Security Affairs

NOVEMBER 17, 2024

that reboots locked devices Ymir ransomware, a new stealthy ransomware grow in the wild Amazon discloses employee data breach after May 2023 MOVEit attacks A new fileless variant of Remcos RAT observed in the wild A surge in Pro-Russia cyberattacks after decision to monitor North Korean Troops in Ukraine U.S.

Cryptocurrency 112

Cryptocurrency Malware Hacking Data breaches 112

Krebs on Security

APRIL 4, 2024

The disclosure revealed a profitable network of phishing sites that behave and look like the real Privnote, except that any messages containing cryptocurrency addresses will be automatically altered to include a different payment address controlled by the scammers. co showing the site did indeed swap out any cryptocurrency addresses.

Phishing 293

Phishing Cryptocurrency DDOS Internet 293

SecureList

MAY 28, 2025

The threat actors behind Zanubis continue to refine its code adding features, switching between encryption algorithms, shifting targets, and tweaking social engineering techniques to accelerate infection rates. 2023: Multi-feature upgrade In April 2023, we identified a new campaign featuring a revamped version of Zanubis.

Banking 107

Banking Malware Energy and Utilities Encryption 107

Krebs on Security

JANUARY 30, 2024

authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. stole at least $800,000 from at least five victims between August 2022 and March 2023. 9, 2024, U.S. technology companies during the summer of 2022.

Social Engineering 359

Social Engineering Mobile Cybercrime Passwords 359

SecureList

FEBRUARY 5, 2025

In March 2023, researchers at ESET discovered malware implants embedded into various messaging app mods. It encrypts data with AES-256 in CBC mode before sending and decrypts server responses with AES-128 in CBC mode. With this key, it encrypts the data, pre-compressed with ZSTD. In both cases, the keys are hard-coded constants.

Malware 142

Malware Encryption Mobile Cryptocurrency 142

Krebs on Security

DECEMBER 29, 2022

I will also continue to post on LinkedIn about new stories in 2023. You just knew 2022 was going to be The Year of Crypto Grift when two of the world’s most popular antivirus makers — Norton and Avira — kicked things off by installing cryptocurrency mining programs on customer computers.

Cryptocurrency 309

Cryptocurrency Cybercrime Computers and Electronics Scams 309

Security Affairs

MARCH 13, 2025

Notably, they target CVE-2024-1709 (ScreenConnect authentication bypass) and CVE-2023-48788 (Fortinet EMS SQL injection) to infiltrate systems. Medusa operators leverage legitimate remote access tools like AnyDesk, Atera, and Splashtop, alongside RDP and PsExec, to move laterally and locate files for exfiltration and encryption.

Ransomware 71

Ransomware Encryption Cryptocurrency Insurance 71

SecureList

DECEMBER 1, 2023

Analysis of samples exploiting CVE-2023-23397 vulnerability On March 14, Microsoft reported a critical Elevation of Privilege (EoP) vulnerability (CVE-2023-23397) in the Outlook client. This feature bypass vulnerability (CVE-2023-29324) was itself patched in May.

Malware 139

Malware Ransomware Encryption Energy and Utilities 139

CyberSecurity Insiders

DECEMBER 18, 2022

A look ahead to 2023 we can expect to see changes in MFA, continued Hactivism from non-state actors, CISOs lean in on more proactive security and crypto-jackers will get more savvy. The hijacking of computer resources to mine cryptocurrencies is one of the fastest growing types of cyber-threats globally.

Cybersecurity 125

Cybersecurity CISO Insurance Ransomware 125

eSecurity Planet

DECEMBER 7, 2023

Encryption uses mathematical algorithms to transform and encode data so that only authorized parties can access it. What Encryption Is and How It Relates to Cryptology The science of cryptography studies codes, how to create them, and how to solve them. How Does Encryption Process Data? How Does Encryption Process Data?

Encryption 113

Encryption Passwords IoT Firewall 113

eSecurity Planet

DECEMBER 7, 2023

Encryption scrambles data to make it unreadable to those without decryption keys. Proper use of encryption preserves secrecy and radically lowers the potential damage of a successful cybersecurity attack. Encryption algorithm types will provide an overview of the mathematical algorithms used to encrypt data (AES, RSA, etc.),

Encryption 109

Encryption Authentication Passwords Password Management 109

SecureList

NOVEMBER 22, 2022

A look back on the year 2022 and what to expect in 2023. This report assesses how accurately we predicted the developments in the financial threats landscape in 2022 and ponder at what to expect in 2023. Cryptocurrency targeted attacks. Analysis of forecasts for 2022. Rise and consolidation of information stealers.

