Krebs on Security

MAY 22, 2023

Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms. The messages said recipients had earned an investment credit at a cryptocurrency trading platform called moonxtrade[.]com. In May 2020, Zipper told another Lolzteam member that quot[.]pw

Scams 243

Scams DDOS Cryptocurrency Accountability 243

Security Affairs

FEBRUARY 24, 2020

Raccoon Malware is a recently discovered infostealer that can extract sensitive data from about 60 applications on a targeted system. Racoon malware , Legion, Mohazo, and Racealer, is an infostealer that recently appeared in the threat landscape that is advertised in hacking forums.

Cybercrime 90

Cybercrime Malware Cryptocurrency Advertising 90

eSecurity Planet

JANUARY 26, 2023

Security researchers are warning that Google Ads are being actively leveraged to distribute malware to unsuspecting victims searching for software downloads. On January 20, CronUp researcher Germán Fernández warned that the DEV-0569 ransomware group is using Google Ads to distribute Gozi/Ursnif malware, RedLine stealer, and Royal ransomware.

Malware 107

Malware Ransomware Software Cryptocurrency 107

Security Affairs

AUGUST 8, 2019

Avast spotted a new strain of Clipsa malware that is used to mine and steal cryptocurrencies along with carrying out brute-force attacks on WordPress sites. Clipsa is a malware that is well known to cyber security community is able to steal cryptocurrency via clipoard hijacking and mine cryptocurrency after installing a miner. .

Malware 87

Malware Cryptocurrency Passwords Internet 87

CyberSecurity Insiders

APRIL 30, 2021

Nitro Ransomware, a new variant of file encrypting malware is shaking up the internet by demanding Discord Nitro Gift Cards from victims instead of cryptocurrency. In this malware attack, hackers indulge in data stealing and encryption as usual. The platform allows users to purchase a premium subscription for $9.99

Ransomware 142

Ransomware Encryption Cryptocurrency Internet 142

Security Affairs

MAY 4, 2020

Hackers are conducting a mass-scanning the Internet for vulnerable Salt installs that could allow them to hack the organizations, the last victim is the Ghost blogging platform. The attackers compromised the blogging platform to deploy a cryptocurrency miner, the intrusion took place on May 3, 2020. Pierluigi Paganini.

Internet 112

Internet Internet Hacking Advertising 112

Security Affairs

JULY 29, 2020

Experts spotted an undetectable Linux malware that exploits undocumented techniques to evade detection and targets publicly accessible Docker servers. ” The botnet is scanning the Internet for misconfigured Docker API endpoints, Experts noticed that the Ngrok malware has already infected many vulnerable servers.

Cryptocurrency 137

Cryptocurrency Malware Advertising VPN 137

SecureList

MARCH 1, 2021

The mobile malware Trojan-Ransom.AndroidOS.Agent.aq Last year was notable for both malware and adware, the two very close in terms of capabilities. After the application ran, it could follow one of several scenarios, depending on its creator’s greed and the advertising module’s capabilities. apk and coviddetect.apk.

Mobile 132

Mobile Malware Adware Banking 132

Security Affairs

DECEMBER 7, 2021

The botnet was involved in stealing users’ credentials and data, mining cryptocurrencies abusing victims’ resources, and setting up proxies to funnel other people’s internet traffic through infected machines and routers. Botnet operators use to spread the malware via cracked or pirated software and pay-per-install (PPI) schemes.

Backups 111

Backups Advertising Accountability Malware 111

Security Affairs

MAY 8, 2019

Threat actors are exploiting a Jenkins vulnerability (CVE-2018-1000861) disclosed in 2018 to deliver a cryptocurrency miner using the Kerberods dropper. According to the SANS Institute’s Internet Storm Center, attackers are exploiting the CVE-2018-1000861 vulnerability in the Stapler HTTP request handling engine used by Jenkins servers.

Malware 87

Malware Cryptocurrency Advertising Internet 87

Security Affairs

MARCH 10, 2022

Threat actors are spreading password-stealing malware disguised as a security tool to target Ukraine’s IT Army. Cisco Talos researchers have uncovered a malware campaign targeting Ukraine’s IT Army , threat actors are using infostealer malware mimicking a DDoS tool called the “Liberator.” 35) on port 6666.

DDOS 84

DDOS Digital transformation Malware Advertising 84

Malwarebytes

DECEMBER 1, 2021

The particular malicious apps the ThreatFabric researchers found were disguised to look like apps that an Android user might normally search for, such as QR scanners, PDF scanners, cryptocurrency wallets, and fitness monitors. ” In four months, four Android malware families have spread across the Google Play Store.

