Bleeping Computer

JANUARY 24, 2023

A threat actor tracked as DEV-0569 uses Google Ads in widespread, ongoing advertising campaigns to distribute malware, steal victims' passwords, and ultimately breach networks for ransomware attacks. [.]

Ransomware 144

Ransomware Advertising Passwords Malware 144

Krebs on Security

NOVEMBER 10, 2020

It’s bad enough that many ransomware gangs now have blogs where they publish data stolen from companies that refuse to make an extortion payment. Now, one crime group has started using hacked Facebook accounts to run ads publicly pressuring their ransomware victims into paying up. On the evening of Monday, Nov. ”

Ransomware 356

Ransomware Accountability Hacking Advertising 356

Security Boulevard

JULY 28, 2023

Threat actors are using bogus advertisements for IT tools on sites like Google and Microsoft’s Bing in hopes of luring tech users to inadvertently download malware that kicks off an attack that eventually leads to ransomware like BlackCat.

Ransomware 98

Ransomware Advertising Malware Cybersecurity 98

Krebs on Security

JANUARY 27, 2021

and Bulgarian authorities this week seized the darkweb site used by the NetWalker ransomware cybercrime group to publish data stolen from its victims. The victim shaming site maintained by the NetWalker ransomware group, after being seized by authorities this week. ” Image: Chainalysis.

Ransomware 290

Ransomware Cybercrime Antivirus Encryption 290

Security Affairs

JANUARY 20, 2019

An Iranian developer is promoting on a Telegram hacking channel the BlackRouter ransomware through a Ransomware-as-a-Service model. An Iranian developer is advertising on Telegram a Ransomware-as-a-Service called BlackRouter. Ransomware #BlackRouter ext.: SecurityAffairs – ransomware -as-a-service, malware).

Advertising 87

Advertising Ransomware Malware Hacking 87

Security Affairs

DECEMBER 10, 2021

BlackCat is the first professional ransomware strain that was written in the Rust programming language, researchers reported. Malware researchers from Recorded Future and MalwareHunterTeam discovered ALPHV (aka BlackCat), the first professional ransomware strain that was written in the Rust programming language.

Ransomware 99

Ransomware Malware Cybercrime Encryption 99

Krebs on Security

JUNE 1, 2023

This post is a deep dive on “ Megatraffer ,” a veteran Russian hacker who has practically cornered the underground market for malware focused code-signing certificates since 2015. More recently, it appears Megatraffer has been working with ransomware groups to help improve the stealth of their malware.

Malware 250

Malware Cybercrime Software Antivirus 250

CyberSecurity Insiders

SEPTEMBER 13, 2022

According to a study conducted by security firm SentinelOne, ransomware spreading hackers are adopting a new encryption standard named ‘Intermittent Encryption’ while targeting victims. Since there are no intense IO operations, the anti-malware solutions cannot detect the activity, thus failing in its true aim of inception.

Encryption 121

Encryption Ransomware Advertising Malware 121

Krebs on Security

JUNE 21, 2023

If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or “crypt” your malware so that it appears benign to antivirus and security products. This story explores the history and identity behind Cryptor[.]biz WHO RUNS CRYPTOR[.]BIZ?

Malware 227

Malware Antivirus Cybercrime Hacking 227

SecureList

OCTOBER 24, 2023

Introduction As a cybersecurity company, Kaspersky is constantly dealing with known and brand-new malware samples. A good example of this is GoPIX, a malware campaign that has been active since December 2022. If they click such a link, a redirection follows, with the user ending up on the malware landing page.

Ransomware 106

Ransomware Malware Advertising Passwords 106

Krebs on Security

OCTOBER 31, 2022

A 26-year-old Ukrainian man is awaiting extradition from The Netherlands to the United States on charges that he acted as a core developer for Raccoon , a popular “malware-as-a-service” offering that helped paying customers steal passwords and financial data from millions of cybercrime victims.

Malware 299

Malware Identity Theft Cybercrime Accountability 299

Security Affairs

OCTOBER 13, 2023

FBI and CISA published a joint Cybersecurity Advisory (CSA) to disseminate IOCs, TTPs, and detection methods associated with AvosLocker ransomware. The joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort aimed at sharing technical details associated with various ransomware operations.

Ransomware 117

Ransomware System Administration Antivirus Malware 117

CyberSecurity Insiders

SEPTEMBER 21, 2022

First is the news about Hive Ransomware targeting the New York Racing Association (NYRA) on 30th of June this year that resulted in disruption of IT services, including the website. Hackers are seen using this malware to exploit browsers leading to advertising and affiliate frauds.

