged three Russian citizens with operating crypto-mixing services that helped crooks launder cryptocurrency. that helped crooks launder cryptocurrency. was active from 2018 to 2022, while Sinbad.io and Sinbad.io Roman Vitalyevich Ostapenko and Alexander Evgenievich Oleynik were arrested on Dec.

Cybercrime 74

Cybercrime Cryptocurrency Hacking Ransomware 74