Advertising, Cryptocurrency, Information Security and Malware

BunnyLoader, a new Malware-as-a-Service advertised in cybercrime forums

Security Affairs

OCTOBER 3, 2023

Cybersecurity researchers spotted a new malware-as-a-service (MaaS) called BunnyLoader that’s appeared in the threat landscape. Zscaler ThreatLabz researchers discovered a new malware-as-a-service (MaaS) that is called BunnyLoader, which has been advertised for sale in multiple cybercrime forums since September 4, 2023.

Advertising

Advertising Cybercrime Malware Cryptocurrency

Crooks impersonate brands using search engine advertisement services

Security Affairs

DECEMBER 26, 2022

The FBI warns of cybercriminals using search engine advertisement services to impersonate brands and defraud users. The FBI is warning of cyber criminals using search engine advertisement services to impersonate brands and direct users to websites that were used to defraud users. ” reads the advisory published by the FBI.

Advertising

Advertising Engineering Education Internet

New Bandit Stealer targets web browsers and cryptocurrency wallets

Security Affairs

MAY 28, 2023

Bandit Stealer is a new stealthy information stealer malware that targets numerous web browsers and cryptocurrency wallets. Trend Micro researchers discovered a new info-stealing malware, dubbed Bandit Stealer, which is written in the Go language and targets multiple browsers and cryptocurrency wallets.

Cryptocurrency

Cryptocurrency Malware Advertising Phishing

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

WeSteal, a shameless commodity cryptocurrency stealer available for sale

Security Affairs

MAY 2, 2021

The bold author of a new cryptocurrency stealer, dubbed WeSteal, is promising its customers a leading way to make money in 2021. WeSteal is a Python-based malware that uses regular expressions to search for strings related to wallet addresses that victims have copied to their clipboard. There is the name of the malware itself.

Cryptocurrency

Cryptocurrency Malware Advertising System Administration

U.S. and Australian police arrested Firebird RAT author and operator

Security Affairs

APRIL 14, 2024

The RAT allowed customers to access and control their victims’ computers remotely, its author advertised its stealing capabilities. He is accused of advertising and selling the Hive remote access trojan (RAT) on the “Hack Forums” website. ” reported the DoJ. ” reported the DoJ. ” continues DoJ.

Computers and Electronics

Computers and Electronics Advertising Cryptocurrency Malware

Hackers stole $5.4 million from cryptocurrency exchange ETERBASE

Security Affairs

SEPTEMBER 10, 2020

Slovak cryptocurrency exchange ETERBASE disclosed a security breach, hackers stole cryptocurrency funds worth $5.4 Slovak cryptocurrency exchange ETERBASE disclosed a security breach, the hackers stole Bitcoin, Ether, ALGO, Ripple, Tezos, and TRON assets worth $5.4 SecurityAffairs – hacking, cryptocurrency).

Cryptocurrency

Cryptocurrency Data breaches Advertising Hacking

Aurora Stealer Malware is becoming a prominent threat in the cybercrime ecosystem

Security Affairs

NOVEMBER 22, 2022

Researchers warn of threat actors employing a new Go-based malware dubbed Aurora Stealer in attacks in the wild. Aurora Stealer is an info-stealing malware that was first advertised on Russian-speaking underground forums in April 2022. Aurora was offered as Malware-as-a-Service (MaaS) by a threat actor known as Cheshire.

Cybercrime

Cybercrime Malware Cryptocurrency Advertising

Hackers stole more than $150 million from KuCoin cryptocurrency exchange

Security Affairs

SEPTEMBER 26, 2020

Singapore-based cryptocurrency exchange KuCoin disclosed a security breach, hackers stole $150 million from its hot wallets. Singapore-based cryptocurrency exchange KuCoin disclosed a major security incident, the hackers breached its hot wallets and stole all the funds, around $150 million. It seems #Kucoin got hacked.