Malware 121

Malware Telecommunications Insurance Ransomware 121

Heimadal Security

JULY 3, 2023

The BlackCat ransomware group launched a malvertising campaign to push Cobalt Strike. They put up advertisements to attract people to fake WinSCP pages. Instead of the application, the victims download malware. WinSCP (Windows Secure Copy) is a well-known SFTP, FTP, S3, SCP, and file manager that supports SSH file transfers.

Ransomware 87

Ransomware Advertising Malware Cybersecurity 87

eSecurity Planet

JANUARY 26, 2023

Security researchers are warning that Google Ads are being actively leveraged to distribute malware to unsuspecting victims searching for software downloads. On January 20, CronUp researcher Germán Fernández warned that the DEV-0569 ransomware group is using Google Ads to distribute Gozi/Ursnif malware, RedLine stealer, and Royal ransomware.

Malware 122

Malware Ransomware Software Cryptocurrency 122

Malwarebytes

OCTOBER 20, 2023

Even though it had a long run for a ransomware group, it seems the bell might be tolling for Ragnar Locker. The ransomware group’s infrastructure was also seized in the Netherlands, Germany and Sweden and the associated data leak website was taken down in Sweden. How to avoid ransomware Block common forms of entry.

Ransomware 113

Ransomware Backups Encryption Software 113

Heimadal Security

OCTOBER 7, 2022

A recently discovered malware called LilithBot is linked to the Eternity group, Zscaler researchers claim. Earlier this year, Eternity Project came up on a Telegram channel advertising a toolkit which included a stealer, miner, clipper, ransomware, worm spreader, and a DDoS bot.

Malware 96

Malware DDOS Advertising Ransomware 96

SecureList

FEBRUARY 27, 2023

Figures of the year In 2022, Kaspersky mobile products and technology detected: 1,661,743 malicious installers 196,476 new mobile banking Trojans 10,543 new mobile ransomware Trojans Trends of the year Mobile attacks leveled off after decreasing in the second half of 2021 and remained around the same level throughout 2022. percentage points.

Mobile 124

Mobile Malware Adware Banking 124

Security Affairs

NOVEMBER 19, 2022

Microsoft warns that a threat actor, tracked as DEV-0569, is using Google Ads to distribute the recently discovered Royal ransomware. The DEV-0569 group carries out malvertising campaigns to spread links to a signed malware downloader posing as software installers or fake updates embedded in spam messages, fake forum pages, and blog comments.

Ransomware 132

Ransomware Malware Antivirus Phishing 132

Security Affairs

JANUARY 11, 2022

AvosLocker is the latest ransomware that implemented the capability to encrypt Linux systems including VMware ESXi servers. “While we couldn’t find what targets were attacked using this AvosLocker ransomware Linux variant , BleepingComputer knows of at least one victim that got hit with a $1 million ransom demand.”

Ransomware 121

Ransomware Encryption Advertising Malware 121

CSO Magazine

MARCH 23, 2023

Security researchers have started seeing attack campaigns that use a relatively new malware-as-a-service (MaaS) tool called AresLoader. AiD Lock is not a newcomer to malware development and was previously associated with the AiD Locker ransomware-as-a-service (RaaS) program as well as with a group called PHANTOM DEV or DeadXInject Hack.

Malware 92

Malware Advertising Ransomware Software 92

Bleeping Computer

MAY 24, 2021

The developers of Zeppelin ransomware have resumed their activity after a period of relative silence that started last Fall and started to advertise new versions of the malware. [.].

Ransomware 128

Ransomware Advertising Malware 128

Security Affairs

JULY 20, 2022

Kaspersky researchers discovered a new ransomware family written in Rust, named Luna, that targets Windows, Linux, and ESXi systems. Researchers from Kaspersky Lab detailed a new ransomware family named Luna, which is written in Rust and is able to target Windows, Linux, and ESXi systems. A notable example includes BlackCat and Hive.

Ransomware 132

Ransomware Encryption Malware Advertising 132

Security Affairs

NOVEMBER 4, 2020

The source code for the KPot information stealer was put up for auction and the REvil ransomware operators want to acquire it. The authors of KPot information stealer have put its source code up for auction , and the REvil ransomware operators will likely be the only group to bid. SecurityAffairs – hacking, malware).

Ransomware 139

Ransomware Malware Advertising Cybercrime 139

Security Affairs

AUGUST 3, 2020

Last week, the Minister of Internal Affairs of Belarus announced the arrest of a 31-year-old man that is accused of distributing the infamous GandCrab ransomware. Last week, the Minister of Internal Affairs of Belarus announced the arrest of a man on charges of distributing the infamous GandCrab ransomware.

