Advertising, Antivirus, Cryptocurrency and Hacking

Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack

Krebs on Security

SEPTEMBER 17, 2020

Justice Department this week indicted seven Chinese nationals for a decade-long hacking spree that targeted more than 100 high-tech and online gaming companies. One of the alleged hackers was first profiled here in 2012 as the owner of a Chinese antivirus firm. Image: FBI. Image: FBI. Tan DaiLin, a.k.a. Image: iDefense.

Antivirus

Antivirus Hacking Government Software

WeSteal, a shameless commodity cryptocurrency stealer available for sale

Security Affairs

MAY 2, 2021

The bold author of a new cryptocurrency stealer, dubbed WeSteal, is promising its customers a leading way to make money in 2021. According to Palo Alto Networks, the author of WeSteal, that goes online as “ComplexCodes,” started advertising the cryptocurrency stealer on underground forums in mid-February 2021.

Cryptocurrency

Cryptocurrency Malware Advertising System Administration

Crooks made more than $560K with a simple clipboard hijacker

Security Affairs

APRIL 19, 2021

Avast researchers analyzed the activity of a simple cryptocurrency malware dubbed HackBoss that allowed its operators to earn over $560K. The antivirus company Avast analyzed the case of a simple malware dubbed HackBoss and how it allowed its operators to earn more $560K worth of cryptocurrency since November 2018.

Cryptocurrency

Cryptocurrency Malware Hacking Banking

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Lazarus APT continues to target cryptocurrency businesses with Mac malware

Security Affairs

MARCH 28, 2019

The group is considered responsible for the massive WannaCry ransomware attack, a string of SWIFT attacks in 2016, and the Sony Pictures hack. In 2018, the Lazarus APT group targeted several cryptocurrency exchanges , including the campaign tracked as Operation AppleJeus discovered in August 2018. ” Kaspersky says. .

Cryptocurrency

Cryptocurrency Malware Advertising Antivirus

Cryptocurrency Attacks to be Aware of in 2021

Digital Shadows

JUNE 7, 2021

It’s been a pretty big year so far for cryptocurrency. Cryptocurrencies’ current total market cap sits just above $1.7 The cryptocurrency exchange Coinbase recently launched an IPO, India has reversed a ban on cryptocurrencies, and ransomware groups continue to demand payment in anonymity-based cryptocurrency.

Cryptocurrency

Cryptocurrency Phishing Advertising Antivirus

Analysis of BlackGuard – a new info stealer malware being sold in a Russian hacking forum

Security Boulevard

MARCH 30, 2022

Introduction: Hacking forums often double up as underground marketplaces where cybercriminals buy, rent, and sell all kinds of malicious illegal products, including software, trojans, stealers, exploits, and leaked credentials. BlackGuard detects antivirus processes. This allows it to bypass antivirus and string-based detection.

Malware

Malware Hacking Antivirus Passwords

New KryptoCibule Windows Trojan spreads via malicious torrents

Security Affairs

SEPTEMBER 2, 2020

The malware has been active since at least December 2018, it targets cryptocurrency users as a triple threat. The malware uses the victim’s resource to mine cryptocurrency, steals cryptocurrency wallet-related files, and replaces wallet addresses in the clipboard to hijack cryptocurrency payments.

Cryptocurrency

Cryptocurrency Antivirus Malware Advertising

QwixxRAT, a new Windows RAT appears in the threat landscape

Security Affairs

AUGUST 15, 2023

The Uptycs Threat Research team discovered the QwixxRAT (aka Telegram RAT) in early August 2023 while it was advertised through Telegram and Discord platforms. “To avoid detection by antivirus software, the RAT employs command and control functionality through a Telegram bot. .

Malware

Malware Antivirus Cryptocurrency Advertising

5 Ways to Protect Yourself from IP Address Hacking

Security Affairs

AUGUST 20, 2019

Your IP address represents your digital identity online, hacking it not only allows attackers to access your device or your accounts, but it may cause even bigger damage. Cybercriminals are interested in hacking your IP address for various reasons. The hacked and stolen IPs are often used for carrying out illegal activities.