Cryptocurrency

Cryptocurrency Hacking Advertising Internet

Statc Stealer, a new sophisticated info-stealing malware

Security Affairs

AUGUST 10, 2023

Zscaler ThreatLabz researchers discovered a new information stealer malware, called Statc Stealer, that can steal a broad range of info from Windows devices. The malware can steal sensitive information from various web browsers, including login data, cookies, web data, and preferences. ” concludes the report.

Malware

Malware Encryption Advertising Cryptocurrency

New MrbMiner malware infected thousands of MSSQL DBs

Security Affairs

SEPTEMBER 16, 2020

A threat actor is launching brute-force attacks on MSSQL servers in the attempt to access them to install a new crypto-mining malware dubbed MrbMiner. A group of hackers is launching brute-force attacks on MSSQL servers with the intent to compromise them and install crypto-mining malware dubbed MrbMiner. Mining process.”

Malware

Malware Cryptocurrency Advertising Accountability

BlackSquid malware uses multiple exploits to drop cryptocurrency miners

Security Affairs

JUNE 5, 2019

A new piece of malware appeared in the threat landscape, dubbed BlackSquid it targets web servers with several exploits to deliver cryptocurrency miners. Security experts at Trend Micro have discovered a new Monero cryptomining miner, dubbed BlackSquid, that is targeting web servers, network drives, and removable drives.

Cryptocurrency

Cryptocurrency Malware Advertising Hacking

North Korea-linked Lazarus continues to target job seekers with macOS malware

Security Affairs

SEPTEMBER 28, 2022

North Korea-linked Lazarus APT group is targeting macOS Users searching for jobs in the cryptocurrency industry. North Korea-linked Lazarus APT group continues to target macOS with a malware campaign using job opportunities as a lure. The second-stage malware extracts and executes the third-stage binary.

Malware

Malware Cryptocurrency Architecture Advertising

US officials charge two Chinese men for laundering cryptocurrency for North Korea

Security Affairs

MARCH 3, 2020

The Department of Justice has charged the two Chinese nationals for laundering cryptocurrency for North Korea-linked APT groups. for helping North Korea-linked hackers in laundering cryptocurrency. The cryptocurrency have been stolen by the APT groups from two cryptocurrency exchanges. and Li Jiadong (???),

Cryptocurrency

Cryptocurrency Banking Hacking Accountability

New ElectroRAT employed in a wide-ranging operation targeting cryptocurrency users

Security Affairs

JANUARY 5, 2021

Researchers uncovered a large scale operation targeting cryptocurrency users with a previously undetected multiplatform RAT named ElectroRAT. Security researchers from Intezer uncovered a large scale operation targeting cryptocurrency users with a previously undetected RAT named ElectroRAT. ” continues the variant.

Cryptocurrency

Cryptocurrency Media Advertising Marketing

QQAAZZ crime gang charged for laundering money stolen by malware gangs

Security Affairs

OCTOBER 18, 2020

Multiple members of QQAAZZ multinational cybercriminal gang were charged for providing money-laundering services to high-profile malware operations. According to law enforcement bodies, the gang provides services to multiple malware operations, including Dridex , GozNym , and Trickbot. ” . ” states the DoJ.

Malware

Malware Banking Cryptocurrency Cybercrime

Crooks use weaponized coronavirus map to deliver malware

Security Affairs

MARCH 12, 2020

Cybercriminals continue to exploit the fear in the coronavirus outbreak to spread malware and steal sensitive data from victims. Experts from cybersecurity Reason reported cybercrimnals are using new coronavirus -themed attacks to deliver malware. To make sure the malware can persist and keep operating, it uses the “Task Scheduler”.”