Ransomware 120

Ransomware Advertising Malware Hacking 120

Security Affairs

AUGUST 26, 2019

A new ransomware, dubbed Nemty, appeared in the threat landscape over the weekend, it spreads via compromised RDP connections. A new ransomware, called Nemty ransomware, has been discovered over the weekend by malware researchers. ” 2019-08-24: #Nemty #Ransomware version '1.0' Source BleepingComputer.

Ransomware 93

Ransomware Malware Antivirus Encryption 93

Security Affairs

SEPTEMBER 29, 2020

revealed it was the victim of a malware attack that affecting some servers on its network. a French maritime transport and logistics giant, revealed that a malware attack affected some servers on its network. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. CMA CGM S.A. ,

Ransomware 145

Ransomware Malware Advertising Cyber Attacks 145

CyberSecurity Insiders

APRIL 30, 2021

Nitro Ransomware, a new variant of file encrypting malware is shaking up the internet by demanding Discord Nitro Gift Cards from victims instead of cryptocurrency. that allows its subscribers to upload files that are large and also offers to its users better emoji option along with HD Video streaming that is free of advertisements.

Ransomware 142

Ransomware Encryption Cryptocurrency Internet 142

Malwarebytes

APRIL 18, 2023

There’s a new ransomware gang in town, stitched together from members of well known threat creators to push a new kind of malware focused on punishing unwary organisations. The malware family, called “Domino”, is the brainchild of FIN7 and ex-Conti ransomware members.

Malware 89

Malware Banking Ransomware Passwords 89

SecureList

MARCH 1, 2021

In 2020, Kaspersky mobile products and technologies detected: 5,683,694 malicious installation packages, 156,710 new mobile banking Trojans, 20,708 new mobile ransomware Trojans. The mobile malware Trojan-Ransom.AndroidOS.Agent.aq Last year was notable for both malware and adware, the two very close in terms of capabilities.

Mobile 140

Mobile Malware Adware Banking 140

Security Affairs

OCTOBER 18, 2020

The financially-motivated hacker group FIN11 has started spreading ransomware to monetize its cyber criminal activities. The financially-motivated hacker group FIN11 has switched tactics starting using ransomware as the main monetization method. ” reads the analysis published by FireEye. ” reads the analysis.

Ransomware 131

Ransomware Malware Telecommunications Advertising 131

Security Affairs

OCTOBER 25, 2020

Researchers from MalwareHunterTeam have spotted a new piece of remote access trojan (RAT) dubbed ‘Abaddon’ that is likely the first malware using the Discord platform as command and control. The Abaddon malware connects to the Discord command and control server to check for new commands to execute. "Abaddon"

Malware 131

Malware Advertising Ransomware Encryption 131

Identity IQ

APRIL 29, 2021

What is Malware? . Malware is an umbrella term used to describe any malicious software designed to harm, exploit, or extract sensitive data from a system, device, or network. Why do Cybercriminals Use Malware? How does Malware Spread? Types of Malware. Warning Signs Cour computer Is Infected by Malware.

Malware 98

Malware Adware Spyware Advertising 98

Security Affairs

SEPTEMBER 17, 2020

The Maze ransomware operators now use a virtual machine to encrypt a computer, a tactic previously adopted by the Ragnar Locker malware. The Maze ransomware operators have adopted a new tactic to evade detection, their malware now encrypts a computer from within a virtual machine. ” continues the analysis.

Ransomware 144

Ransomware Encryption Advertising Malware 144

Security Affairs

JANUARY 30, 2021

FonixCrypter ransomware operators shut down their operations, released the master decryption key for free, and deleted malware’s source code. Good news for the victims of the FonixCrypter ransomware, the operators behind the threat shut down their operations and released the master decryption key. Pierluigi Paganini.

Ransomware 134

Ransomware Encryption Malware Cybercrime 134

Malwarebytes

MAY 19, 2022

Moises Luis Zagala Gonzales worked as a ransomware developer on the side, renting out and selling ransomware tools to cybercriminals. Combating ransomware is a top priority of the Department of Justice and of this Office. Combating ransomware is a top priority of the Department of Justice and of this Office.

Ransomware 117

Ransomware Antivirus Healthcare Malware 117

Security Affairs

SEPTEMBER 23, 2018

Security experts from Trend Micro discovered a new malware tracked as Virobot that combines ransomware and botnet capabilities. Virobot was first spotted on September 17, 2018, experts pointed out that it is not associated with any known ransomware families. Security Affairs – Virobot , malware ).

Malware 85

Malware Ransomware Encryption Advertising 85