Hacking

Hacking VPN Internet Internet

Security Affairs newsletter Round 261

Security Affairs

APRIL 26, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Spyware

Spyware Hacking Advertising Antivirus

InnfiRAT Trojan steals funds from Bitcoin and Litecoin wallets

Security Affairs

SEPTEMBER 14, 2019

Researchers at Z s caler have spotted a new malware dubbed InnfiRAT that infects victims’ systems to steal cryptocurrency wallet data. . Researchers at Z s caler have discovered a new Trojan dubbed InnfiRAT that implements many standard Trojan capabilities along with the ability to steal cryptocurrency wallet data. .

Cryptocurrency

Cryptocurrency Malware Advertising Antivirus

Shitcoin Wallet Chrome extension steals crypto-wallet private keys and passwords

Security Affairs

JANUARY 2, 2020

The Google Chrome extension was injecting JavaScript code on web pages to steal passwords and private keys from cryptocurrency wallets and cryptocurrency portals. At the time of writing, the installers for the desktop app of the Shitcoin Wallet are not detected as malicious by major antivirus solutions. Pierluigi Paganini.

Passwords

Passwords Cryptocurrency Advertising Antivirus

Romanian duo convicted of fraud Scheme infecting 400,000 computers

Security Affairs

APRIL 14, 2019

The crooks used malicious emails purporting to be legitimate from such entities as Western Union, Norton AntiVirus and the IRS to spread the malware. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Cryptocurrency

Cryptocurrency Identity Theft Advertising Accountability

New Android BlackRock malware targets hundreds of apps

Security Affairs

JULY 16, 2020

.” The malicious code supports multiple commands, it could launch overlay attacks, log keystrokes, send spam the victims’ contact lists with SMS messages, and prevent victims from using antivirus software. The list of targeted apps includes cryptocurrency wallet applications (i.e. Pierluigi Paganini.

Malware

Malware Banking Mobile Spyware

Top 10 Malware Strains of 2021

SecureWorld News

AUGUST 8, 2022

It has been sold on underground hacker forums for stealing browser data, user credentials, and cryptocurrency information. FormBook FormBook is an information stealer advertised in hacking forums. AZORult AZORult is used to steal information from compromised systems. Remcos installs a backdoor onto a target system.

Malware

Malware Banking Healthcare Penetration Testing

‘Spam Nation’ Villain Vrublevsky Charged With Fraud

Krebs on Security

MARCH 22, 2022

When I first began writing about Vrublevsky in 2009 as a reporter for The Washington Post , ChronoPay and its sister firm Red & Partners (RNP) were earning millions setting up payment infrastructure for fake antivirus peddlers and spammers pimping male enhancement drugs. The latest document in the hacked archive is dated April 2021.

Banking

Banking Marketing DDOS Risk

New variant of Linux Botnet WatchBog adds BlueKeep scanner

Security Affairs

JULY 25, 2019

Researchers at Intezer have discovered a new variant of WatchBog, a Linux-based cryptocurrency mining botnet, that also includes a module to scan the Internet for Windows RDP servers vulnerable to the Bluekeep vulnerability (CVE-2019-0708). Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. gooobb ” file.

Cryptocurrency

Cryptocurrency Internet Internet Malware

Dutch police arrested the author of Dryad and Rubella Macro Builders

Security Affairs

JULY 19, 2019

” Both macro builders allow crooks to easily create malicious Office documents that are usually involved in hacking campaigns as a first-stage loader for other malware. The Rubella Macro Builder is cheap, fast and easy to use, the malware it generated can evade antivirus detection. Pierluigi Paganini.

Malware

Malware Social Engineering Advertising Antivirus

Ransomware Revival: Troldesh becomes a leader by the number of attacks

Security Affairs

NOVEMBER 19, 2019

To bypass antivirus systems, hackers send out malicious emails in non-working hours with delayed activation. Another technique used by cybercriminals to bypass antivirus systems is a targeted attack, in which malicious email are delivered outside regular working hours. More than 80% of all malicious files were disguised as .zip

Ransomware

Ransomware Antivirus Malware Banking

Chinese-speaking cybercrime gang Rocke changes tactics

Security Affairs

OCTOBER 15, 2019

The malicious code is used by the hackers to deliver a Moner (XMR) crypto miner that is not detected by almost any antivirus solution. “It is expected that the group will continue to exploit more vulnerabilities to mine additional cryptocurrencies in the near future.” Pierluigi Paganini.