Malware

Malware Advertising Passwords Cryptocurrency

USCYBERCOM shares five new North Korea-linked malware samples

Security Affairs

MAY 13, 2020

The United States Cyber Command (USCYBERCOM) has uploaded five new North Korean malware samples to VirusTotal. The United States Cyber Command (USCYBERCOM) has shared five new malware samples attributed to the North Korea-linked Lazarus APT , it has uploaded the malicious code to VirusTotal. ” reads the DHS CISA’s advisory.

Malware

Malware Advertising Government Cryptocurrency

Crooks made more than $560K with a simple clipboard hijacker

Security Affairs

APRIL 19, 2021

Avast researchers analyzed the activity of a simple cryptocurrency malware dubbed HackBoss that allowed its operators to earn over $560K. The antivirus company Avast analyzed the case of a simple malware dubbed HackBoss and how it allowed its operators to earn more $560K worth of cryptocurrency since November 2018.

Cryptocurrency

Cryptocurrency Malware Hacking Banking

Raccoon Malware, a success case in the cybercrime ecosystem

Security Affairs

FEBRUARY 24, 2020

Raccoon Malware is a recently discovered infostealer that can extract sensitive data from about 60 applications on a targeted system. Racoon malware , Legion, Mohazo, and Racealer, is an infostealer that recently appeared in the threat landscape that is advertised in hacking forums.

Cybercrime

Cybercrime Malware Cryptocurrency Advertising

Masad Stealer Malware exfiltrates data via Telegram

Security Affairs

SEPTEMBER 29, 2019

Experts at Juniper Threat Labs have discovered a new piece of malware dubbed Masad Stealer that exfiltrate s cryptocurrency wallet files via Telegram. Security researchers at the Juniper Threat Labs discovered a strain of malware dubbed Masad Stealer that is actively distributed.

Malware

Malware Cryptocurrency Advertising Marketing

Google removed 49 Chrome Extensions that were hijacking cryptocurrency wallets

Security Affairs

APRIL 15, 2020

Google has removed 49 new Chrome browser extensions from its official Web Store that hide the code to hijack cryptocurrency wallets. Google has removed 49 new Chrome browser extensions from its official Web Store that contain the code to steal sensitive information and hijack cryptocurrency wallets. Pierluigi Paganini.

Cryptocurrency

Cryptocurrency Advertising Phishing Passwords

Experts warn of JinxLoader loader used to spread Formbook and XLoader

Security Affairs

JANUARY 2, 2024

JinxLoader is a new Go-based loader that was spotted delivering next-stage malware such as Formbook and XLoader. Researchers from Palo Alto Networks and Symantec warned of a new Go-based malware loader called JinxLoader, which is being used to deliver next-stage payloads such as Formbook and XLoader. net on 2023-04-30.

Malware

Malware Passwords Cryptocurrency Hacking

Experts warn of self-spreading malware targeting gamers looking for cheats on YouTube

Security Affairs

SEPTEMBER 16, 2022

Threat actors target gamers looking for cheats on YouTube with the RedLine Stealer information-stealing malware and crypto miners. The malicious code can also act as first-stage malware. “The videos advertise cheats and cracks and provide instructions on hacking popular games and software.” Pierluigi Paganini.

Malware

Malware Cryptocurrency Hacking Passwords

CVE-2019-11707 Firefox Zero-Day exploited to infect employees at cryptocurrency exchanges

Security Affairs

JUNE 20, 2019

Researchers discovered that recently patched Firefox zero-day (CVE-2019-11707) has been exploited to deliver Windows and Mac malware to cryptocurrency exchanges. According to Martin, other cryptocurrency organizations were hit by similar attacks. CVE-2019-11707 is a type confusion vulnerability in Array.pop.

Cryptocurrency

Cryptocurrency Malware Advertising Passwords

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms. The messages said recipients had earned an investment credit at a cryptocurrency trading platform called moonxtrade[.]com. In May 2020, Zipper told another Lolzteam member that quot[.]pw

Scams

Scams DDOS Cryptocurrency Accountability

Erbium info-stealing malware, a new option in the threat landscape

Security Affairs

SEPTEMBER 27, 2022

Threat actors behind the new ‘Erbium’ information-stealing malware are distributing it as fake cracks and cheats for popular video games to steal victims’ credentials and cryptocurrency wallets. The Malware-as-a-Service (MaaS) was advertised on a Dark Web forum by a Russian-speaking threat actor.