Cryptocurrency 106

Cryptocurrency Mobile Ransomware Banking 106

Krebs on Security

FEBRUARY 20, 2024

Kondratyev is also charged (PDF) with three criminal counts arising from his alleged use of the Sodinokibi (aka “ REvil “) ransomware variant to encrypt data, exfiltrate victim information, and extort a ransom payment from a corporate victim based in Alameda County, California. In May 2023, U.S. Black Ransomware.

Ransomware 331

Ransomware Cybercrime Encryption Insurance 331

Security Affairs

APRIL 29, 2023

xyz pic.twitter.com/VLhISark8Y — Goldwave (@OGoldwave) March 13, 2023 The variant employed in the campaign supports a more sophisticated encryption method of byte remapping and a monthly rotation of the C2 server. #ViperSoftX is back, doesn't look like much has changed. c2 arrowlchat[.]com ” concludes the report.

Encryption 98

Encryption Malware Cryptocurrency Software 98

Anton on Security

FEBRUARY 7, 2024

This quick and easy money maker serves a clear profit motive for criminal actors, as it allows threat actors to use a victim’s cloud processing power to mine for cryptocurrency in a shorter period of time. ” [ A.C. — free free money for malefactors, why change?

Cybersecurity 246

Cybersecurity Ransomware Passwords Cryptocurrency 246

Malwarebytes

MAY 1, 2025

In 2023, famous YouTube tech personality Linus Sebastian suffered a hack of three different YouTube channels associated with his company, Linus Media Group. The hackers hijacked the channels to spread cryptocurrency scams, while deleting some of the groups old videos in the process. Prevent intrusions and stop malicious encryption.

Small Business 106

Small Business Cybersecurity Scams Passwords 106

Malwarebytes

MARCH 8, 2023

It seems like LockBit wasn’t content with having us merely crown them as one of the five most serious cyberthreats facing businesses in 2023. The US Department of Health and Human Services (HHS) even released a detailed report on Royal and ALPHV in mid-January 2023 outlining the dual threat to the US health sector.

Ransomware 98

Ransomware Healthcare Government Education 98

SecureList

APRIL 23, 2025

The South Korean National Cyber Security Center published its own security advisory in 2023 against such incidents, and also published additional joint security advisories in cooperation with the UK government. SIGNBT The SIGNBT we documented in 2023 was version 1.0, All traffic is encrypted with the generated AES key.

Malware 143

Malware Software Encryption Internet 143

Malwarebytes

DECEMBER 29, 2023

As the holidays put people closer to family and friends (and ransomware gangs closer to attacking— seriously, watch out for that ), Malwarebytes Labs is sharing some of the brighter moments of 2023 in which ransomware gangs didn’t get what they wanted. Here are four times ransomware gangs failed in 2023. Stop malicious encryption.

Ransomware 124

Ransomware Malware Backups Encryption 124

SecureWorld News

OCTOBER 31, 2022

Persistent ransomware threats, increasing risk to critical infrastructure, state-sponsored activity, more bad actors, and new, disruptive technologies are the five cyber threat narratives noted in the National Cyber Threat Assessment 2023-2024 recently released by the Canadian Centre for Cyber Security.

Cyber threats 98

Cyber threats Consumer Services Technology Cybercrime 98

SecureList

NOVEMBER 29, 2024

While the modus operandi of the threat actor is reminiscent of the CloudWizard APT that we reported on in 2023, the malware code is completely different. In June 2023, Tropic Trooper initiated a series of persistent campaigns targeting a government body in the Middle East. In 2023, there were 16 active partners.

Energy and Utilities 104

Energy and Utilities Ransomware Malware Government 104

Security Affairs

FEBRUARY 5, 2025

In March 2023, ESET found malware in modified versions of messengers using OCR to scan the victim’s gallery for images with recovery phrases to restore access to crypto wallets. ” The component communicates with C2 servers and execute commands from an encrypted GitLab file.

Malware 71

Malware Mobile Cryptocurrency Encryption 71

CyberSecurity Insiders

APRIL 12, 2023

The Australian government is set to issue a complete ban on ransomware payments after one of its major financial lenders became the target of a massive file-encrypting malware attack on March 16th this year. Technically, transactions related to digital cryptocurrencies like Bitcoin and Monero are anonymous and therefore hard to ban.

Cyber Attacks 112

Cyber Attacks Ransomware Cryptocurrency Government 112

Zero Day

JUNE 17, 2025

Also in the mix were several European banks, apps such as Tinder and Snapshot, the Binance cryptocurrency exchange, and even encrypted chat apps like Signal and WhatsApp. Since SMS lacks the proper encryption, it has never been a safe and secure way to exchange authentication codes or other private information.

Authentication 100

Authentication Password Management Small Business Passwords 100

Security Affairs

NOVEMBER 5, 2023

An arbitrage bot is a tool that allows users to profit from cryptocurrency rate differences between platforms. Elastic researchers traced this campaign to April 2023 through the RC4 key used to encrypt the SUGARLOADER and KANDYKORN C2. The attack chain aimed at infecting the target system with the KANDYKORN macOS malware.

