Security Affairs

DECEMBER 26, 2022

The FBI warns of cybercriminals using search engine advertisement services to impersonate brands and defraud users. The FBI is warning of cyber criminals using search engine advertisement services to impersonate brands and direct users to websites that were used to defraud users. ” reads the advisory published by the FBI.

Advertising 92

Advertising Engineering Education Internet 92

Bleeping Computer

FEBRUARY 7, 2024

A new password-stealing malware named Ov3r_Stealer is spreading through fake job advertisements on Facebook, aiming to steal account credentials and cryptocurrency. [.]

Passwords 129

Passwords Malware Cryptocurrency Advertising 129

Bleeping Computer

APRIL 5, 2024

Hackers are using Facebook advertisements and hijacked pages to promote fake Artificial Intelligence services, such as MidJourney, OpenAI's SORA and ChatGPT-5, and DALL-E, to infect unsuspecting users with password-stealing malware. [.]

Artificial Intelligence 134

Artificial Intelligence Malware Advertising Passwords 134

Security Affairs

APRIL 29, 2023

Atomic macOS Stealer is a new information stealer targeting macOS that is advertised on Telegram for $1,000 per month. Cyble Research and Intelligence Labs (CRIL) recently discovered a Telegram channel advertising a new information-stealing malware, named Atomic macOS Stealer (AMOS). ” reads the report published by Cyble.

Advertising 84

Advertising Passwords Malware Password Management 84

Bleeping Computer

SEPTEMBER 28, 2023

Malicious advertisements are now being injected into Microsoft's AI-powered Bing Chat responses, promoting fake download sites that distribute malware.

Malware 141

Malware Advertising 141

The Hacker News

MARCH 6, 2024

Threat actors have been leveraging fake websites advertising popular video conferencing software such as Google Meet, Skype, and Zoom to deliver a variety of malware targeting both Android and Windows users since December 2023.

Malware 133

Malware Advertising Software 133

Security Affairs

NOVEMBER 11, 2020

?Ragnar Locker Ransomware operators have started to run Facebook advertisements to force their victims into paying the ransom. Ragnar Locker Ransomware operators are improving their extortion technique and started running Facebook advertisements to make pressure on their victims and force them to pay the ransom. 9, on Facebook.

Advertising 123

Advertising Hacking Ransomware Accountability 123

Heimadal Security

JULY 7, 2021

Even if we can consider the pretense ironic, the situation can be very risky as it can actually end up deploying infostealer malware on the victim machine. An infostealer is a type of malware focused on gathering sensitive and conditional information from a compromised system.

Advertising 98

Advertising Malware Cybersecurity 98

Krebs on Security

APRIL 18, 2023

For the past seven years, a malware-based proxy service known as “ Faceless ” has sold anonymity to countless cybercriminals. For less than a dollar per day, Faceless customers can route their malicious traffic through tens of thousands of compromised systems advertised on the service. Image: spur.us.

Malware 238

Malware Passwords Accountability Advertising 238

Krebs on Security

JUNE 21, 2023

If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or “crypt” your malware so that it appears benign to antivirus and security products. This story explores the history and identity behind Cryptor[.]biz WHO RUNS CRYPTOR[.]BIZ?

Malware 225

Malware Antivirus Cybercrime Hacking 225

The Hacker News

NOVEMBER 17, 2023

Threat actors are leveraging manipulated search results and bogus Google ads that trick users who are looking to download legitimate software such as WinSCP into installing malware instead. The malicious advertisement directs the user to a compromised WordPress website gameeweb[.]com, com, which redirects the

Malware 124

Malware Advertising Software Cybersecurity 124

Bleeping Computer

OCTOBER 2, 2023

Security researchers discovered a new malware-as-a-service (MaaS) named 'BunnyLoader' advertised on multiple hacker forums as a fileless loader that can steal and replace the contents of the system clipboard. [.]

Malware 126

Malware Advertising 126

Penetration Testing

JANUARY 11, 2024

Detected by eSentire’s Threat Response Unit (TRU) in November 2023, WorkersDevBackdoor malware has been impacting the business services industry with its cunning distribution and destructive capabilities.

