eSecurity Planet

JANUARY 26, 2023

Security researchers are warning that Google Ads are being actively leveraged to distribute malware to unsuspecting victims searching for software downloads. On January 20, CronUp researcher Germán Fernández warned that the DEV-0569 ransomware group is using Google Ads to distribute Gozi/Ursnif malware, RedLine stealer, and Royal ransomware.

Malware 107

Malware Ransomware Software Cryptocurrency 107

Security Affairs

MARCH 11, 2019

Experts observed the STOP ransomware installing the Azorult password-stealing Trojan to steal account credentials, cryptocurrency wallets, and more. Experts observed the ransomware also installing the dreaded Azorult password-stealing Trojan on victim’s machine to steal account credentials, cryptocurrency wallets, documents and more.

Encryption 84

Encryption Ransomware Cryptocurrency Passwords 84

Malwarebytes

APRIL 18, 2023

There’s a new ransomware gang in town, stitched together from members of well known threat creators to push a new kind of malware focused on punishing unwary organisations. The malware family, called “Domino”, is the brainchild of FIN7 and ex-Conti ransomware members.

Malware 83

Malware Banking Ransomware Passwords 83

SecureWorld News

AUGUST 8, 2022

Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC) released a joint Cybersecurity Advisory (CSA) providing details on the top malware strains of 2021. The top malware strains in 2021 included remote access Trojans (RATs), banking Trojans, information stealers, and ransomware.

Malware 87

Malware Banking Healthcare Penetration Testing 87

Security Affairs

FEBRUARY 24, 2020

Raccoon Malware is a recently discovered infostealer that can extract sensitive data from about 60 applications on a targeted system. Racoon malware , Legion, Mohazo, and Racealer, is an infostealer that recently appeared in the threat landscape that is advertised in hacking forums.

Cybercrime 92

Cybercrime Malware Cryptocurrency Advertising 92

CyberSecurity Insiders

APRIL 30, 2021

Nitro Ransomware, a new variant of file encrypting malware is shaking up the internet by demanding Discord Nitro Gift Cards from victims instead of cryptocurrency. Note- All these days we have seen hackers stealing data and then encrypting the database to involve in double extortion schemes later.

Ransomware 142

Ransomware Encryption Cryptocurrency Internet 142

Security Affairs

NOVEMBER 26, 2019

Microsoft revealed that the new Dexphot cryptocurrency miner has already infected more than 80,000 computers worldwide. Security experts at Microsoft analyzed a new strain of cryptocurrency miner tracked as Dexphot that has been active since at least October 2018. The malware also uses scheduled tasks to achieve persistence.

Cryptocurrency 121

Cryptocurrency Malware Encryption Advertising 121

Security Affairs

MARCH 23, 2023

Nexus is available via a Malware-as-a-Service (MaaS) subscription and is advertised on underground forums or through private channels (e.g., However, Cleafy’s Threat Intelligence & Response Team reported having detected the first Nexus infections in June 2022, months before the MaaS was publicly advertised.

Banking 78

Banking Cryptocurrency Malware Advertising 78

SecureList

OCTOBER 24, 2023

Introduction As a cybersecurity company, Kaspersky is constantly dealing with known and brand-new malware samples. A good example of this is GoPIX, a malware campaign that has been active since December 2022. If they click such a link, a redirection follows, with the user ending up on the malware landing page.

Ransomware 92

Ransomware Malware Advertising Passwords 92

Security Affairs

AUGUST 27, 2019

Security experts from Kaspersky spotted a malware in the free version of the popular PDF creator application CamScanner app. Experts from Kaspersky have discovered malware in the free Android version of the CamScanner app that could be used by attackers to remotely hack Android devices and steal targets’ data.

Malware 97

Malware Advertising Mobile Hacking 97

SecureList

MARCH 1, 2021

The mobile malware Trojan-Ransom.AndroidOS.Agent.aq Last year was notable for both malware and adware, the two very close in terms of capabilities. After the application ran, it could follow one of several scenarios, depending on its creator’s greed and the advertising module’s capabilities. apk and coviddetect.apk.

Mobile 132

Mobile Malware Adware Banking 132

Security Affairs

JULY 8, 2020

Good news for the victims of the ThiefQuest (EvilQuest) ransomware, they can recover their encrypted files for free. The victims of the ThiefQuest (EvilQuest) ransomware victims can recover their encrypted files without needing to pay the ransom due to the availability of a free decryptor. macOS ransomware #decryptor ( #EvilQuest )! |

Ransomware 106

Ransomware Encryption Malware InfoSec 106

Security Affairs

MARCH 17, 2020

Last week, security experts from MalwareHunterTeam detected new ransomware dubbed CoronaVirus has been distributed through a malicious web site that was advertising a legitimate system optimization software and utilities from WiseCleaner. The filename of the encrypted files will be changed to the attacker’s email address (i.e.