Engineering 131

Engineering Malware Cryptocurrency Encryption 131

Krebs on Security

APRIL 20, 2023

In late March 2023, 3CX disclosed that its desktop applications for both Windows and macOS were compromised with malicious code that gave attackers the ability to download and run code on all machines where the app was installed.

Malware 331

Malware Software Technology Accountability 331

SecureList

APRIL 3, 2023

Three years ago, we were investigating an infection of a cryptocurrency company located in Southeast Asia. Over the years, we observed few victims compromised with Gopuram, but the number of infections began to increase in March 2023. regtrans-ms, an encrypted shellcode payload. regtrans-ms file.

Cryptocurrency 145

Cryptocurrency Encryption Software Malware 145

Malwarebytes

SEPTEMBER 19, 2023

In March of 2023, we reported how the German Regional Police and the Ukrainian National Police, with support from Europol, the Dutch Police, and the United States Federal Bureau of Investigations (FBI), apprehended two suspects and seized computer equipment. Cryptocurrency investigators use specialized strategies to track down criminals.

Ransomware 144

Ransomware Backups Cryptocurrency Cybercrime 144

SecureList

NOVEMBER 29, 2024

This type of cyberextortion predated Trojans, which encrypt the victim’s files. In 2020 — 2023, one of them was an active cyberextortionist who attacked organizations in several countries, causing a total of at least $1.9 Reveton was among the most notorious PC screen lockers. million in damage.

Mobile 106

Mobile Adware Ransomware Malware 106

Security Affairs

JULY 19, 2024

They would then deploy LockBit ransomware on victim computer systems and both steal and encrypt stored data. “ Between 2020 and 2023, the duo targeted organizations worldwide. . “ Between 2020 and 2023, the duo targeted organizations worldwide. ” reads the press release published by DoJ.

Ransomware 142

Ransomware Healthcare Encryption Government 142

SecureList

AUGUST 30, 2023

IT threat evolution in Q2 2023 IT threat evolution in Q2 2023. Non-mobile statistics IT threat evolution in Q2 2023. While investigating an infection of a cryptocurrency company in Southeast Asia, we found Gopuram coexisting on target computers with AppleJeus , a backdoor attributed to the Lazarus.

Malware 98

Malware Spyware Government Cryptocurrency 98

Security Affairs

DECEMBER 15, 2023

GokuMarket, a cryptocurrency exchange, was recently acquired by Canada-based crypto exchange ByteX. GokuMarket’s exposed database was discovered in October 2023 and secured the next day after researchers sent a responsible disclosure note. Meanwhile, the open instance held a trove of sensitive data on over a million users.

Passwords 134

Passwords Cryptocurrency Scams Mobile 134

Security Affairs

MAY 2, 2024

“Ransomware is malicious software designed to encrypt data on victim computers, allowing bad actors the ability to demand a ransom payment in exchange for the decryption key.” .” reads the press release published by DoJ. This included seizing 39.89138522 Bitcoin and $6.1 million in U.S.

Ransomware 128

Ransomware Cryptocurrency Cybercrime Encryption 128

Malwarebytes

JULY 14, 2023

Chainalysis, a blockchain research firm, looked at data from monitored cryptocurrency wallets, concluding that around $449 million has been taken from victims in the last six months. As an example of payout sizes, BlackBasta’s 2023 average payment size is $762,634 and its median is $147,106. Stop malicious encryption.

Ransomware 98

Ransomware Cryptocurrency Backups Scams 98

SecureWorld News

FEBRUARY 16, 2023

9, 2023, alert issued by the U.S. This advisory highlights TTPs and IOCs DPRK cyber actors used to gain access to and conduct ransomware attacks against Healthcare and Public Health (HPH) Sector organizations and other critical infrastructure sector entities, as well as DPRK cyber actors' use of cryptocurrency to demand ransoms."

Healthcare 116

Healthcare Ransomware Cryptocurrency Accountability 116

Security Affairs

JUNE 26, 2024

Researchers warn that the P2Pinfect worm is targeting Redis servers with ransomware and cryptocurrency mining payloads. Cado Security researchers warned that the P2Pinfect worm is employed in attacks against Redis servers, aimed at deploying both ransomware and cryptocurrency mining payloads. lockedfiles appended.”

Ransomware 128

Ransomware Cryptocurrency Malware Passwords 128

CyberSecurity Insiders

JANUARY 19, 2023

As the malware targeted, the core servers, orders and billing were deeply affected, resulting in temporary shut of the outlets from afternoon hours of January 18th, 2023, i.e. Wednesday. NOTE- In a ransomware incident, hackers first steal information from the targeted database and then encrypt it until a ransom is paid in Cryptocurrency.

Ransomware 111

Ransomware Cryptocurrency Cyber Attacks Malware 111