Malware

Malware Password Management Authentication Passwords

New strain of Clipsa malware launches brute-force attacks on WordPress sites

Security Affairs

AUGUST 8, 2019

Avast spotted a new strain of Clipsa malware that is used to mine and steal cryptocurrencies along with carrying out brute-force attacks on WordPress sites. Clipsa is a malware that is well known to cyber security community is able to steal cryptocurrency via clipoard hijacking and mine cryptocurrency after installing a miner. .

Malware

Malware Cryptocurrency Passwords Internet

New Android BlackRock malware targets hundreds of apps

Security Affairs

JULY 16, 2020

Researchers spotted a new Android banking trojan dubbed BlackRock malware that steals credentials and credit card data from hundreds of apps. Security experts from ThreatFabric have discovered a new Android banking trojan dubbed BlackRock that steals credentials and credit card data from a list of 337 apps.

Malware

Malware Banking Mobile Spyware

Tainted password-cracking software for industrial systems used to spread P2P Sality bot

Security Affairs

JULY 15, 2022

Dragos researchers uncovered a small-scale campaign targeting industrial engineers and operators with Sality malware. During a routine vulnerability assessment, Dragos researchers discovered a campaign targeting industrial engineers and operators with Sality malware. “Dragos only tested the DirectLogic-targeting malware.

Passwords

Passwords Software Firmware Malware

Doki, an undetectable Linux backdoor targets Docker Servers

Security Affairs

JULY 29, 2020

Experts spotted an undetectable Linux malware that exploits undocumented techniques to evade detection and targets publicly accessible Docker servers. ” The botnet is scanning the Internet for misconfigured Docker API endpoints, Experts noticed that the Ngrok malware has already infected many vulnerable servers.

Cryptocurrency

Cryptocurrency Malware Advertising VPN

Kaspersky found malware in popular CamScanner app. Remove it now from your phone!

Security Affairs

AUGUST 27, 2019

Security experts from Kaspersky spotted a malware in the free version of the popular PDF creator application CamScanner app. Experts from Kaspersky have discovered malware in the free Android version of the CamScanner app that could be used by attackers to remotely hack Android devices and steal targets’ data.

Malware

Malware Advertising Mobile Hacking

Alien Android banking Trojan, the powerful successor of the Cerberus malware

Security Affairs

SEPTEMBER 24, 2020

Security researchers spotted a new strain of Android malware, dubbed Alien, that implements multiple features allowing it to steal credentials from 226 apps. Alien first appeared in the threat landscape early this year, its model of sale is Malware-as-a-Service (MaaS) and is advertised on several underground hacking forums.

Banking

Banking Malware Advertising Architecture

Nexus, an emerging Android banking Trojan targets 450 financial apps

Security Affairs

MARCH 23, 2023

Nexus is available via a Malware-as-a-Service (MaaS) subscription and is advertised on underground forums or through private channels (e.g., However, Cleafy’s Threat Intelligence & Response Team reported having detected the first Nexus infections in June 2022, months before the MaaS was publicly advertised.

Banking

Banking Cryptocurrency Malware Advertising

Cryptocurrency miners infected more than 50% of the European airport workstations

Security Affairs

OCTOBER 17, 2019

European airport systems were infected with a Monero cryptocurrency miner that was linked to the Anti-CoinMiner campaign discovered this summer by Zscaler researchers. . “The malware we found was first discovered by Zscaler more than a year ago,” continues Cyberbit. ” reads the analysis published by Cyberbit.