Ransomware 100

Ransomware Cryptocurrency Advertising Passwords 100

Security Affairs

JULY 29, 2018

New Underminer exploit kit delivers a bootkit that infects the system’s boot sectors as well as a cryptocurrency miner dubbed Hidden Mellifera. “Underminer delivers a bootkit that infects the system’s boot sectors as well as a cryptocurrency-mining malware named Hidden Mellifera.” ” concludes Trend Micro.

Cryptocurrency 45

Cryptocurrency Advertising Malware Encryption 45

Security Boulevard

MAY 27, 2022

The Exfiltration Phase of The Kill Chain of a Cryptocurrency-Based Attack Provides the Greatest Opportunity to Identify Cybercriminals. Cryptocurrency gained through illicit means is less useable than other assets due to the way cryptocurrency systems currently do not fully protect owner identity and allow for only limited liquidity.

Cryptocurrency 59

Cryptocurrency Risk Marketing Architecture 59

Security Affairs

FEBRUARY 20, 2023

discovered a new information stealer, dubbed Stealc, which was advertised in the dark web forums. The malware was developed by a threat actor that uses the moniker Plymouth who claims the info-stealer supports a wide set of stealing capabilities. stealc was written in pure C using WinAPI C written malware uses WinAPI functions.

Malware 83

Malware Cryptocurrency Advertising Data collection 83

Security Affairs

APRIL 30, 2020

Security experts from Cybereason Nocturnus team discovered a new piece of Android malware dubbed EventBot that targets banks, financial services across Europe. Researchers from Cybereason Nocturnus team discovered a new piece of Android malware dubbed EventBot that targets banks, financial services across Europe.

Mobile 108

Mobile Financial Services Banking Malware 108

Security Affairs

NOVEMBER 4, 2019

Security experts warn of a new piece of malware dubbed QSnatch that already infected thousands of QNAP NAS devices worldwide. A new piece of malware dubbed QSnatch is infecting thousands of NAS devices manufactured by the Taiwanese vendor QNAP. At the time of writing, it is still unclear how threat actor will use the malware (i.e.

Malware 62

Malware Firmware Advertising Encryption 62

Security Affairs

AUGUST 15, 2020

A new Mac malware, tracked as XCSSET, spreads through Xcode projects and exploits two zero-day vulnerabilities, experts warn. XCSSET is a new Mac malware that spreads through Xcode projects and exploits two zero-day vulnerabilities to steal sensitive information from target systems and launch ransomware attacks.

Spyware 124

Spyware Malware Advertising Cryptocurrency 124

Security Affairs

OCTOBER 23, 2018

A new version of the Azorult info-stealer appeared in the wild, it is able to steal more data, including other types of cryptocurrencies. A new version of the Azorult info-stealer appeared in the wild, it is able to steal more data, including other types of cryptocurrencies, and implements new features. ” continues CheckPoint.

Marketing 78

Marketing Cybercrime Cryptocurrency Advertising 78

Security Affairs

MARCH 31, 2019

Malware Static Analysis. Anubis II – malware and afterlife. Free Tools: spotting APTs through Malware streams. How to get back files encrypted by the Hacked Ransomware for free. Android Trojan Gustuff capable of targeting more than 100 global banking apps, cryptocurrency and marketplace applications.

Cryptocurrency 71

Cryptocurrency Banking Malware Data breaches 71

Security Affairs

APRIL 5, 2019

A few days ago, the researchers of ZLab Yoroi-Cybaze dissected another attack wave of the infamous Ursnif malware, also known as Gozi ISFB , an offspring of the original Gozi which source code was leaked in 2014. Ursnif/Gozi is active from over a decade and was one of the most active malware listed in 2017 and 2018.

Banking 84

Banking Malware Cryptocurrency Advertising 84

Security Affairs

DECEMBER 1, 2019

After 1 Million of malware samples analyzed. Some Fortinet products used hardcoded keys and weak encryption for communications. Upbit cryptocurrency exchange hacked, crooks stole $48.5 Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Twitter allows users to use 2FA without a phone number.

Advertising 95

Advertising Ransomware Cryptocurrency Government 95

SecureList

DECEMBER 1, 2023

To exfiltrate data and deliver next-stage malware, the attackers abuse cloud-based data storage, such as Dropbox or Yandex Disk, as well as a temporary file sharing service. libssl.dll or libcurl.dll was statically linked to implants to implement encrypted C2 communications. org domain did not occur in all cases.