Malware 91

Malware Penetration Testing Business Services Advertising 91

Penetration Testing

NOVEMBER 2, 2023

Security researchers at Bitdefender have unveiled that cybercriminals are exploiting Facebook advertising to disseminate malware and usurp users’ social network accounts.

Malware 83

Malware Penetration Testing Advertising Accountability 83

The Hacker News

OCTOBER 1, 2023

Cybersecurity experts have discovered yet another malware-as-a-service (MaaS) threat called BunnyLoader that's being advertised for sale on the cybercrime underground.

Cybercrime 134

Cybercrime Malware Advertising Cybersecurity 134

Security Affairs

JANUARY 20, 2019

An Iranian developer is advertising on Telegram a Ransomware-as-a-Service called BlackRouter. The same expert advertises other malware and is believed to the author of another ransomware called Blackheart. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Advertising 86

Advertising Ransomware Malware Hacking 86

Krebs on Security

SEPTEMBER 1, 2021

Over the past 15 years, a cybercrime anonymity service known as VIP72 has enabled countless fraudsters to mask their true location online by routing their traffic through millions of malware-infected systems. Between 2003 and 2006, Corpse focused on selling and supporting his Haxdoor malware.

Malware 291

Malware Cybercrime Internet Internet 291

Krebs on Security

OCTOBER 31, 2022

A 26-year-old Ukrainian man is awaiting extradition from The Netherlands to the United States on charges that he acted as a core developer for Raccoon , a popular “malware-as-a-service” offering that helped paying customers steal passwords and financial data from millions of cybercrime victims.

Malware 294

Malware Identity Theft Cybercrime Accountability 294

Krebs on Security

JUNE 1, 2023

This post is a deep dive on “ Megatraffer ,” a veteran Russian hacker who has practically cornered the underground market for malware focused code-signing certificates since 2015. More recently, it appears Megatraffer has been working with ransomware groups to help improve the stealth of their malware. WHO IS MEGATRAFFER?

Malware 246

Malware Cybercrime Software Antivirus 246

Heimadal Security

APRIL 27, 2023

Google advertisements have been exploited to distribute various types of malware over the past few months. To trick unsuspecting users into downloading malware onto their systems, threat actors often used the platform to promote fake websites on legit software and application updates.

Malware 100

Malware Advertising Software Cybersecurity 100

Krebs on Security

JULY 25, 2023

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. ” According to Kilmer, AVrecon is the malware that gives SocksEscort its proxies.

Malware 212

Malware VPN Internet Internet 212

SecureList

JUNE 15, 2023

Thus, it was inevitable that malware creators would one day begin not only to distribute malicious programs themselves, but also to sell them to less technically proficient attackers, thereby lowering the threshold for entering the cybercriminal community. A MaaS operator is typically a team consisting of several people with distinct roles.

Malware 137

Malware Ransomware Cybercrime Hacking 137

The Hacker News

MARCH 13, 2023

A fake ChatGPT-branded Chrome browser extension has been found to come with capabilities to hijack Facebook accounts and create rogue admin accounts, highlighting one of the different methods cyber criminals are using to distribute malware. "By

Advertising 98

Advertising Accountability Media Malware 98

Security Affairs

MAY 20, 2024

Researchers discovered a sophisticated cybercriminal campaign by Russian-speaking threat actors that used GitHub to distribute malware. The malware employed in the multi-faceted campaign shared the same C2 infrastructure, suggesting attackers coordinated efforts to maximize the impact of the attacks.

Malware 100

Malware Banking Software Advertising 100

Malwarebytes

MARCH 5, 2024

We’re going to let you in on a little cybersecurity secret… There’s malware on Mac computers. This mass adoption was good for Microsoft and its revenue, but it also drew and maintained the interests of cybercriminals, who would develop malware that could impact the highest number of victims. There pretty much always has been.