Cryptocurrency

Cryptocurrency Antivirus Advertising Malware

Microsoft warns of Dexphot miner, an interesting polymorphic threat

Security Affairs

NOVEMBER 26, 2019

Microsoft revealed that the new Dexphot cryptocurrency miner has already infected more than 80,000 computers worldwide. Security experts at Microsoft analyzed a new strain of cryptocurrency miner tracked as Dexphot that has been active since at least October 2018. The malware also uses scheduled tasks to achieve persistence.

Cryptocurrency

Cryptocurrency Malware Encryption Advertising

Crooks target Ukraine’s IT Army with a tainted DDoS tool

Security Affairs

MARCH 10, 2022

Threat actors are spreading password-stealing malware disguised as a security tool to target Ukraine’s IT Army. Cisco Talos researchers have uncovered a malware campaign targeting Ukraine’s IT Army , threat actors are using infostealer malware mimicking a DDoS tool called the “Liberator.” 35) on port 6666.

DDOS

DDOS Digital transformation Malware Advertising

Security Affairs newsletter Round 460 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

FEBRUARY 25, 2024

Apple created post-quantum cryptographic protocol PQ3 for iMessage Russian hacker is set to face trial for the hack of a local power grid Microsoft released red teaming tool PyRIT for Generative AI CISA orders federal agencies to fix ConnectWise ScreenConnect bug in a week FTC charged Avast with selling users’ browsing data to advertising companies (..)

Spyware

Spyware Cyber Insurance Hacking Advertising

QwixxRAT, a new Windows RAT appears in the threat landscape

Security Affairs

AUGUST 15, 2023

The Uptycs Threat Research team discovered the QwixxRAT (aka Telegram RAT) in early August 2023 while it was advertised through Telegram and Discord platforms. ” reads a new report published by security firm Uptycs. The malware supports 19 functions, each serving a unique purpose.

Malware

Malware Antivirus Cryptocurrency Advertising

Security Affairs newsletter Round 400 by Pierluigi Paganini

Security Affairs

JANUARY 1, 2023

Personal health information of 42M Americans leaked between 2016 and 2021 Malvertising campaign MasquerAds abuses Google Ads New Linux malware targets WordPress sites by exploiting 30 bugs NETGEAR fixes a severe bug in its routers. If you want to also receive for free the newsletter with the international press subscribe here.

Cyber Attacks

Cyber Attacks Advertising Cryptocurrency Hacking

FBI and Ukrainian police seized 9 crypto exchanges used by cybercriminals

Security Affairs

MAY 2, 2023

. “Web resources offered users anonymous exchange of cryptocurrencies. “Through exchanges, attackers channeled assets obtained as a result of malware attacks (cryptoviruses) and online fraud. . “Through exchanges, attackers channeled assets obtained as a result of malware attacks (cryptoviruses) and online fraud.

Cybercrime

Cybercrime Cryptocurrency Advertising Education

REvil Ransomware member win the auction for KPot stealer source code

Security Affairs

NOVEMBER 4, 2020

KPOT Stealer is a “stealer” malware that focuses on exfiltrating account information and other data from web browsers, instant messengers, email, VPN, RDP, FTP, cryptocurrency, and gaming software. The KPOT Stealer was written in C/C++, it was offered in the cybercrime underground as a Malware-as-a-Service (MaaS).

Ransomware

Ransomware Malware Advertising Cybercrime

New SOVA Android Banking trojan is rapidly growing

Security Affairs

SEPTEMBER 11, 2021

SOVA is a new Android banking trojan that targets banking applications, cryptocurrency wallets, and shopping apps from the U.S. The malware allows attacker to gather sensitive data from infected devices, including banking credentials and PII. two related to first iteration of the malware, and the last one being the newer release. .”