Malware 116

Malware Banking Authentication Cryptocurrency 116

Security Affairs

JULY 29, 2018

New Underminer exploit kit delivers a bootkit that infects the system’s boot sectors as well as a cryptocurrency miner dubbed Hidden Mellifera. “Underminer delivers a bootkit that infects the system’s boot sectors as well as a cryptocurrency-mining malware named Hidden Mellifera.” ” concludes Trend Micro.

Cryptocurrency 45

Cryptocurrency Advertising Malware Encryption 45

Security Affairs

APRIL 1, 2020

Racoon malware (aka Legion, Mohazo, and Racealer) is an info-stealer that recently appeared in the threat landscape that is advertised in hacking forums. The malware is cheap compared to similar threats, it is able to steal sensitive data from about 60 applications, including (browsers, cryptocurrency wallets, email and FTP clients).

Cryptocurrency 101

Cryptocurrency Malware Advertising Hacking 101

Security Affairs

OCTOBER 7, 2020

Experts noticed that the malware supports multiple CPU architectures, including x86(32/64), ARM(32/64), MIPS(MIPS32/MIPS-III) and PPC, it is written in the Go open-source programming language. Upon gaining access to the device, the bot downloads one of seven binaries that install the HEH malware. ” concludes the post.

Architecture 120

Architecture IoT Malware Advertising 120

Security Affairs

AUGUST 30, 2020

The US DoJ has filed a civil forfeiture complaint with the intent to seize control over 280 Bitcoin and Ethereum accounts that are believed to be holding funds which are the proceeds of hacking campaigns conducted by North Korea-linked APT groups against two cryptocurrency exchanges. In the second attack, threat actors stole $2.5

Cryptocurrency 116

Cryptocurrency Hacking Advertising Accountability 116

Krebs on Security

MAY 4, 2023

As noted in the Secret Service’s criminal complaint (PDF), the Try2Check service was first advertised on the closely-guarded Russian cybercrime forum Mazafaka , by someone using the handle “ KreenJo.” investigators that they had access to a wealth of personal information tied to a cryptocurrency exchange Kulkov had used.

Marketing 235

Marketing Cybercrime Accountability Cryptocurrency 235

Security Affairs

FEBRUARY 8, 2020

Hackers have infected with a piece of malware some IoT devices running Windows 7 designed by three of the world’s largest manufacturers. Security experts from TrapX reported that some IoT devices running Windows 7 have been infected with a piece of malware, is it a supply chain attack? ” reads the report p ublished by TrapX.”First,

Manufacturing 123

Manufacturing IoT Malware Cryptocurrency 123

Security Affairs

SEPTEMBER 9, 2018

The security firm detected over 19,400 samples belonging to roughly 2,800 malware families, most of which were not threats specifically designed to this category of devices. Most of the malware was the result of random attacks rather than targeted operations conducted by nation-state actors. percent), Algeria (71.6 Pierluigi Paganini.

Internet 52

Internet Internet Advertising Malware 52

The Last Watchdog

MAY 8, 2019

Instructive details about both of these malicious campaigns come from malware analysts working on apklab.io , which officially launched in February. Much of this activity is monetized, one way or another, through a billion dollar ecosystem of click fraud, essentially fooling advertisers into paying for clicks that do little or nothing.

Adware 176

Adware Spyware Mobile Banking 176

Security Affairs

SEPTEMBER 27, 2020

fitness chains Town Sports leaked online Group-IB detects a series of ransomware attacks by OldGremlin HOW DO PROVIDERS IMPLEMENT INTERNET BLOCKING IN BELARUS? fitness chains Town Sports leaked online Group-IB detects a series of ransomware attacks by OldGremlin HOW DO PROVIDERS IMPLEMENT INTERNET BLOCKING IN BELARUS?

IoT 102

IoT Banking Advertising Ransomware 102

Security Affairs

SEPTEMBER 2, 2019

Akamai researcher Larry Cashdollar reported that a cryptocurrency miner that previously hit only Arm-powered IoT devices it now targeting Intel systems. The researchers revealed that one of his honeypots was hit by this IoT malware that targets Intel machines running Linux. “This one seems to target enterprise systems.”

IoT 88

IoT Cryptocurrency Malware System Administration 88

Security Affairs

MARCH 31, 2019

Malware Static Analysis. Anubis II – malware and afterlife. Free Tools: spotting APTs through Malware streams. Android Trojan Gustuff capable of targeting more than 100 global banking apps, cryptocurrency and marketplace applications. Gustuff Android banking trojan targets 125+ banking, and 32 cryptocurrency apps.

Cryptocurrency 70

Cryptocurrency Banking Malware Data breaches 70

Security Affairs

MAY 17, 2020

Organizations managing supercomputers across Europe reported their systems have been compromised to deploy cryptocurrency miners. Crooks have compromised supercomputers across Europe to deploy cryptocurrency miners, incidents have been already reported in the UK, Germany, and Switzerland. ” reported ZDNet. Pierluigi Paganini.