Malware 91

Malware Ransomware Encryption Energy and Utilities 91

Security Affairs

JUNE 13, 2021

It is interesting to tone that the phishing attacks against cryptocurrency targets broke 2 per for the first time, a circumstance that demonstrates the growing interest of cybercrime in targeting users attracted by the raise of the value of cryptocurrencies like Bitcoin. said LaCour, According to John LaCour, in Q1 2021, 94.5%

Phishing 104

Phishing Advertising Cryptocurrency Encryption 104

Malwarebytes

JANUARY 19, 2022

VPNLab.net was a virtual private network provider that mostly advertised its services on the criminal side of the Dark Web, and provided services for various cybercriminals, including ransomware gangs. We set a special encrypted channel between your computer and our foreign servers. Upon reaching the server it is encrypted again.

VPN 70

VPN Encryption Cybercrime Technology 70

SC Magazine

JUNE 25, 2021

Malicious hackers are increasingly mobbing the video game industry, with major companies suffering data breaches, having their source code sold or leaked online and games serving as playgrounds to push malware or mine cryptocurrencies.

Computers and Electronics 121

Computers and Electronics Media Marketing Cryptocurrency 121

Security Affairs

JULY 25, 2019

Researchers at Intezer have discovered a new variant of WatchBog, a Linux-based cryptocurrency mining botnet, that also includes a module to scan the Internet for Windows RDP servers vulnerable to the Bluekeep vulnerability (CVE-2019-0708). Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. gooobb ” file.

Cryptocurrency 71

Cryptocurrency Internet Internet Malware 71

Security Affairs

MARCH 8, 2020

US officials charge two Chinese men for laundering cryptocurrency for North Korea. Lets Encrypt CA is revoking over 3 Million TLS certificates due to a bug. Malware campaign employs fake security certificate updates. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Data breaches 71

Data breaches Mobile Advertising Ransomware 71

Security Affairs

SEPTEMBER 8, 2019

” reads an analysis of the malware published by researcher Aleksejs Kuprins. The malicious code implements notably evasion technique to bypass Google Play’s checks, the expert explained that the malware was hiding malicious code within the advertisement frameworks. continues the expert. ” states the analysis.

Spyware 94

Spyware Advertising Malware Cryptocurrency 94

Malwarebytes

JUNE 17, 2021

This popularity among users also makes it a popular target for advertisers and malicious actors. HTTPS Everywhere ensures that you always connect to sites using secure HTTPS encryption instead of HTTP. uBlock will block advertisements, including video ads, as well as trackers. you may ask. Malwarebytes Browser Guard.

Advertising 116

Advertising Antivirus Passwords Password Management 116

Security Affairs

OCTOBER 28, 2018

Earlier this year Sysdig and Aqua Security researchers started observing cyber attacks targeting Kubernets and Docker instances aimed at mining Monero cryptocurrency. Miscreants can abuse Docker Engine API to deploy containers they have created with the specific intent of mining cryptocurrencies. Docker Trusted Registry ).

Engineering 84

Engineering Cryptocurrency System Administration Advertising 84

Malwarebytes

NOVEMBER 11, 2021

Cybercrime in this report includes the creation and spread of malware, hacking to steal sensitive personal or industry data, denial of service attacks to cause financial and/or reputational damage, and other criminal activities. Cryptocurrencies remain an important means of payment for criminal services and products. Cybercrime.

Cybercrime 96

Cybercrime Encryption Cryptocurrency Advertising 96

Security Affairs

APRIL 24, 2020

The crew has published images of the data they claim to have stolen before encrypting the systems at the company. Recently the crew behind the Sodinokibi Ransomware has started accepting the Monero cryptocurrency instead of Bitcoin to make it harder investigation by law enforcement agencies. – The company is traded on NASDAQ.

Software 103

Software Ransomware VPN Advertising 103

Security Affairs

MAY 10, 2020

Researchers at security firm Red Canary uncovered a Monero cryptocurrency-mining campaign, tracked as Blue Mockingbird, that exploits the CVE-2019-18935 vulnerability in web applications built on the ASP.NET framework. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Cryptocurrency 88

Cryptocurrency Advertising Accountability Encryption 88

Security Affairs

AUGUST 22, 2019

Data that travels over a public hotspot network is rarely encrypted. Attackers can also redirect users to making a so called ‘important’ download or update, which actually is a Trojan horse for malware that is planted on your device. She is a small business owner, traveler and investor of cryptocurrencies. Pierluigi Paganini.

VPN 85

VPN Encryption Passwords Small Business 85

Malwarebytes

APRIL 11, 2023

In a recent tweet , the FBI office in Denver warned consumers against using free public charging stations, stating that criminals have managed to hijack public chargers with the objective of infecting devices with malware or other software that can give hackers access to your phone, tablet or computer.

Mobile 98

Mobile Banking Malware Spyware 98