Banking

Banking DDOS Cryptocurrency Mobile

Stealc, a new advanced infostealer appears in the threat landscape

Security Affairs

FEBRUARY 20, 2023

Researchers spotted a new information stealer, called Stealc, which supports a wide set of stealing capabilities. discovered a new information stealer, dubbed Stealc, which was advertised in the dark web forums. stealc was written in pure C using WinAPI C written malware uses WinAPI functions.

Malware

Malware Cryptocurrency Advertising Data collection

Group-IB experts record a massive surge of user data leaks form cryptocurrency exchanges

Security Affairs

AUGUST 7, 2018

Group-IB researchers have investigated user data leaks from cryptocurrency exchanges and has analyzed the nature of these incidents. In 2017, when cryptocurrencies were gaining momentum, their record-breaking capitalization and a spike in Bitcoin’s exchange rate led to dozens of attacks on cryptocurrency services.

Cryptocurrency

Cryptocurrency Passwords Authentication Accountability

BunnyLoader, a new Malware-as-a-Service advertised in cybercrime forums

Crooks impersonate brands using search engine advertisement services

Webinars

Trending Sources

New Bandit Stealer targets web browsers and cryptocurrency wallets

Webinars

WeSteal, a shameless commodity cryptocurrency stealer available for sale

U.S. and Australian police arrested Firebird RAT author and operator

Hackers stole $5.4 million from cryptocurrency exchange ETERBASE

Aurora Stealer Malware is becoming a prominent threat in the cybercrime ecosystem

Hackers stole more than $150 million from KuCoin cryptocurrency exchange

Statc Stealer, a new sophisticated info-stealing malware

New MrbMiner malware infected thousands of MSSQL DBs

BlackSquid malware uses multiple exploits to drop cryptocurrency miners

North Korea-linked Lazarus continues to target job seekers with macOS malware

US officials charge two Chinese men for laundering cryptocurrency for North Korea

New ElectroRAT employed in a wide-ranging operation targeting cryptocurrency users

QQAAZZ crime gang charged for laundering money stolen by malware gangs

Crooks use weaponized coronavirus map to deliver malware

USCYBERCOM shares five new North Korea-linked malware samples

Crooks made more than $560K with a simple clipboard hijacker

Raccoon Malware, a success case in the cybercrime ecosystem

Masad Stealer Malware exfiltrates data via Telegram

Google removed 49 Chrome Extensions that were hijacking cryptocurrency wallets

Experts warn of JinxLoader loader used to spread Formbook and XLoader

Experts warn of self-spreading malware targeting gamers looking for cheats on YouTube

CVE-2019-11707 Firefox Zero-Day exploited to infect employees at cryptocurrency exchanges

Interview With a Crypto Scam Investment Spammer

Erbium info-stealing malware, a new option in the threat landscape

New strain of Clipsa malware launches brute-force attacks on WordPress sites

New Android BlackRock malware targets hundreds of apps

Tainted password-cracking software for industrial systems used to spread P2P Sality bot

Doki, an undetectable Linux backdoor targets Docker Servers

Kaspersky found malware in popular CamScanner app. Remove it now from your phone!

Alien Android banking Trojan, the powerful successor of the Cerberus malware

Nexus, an emerging Android banking Trojan targets 450 financial apps

Cryptocurrency miners infected more than 50% of the European airport workstations

Microsoft warns of Dexphot miner, an interesting polymorphic threat

Crooks target Ukraine’s IT Army with a tainted DDoS tool

Security Affairs newsletter Round 460 by Pierluigi Paganini – INTERNATIONAL EDITION

QwixxRAT, a new Windows RAT appears in the threat landscape

Security Affairs newsletter Round 400 by Pierluigi Paganini

FBI and Ukrainian police seized 9 crypto exchanges used by cybercriminals

REvil Ransomware member win the auction for KPot stealer source code

New SOVA Android Banking trojan is rapidly growing

Stealc, a new advanced infostealer appears in the threat landscape

Group-IB experts record a massive surge of user data leaks form cryptocurrency exchanges

Stay Connected