Malware 139

Malware Adware Ransomware Social Engineering 139

Bleeping Computer

APRIL 5, 2023

The developers of the Typhon info-stealer announced on a dark web forum that they have updated the malware to a major version they advertise as 'Typhon Reborn V2' [.]

Malware 103

Malware Advertising 103

Krebs on Security

AUGUST 2, 2022

Compounding the problem, several remaining malware-based proxy services have chosen to block new registrations to avoid swamping their networks with a sudden influx of customers. com , a malware-based proxy network that has been in existence since at least 2010. Last week, a seven-year-old proxy service called 911[.]re Image: Spur.us.

Malware 260

Malware Cybercrime Internet Internet 260

Krebs on Security

NOVEMBER 13, 2019

In July 2016, KrebsOnSecurity published a story identifying a Toronto man as the author of the Orcus RAT , a software product that’s been marketed on underground forums and used in countless malware attacks since its creation in 2015. This week, Canadian authorities criminally charged him with orchestrating an international malware scheme.

Malware 201

Malware Advertising Marketing System Administration 201

CSO Magazine

APRIL 18, 2023

Security researchers warn of a new malware loader that's used as part of the infection chain for the Aurora information stealer. The Aurora infostealer is written in Go and is operated as a malware-as-a-service platform that's advertised on Russian-language cybercrime forums.

Malware 120

Malware Cryptocurrency Cybercrime Advertising 120

CSO Magazine

MAY 19, 2023

Cybercrime gang Lemon Group has managed to get malware known as Guerrilla preinstalled on about 8.9 The Guerilla malware can load additional payloads, intercept one-time passwords (OTPs) from SMS texts, set up a reverse proxy from the infected device, and infiltrate WhatsApp sessions. To read this article in full, please click here

Malware 119

Malware Cybercrime Mobile Advertising 119

Security Affairs

JULY 20, 2024

CrowdStrike warns that threat actors are exploiting the recent IT outage caused by their faulty update to distribute Remcos RAT malware. CrowdStrike spotted threat actors attempting to benefit from the recent IT outage caused by the faulty update of the cybersecurity firm to distribute Remcos RAT malware.

Malware 119

Malware Advertising Cryptocurrency Cybersecurity 119

The Hacker News

JUNE 19, 2023

A new information-stealing malware called Mystic Stealer has been found to steal data from about 40 different web browsers and over 70 web browser extensions. First advertised on April 25, 2023, for $150 per month, the malware also targets cryptocurrency wallets, Steam, and Telegram, and employs extensive mechanisms to resist analysis.

Malware 100

Malware Cryptocurrency Advertising 100

Security Affairs

AUGUST 10, 2023

Zscaler ThreatLabz researchers discovered a new information stealer malware, called Statc Stealer, that can steal a broad range of info from Windows devices. The malware can steal sensitive information from various web browsers, including login data, cookies, web data, and preferences. ” concludes the report.

Malware 88

Malware Encryption Advertising Cryptocurrency 88

Penetration Testing

NOVEMBER 20, 2023

Cybercriminals are manipulating Google search results and embedding fraudulent advertisements to deceive users attempting to install the legitimate software WinSCP. Securonix is tracking this hacking activity under the name “SEO#LURKER.”

Software 84

Software Penetration Testing Malware Advertising 84

Bleeping Computer

AUGUST 18, 2022

A new batch of thirty-five Android malware apps that display unwanted advertisements was found on the Google Play Store, with the apps installed over 2 million times on victims' mobile devices. [.].

Malware 118

Malware Mobile Advertising 118

Malwarebytes

OCTOBER 28, 2023

Victims who clicked on the ad were taken to a hacked webpage with a link to download the application, which turned out to install over a dozen different pieces of malware instead. Unfortunately, some of those pages have been injected with malware that spams malicious content into them.

Malware 116

Malware Software Advertising Hacking 116

Bleeping Computer

JULY 20, 2021

An ongoing worldwide campaign is pushing new malware dubbed MosaicLoader advertising camouflaged as cracked software via search engine results to infect wannabe software pirates' systems. [.].

Software 127

Software Malware Advertising Engineering 127