Hacking 96

Hacking Cryptocurrency Advertising Malware 96

Security Affairs

JULY 25, 2019

Experts at Intezer researchers have spotted a strain of the Linux mining that also scans the Internet for Windows RDP servers vulnerable to the Bluekeep. In May, Internet scans found nearly one million systems vu lnerable to the BlueKeep flaw. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Cryptocurrency 70

Cryptocurrency Internet Internet Malware 70

Security Affairs

DECEMBER 1, 2019

Iran – Government blocks Internet access in response to the protests. After 1 Million of malware samples analyzed. Upbit cryptocurrency exchange hacked, crooks stole $48.5 Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Advertising 94

Advertising Ransomware Cryptocurrency Government 94

Security Affairs

SEPTEMBER 20, 2018

Sustes Malware doesn’t infect victims by itself, but it is spread via brute-force activities with special focus on IoT and Linux servers. Everybody knows Monero cryptocurrency and probably everybody knows that it has built upon privacy, by meaning It’s not that simple to figure out Monero wallet balance. XMRIG prove 1.

Malware 91

Malware Computers and Electronics Penetration Testing Cryptocurrency 91

Security Affairs

JULY 24, 2018

It listens on port 5555, and enables anybody to connect over the internet to a device. Since it appears to be killing Monero mining processes, the compromised devices could be retasked to mine cryptocurrency for a different group. Perform a factory reset to erase the malware if you feel you are infected. Pierluigi Paganini.

Cryptocurrency 45

Cryptocurrency IoT Mobile Advertising 45

Security Affairs

JANUARY 9, 2020

An operation coordinated by Interpol, dubbed Goldfish Alpha, dismantled an illegal cryptocurrency network operating in Southeast Asia. Interpol announced that it has coordinated a successful international operation aimed at removing cryptocurrency miners that infected routers located in Southeast Asia. ” reported Trend Micro. .

Cryptocurrency 63

Cryptocurrency Cybercrime Internet Internet 63

Security Affairs

AUGUST 18, 2020

The TeamTNT botnet is a crypto-mining malware operation that has been active since April and that targets Docker installs. The worm also steals local credentials, and scans the internet for misconfigured Docker platforms.” The malware then copies and uploads both files to the command-and-control server (sayhi.bplace[.]net).

Firewall 105

Firewall Advertising Malware Cryptocurrency 105

Identity IQ

APRIL 6, 2022

Here are some outlined by the FBI as particularly prevalent right now: Utility or cable/internet scam. In this scenario, a scammer posing as someone from a utility company or internet provider sends a notification that your bill is past due and that these services can be shut off if this is not remedied. Travel industry scams.

Scams 129

Scams Identity Theft Accountability Banking 129

Digital Shadows

FEBRUARY 2, 2023

Whether you’re a crypto-skeptic or a crypto-maximalist, it cannot be denied that the mostly unregulated cryptocurrency ecosystem is no stranger to fraud. It has links to multiple types of cyber crime, including ransomware, carding, phishing, and malware development.

Scams 40

Scams Cryptocurrency Marketing Advertising 40

Security Affairs

AUGUST 5, 2022

Dark Utilities is advertised as a platform to enable remote access, command execution, conduct distributed denial-of-service (DDoS) attacks and cryptocurrency mining operations on infected systems. “This will likely result in an increase in the volume of malware samples in the wild attempting to establish C2 using the platform.”

Architecture 89

Architecture DDOS Internet Internet 89

Security Affairs

SEPTEMBER 13, 2019

A new cryptocurrency-mining botnet tracked as WatchBog is heavily using the Pastebin service for command and control (C&C) operations. Cisco Talos researchers discovered a new cryptocurrency -mining botnet tracked as WatchBog is heavily using the Pastebin service for command and control. SecurityAffairs – WatchBog, malware).

Architecture 81

Architecture Cryptocurrency Malware Advertising 81

SC Magazine

JUNE 25, 2021

Malicious hackers are increasingly mobbing the video game industry, with major companies suffering data breaches, having their source code sold or leaked online and games serving as playgrounds to push malware or mine cryptocurrencies.

Computers and Electronics 121

Computers and Electronics Media Marketing Cryptocurrency 121

Security Affairs

AUGUST 3, 2018

Experts uncovered a massive cryptojacking campaign that is targeting MikroTik routers to inject a Coinhive cryptocurrency mining script in the web traffic. The campaign can potentially compromise over a million of MikroTik routers exposed on the Internet. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. .

Cryptocurrency 68

Cryptocurrency Internet Internet Advertising 68

Security Affairs

MARCH 8, 2020

Venezuela – Power outage knocked out part of the internet connectivity. US officials charge two Chinese men for laundering cryptocurrency for North Korea. Malware campaign employs fake security certificate updates. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Data breaches 70

Data breaches Mobile Advertising Ransomware 70