Cybercrime

Cybercrime DNS Malware Advertising

French Police remotely disinfected 850,000 PCs from RETADUP bot

Security Affairs

AUGUST 28, 2019

In recent campaigns, the Retadup worm was observed delivering Monero cryptocurrency miners in Latin America. Earlier this year, malware researchers from Avast antivirus firm discovered a design flaw in the C&C protocol of the botnet that could have been exploited to remove the malware from infected computers. Pierluigi Paganini.

Malware

Malware Advertising Antivirus Cryptocurrency

A new sophisticated version of the AZORult Spyware appeared in the wild

Security Affairs

JULY 30, 2018

The latest version appears more sophisticated than previous ones, it implements the ability to steal histories from browsers (except IE and Edge), it includes a conditional loader that checks certain parameters before running the malicious code, and includes the support for Exodus, Jaxx, Mist, Ethereum, Electrum, Electrum-LTC cryptocurrency wallets.

Spyware

Spyware Cryptocurrency Passwords Malware

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

Security Affairs

AUGUST 27, 2020

Most of us already know the importance of using antivirus , anti-malware, and VPNs to secure our computers, phones, and other devices against potential attacks. Or they can simply use these printers to mine cryptocurrency, ramping up their victims’ electricity bills in the process. SecurityAffairs – hacking, printers).

Hacking

Hacking IoT Firmware Internet

LimeRAT spreads in the wild

Security Affairs

APRIL 9, 2019

The installed payload actually is a Base64 encoded PE32 file, file-lessly stored within the registry hive to avoid antivirus detection. Stealer and CryptoStealer module to steal cryptocurrency wallets and saved passwords. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. The Payload. C2 retrieval.

Malware

Malware Advertising DNS Antivirus

Ten Years Later, New Clues in the Target Breach

Krebs on Security

DECEMBER 14, 2023

Rescator, advertising a new batch of cards stolen in a 2014 breach at P.F. Finally, there is some honor among thieves, and in the marketplace for stolen payment card data it is considered poor form to advertise a batch of cards as “yours” if you are merely reselling cards sold to you by a third-party card vendor or thief.

Cybercrime

Cybercrime Accountability Advertising Computers and Electronics

45 Main Cyber Security Terms Everyone Must Know

Spinone

NOVEMBER 1, 2019

Security Antivirus – software that scans a device or a network to detect security threats, alert you, and neutralize malicious code. The goals can be different – to sell this information to those who may benefit from it, like the advertisers, competitors, data companies; to obtain the banking information and passwords, and so on.

Passwords

Passwords Social Engineering Malware Encryption

Report: how cybercriminals abuse API keys to steal millions

Security Affairs

MAY 21, 2021

CyberNews researchers found that crooks could abuse cryptocurrency exchange API keys and steal cryptocurrencies. CyberNews researchers found that cybercriminals are able to abuse cryptocurrency exchange API keys and steal cryptocurrencies from their victims’ accounts without being granted withdrawal rights.

Cryptocurrency

Cryptocurrency Accountability Marketing Passwords

Mystic Stealer

Security Boulevard

JUNE 15, 2023

Oftentimes this is credential data, but it can be any data that may have financial value to an adversary; this includes paid online service accounts, cryptocurrency wallets, instant messenger, or email contacts lists, etc. Key Mystic Stealer functions include its ability to extract data from web browsers and cryptocurrency wallets.

Cryptocurrency

Cryptocurrency Password Management Malware DNS

Who’s Behind the GandCrab Ransomware?

Krebs on Security

JULY 8, 2019

But GandCrab far eclipsed the success of competing ransomware affiliate programs largely because its authors worked assiduously to update the malware so that it could evade antivirus and other security defenses. in threads asking for urgent help obtaining access to hacked businesses in South Korea.

Ransomware

Ransomware Accountability Cybercrime Passwords

Overview of Google Play threats sold on the dark web

SecureList

APRIL 10, 2023

It is especially important to analyze how this threat originates, because many cybercriminals work in teams, buying and selling Google Play accounts, malware, advertising services, and more. Malware and unwanted software is frequently injected into cryptocurrency trackers, financial apps, QR-code scanners and even dating apps.

Malware

Malware Encryption Mobile Accountability

5 Common Phishing Attacks and How to Avoid Them?

Security Affairs

AUGUST 19, 2019

Another successful strategy for preventing phishing is to secure your device using anti-malware, antivirus, VPN and other security softwares. This way even if your password is hacked or stolen through phishing still your account cannot be easily accessed. She is a small business owner, traveler and investor of cryptocurrencies.

Phishing

Phishing Accountability Authentication Passwords

IT threat evolution Q3 2022

SecureList

NOVEMBER 18, 2022

All of them were ordinary people using our free antivirus solution, seemingly unconnected with any organization of interest to a sophisticated attacker of this kind. VileRAT is a Python implant, part of an evasive and highly intricate attack campaign against foreign exchange and cryptocurrency trading companies.

Malware

Malware Computers and Electronics Adware Cryptocurrency

Security Affairs newsletter Round 469 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

APRIL 28, 2024

Companies and Government Agencies ArcaneDoor – New espionage-focused campaign found targeting perimeter network devices Israel Tried to Keep Sensitive Spy Tech Under Wraps.

Cybercrime

Cybercrime Spyware Data breaches Antivirus

Dark web threats and dark market predictions for 2024

SecureList

JANUARY 17, 2024

Notable among these was BunnyLoader , inexpensive and feature-rich malware capable of stealing sensitive data and cryptocurrency. Threat actors with a reputation refrained from claiming hacks or posting fakes. In 2022, these blogs, found on both public platforms and the dark web, averaged 386 posts per month.

Marketing

Marketing Cryptocurrency Malware Ransomware

Cyber Security Informer

Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack

WeSteal, a shameless commodity cryptocurrency stealer available for sale

Webinars

Trending Sources

Crooks made more than $560K with a simple clipboard hijacker

Webinars

Lazarus APT continues to target cryptocurrency businesses with Mac malware

Cryptocurrency Attacks to be Aware of in 2021

Analysis of BlackGuard – a new info stealer malware being sold in a Russian hacking forum

New KryptoCibule Windows Trojan spreads via malicious torrents

QwixxRAT, a new Windows RAT appears in the threat landscape

5 Ways to Protect Yourself from IP Address Hacking

Security Affairs newsletter Round 261

InnfiRAT Trojan steals funds from Bitcoin and Litecoin wallets

Shitcoin Wallet Chrome extension steals crypto-wallet private keys and passwords

Romanian duo convicted of fraud Scheme infecting 400,000 computers

New Android BlackRock malware targets hundreds of apps

Top 10 Malware Strains of 2021

‘Spam Nation’ Villain Vrublevsky Charged With Fraud

New variant of Linux Botnet WatchBog adds BlueKeep scanner

Dutch police arrested the author of Dryad and Rubella Macro Builders

Ransomware Revival: Troldesh becomes a leader by the number of attacks

Chinese-speaking cybercrime gang Rocke changes tactics

French Police remotely disinfected 850,000 PCs from RETADUP bot

A new sophisticated version of the AZORult Spyware appeared in the wild

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

LimeRAT spreads in the wild

Ten Years Later, New Clues in the Target Breach

45 Main Cyber Security Terms Everyone Must Know

Report: how cybercriminals abuse API keys to steal millions

Mystic Stealer

Who’s Behind the GandCrab Ransomware?

Overview of Google Play threats sold on the dark web

5 Common Phishing Attacks and How to Avoid Them?

IT threat evolution Q3 2022

Security Affairs newsletter Round 469 by Pierluigi Paganini – INTERNATIONAL EDITION

Dark web threats and dark market predictions for 2024

Stay Connected