Security Affairs

APRIL 2, 2025

Judging by the analysis of transactions, they were able to transfer about $270,000 in various cryptocurrencies to their crypto wallets.” “However, in reality, this amount may be larger; the attackers also targeted Monero, a cryptocurrency that is untraceable.” 231 banking malware.

Cryptocurrency

Security Affairs

JANUARY 10, 2025

The malware authors claimed it can steal a broad range of data from compromised systems, including browser data, cryptocurrency wallets, and around 100 browser extensions. In August 2024, Russian crooks advertised a macOS malware called BANSHEE Stealer that can target both x86_64 and ARM64 architectures.

Malware

Malwarebytes

MARCH 18, 2025

We were alerted to Mac and Windows stealers currently distributed via Reddit posts targeting users engaging in cryptocurrency trading. These two malware families have wreaked havoc, pillaging victims’ personal data and enabling their distributors to make substantial gains, mostly by taking over cryptocurrency wallets.

Cryptocurrency

eSecurity Planet

OCTOBER 22, 2024

Matanbuchus and XMRig: Used for cryptocurrency mining, these malware strains can slow down systems while surreptitiously utilizing computing resources. These groups are considered sub-teams of larger cryptocurrency scam networks, highlighting the organized and systematic nature of these phishing attacks.

Scams

Security Affairs

JULY 18, 2025

NoMoreRansom warns users to remove the malware first with a reliable antivirus before using the decryptor, or files may be re-encrypted repeatedly. Affiliates paid fees to administrators like Ptitsyn for decryption keys, with payments routed via unique cryptocurrency wallets from 2021–2024. In February 2025, the U.S.

Ransomware

eSecurity Planet

MARCH 10, 2025

A new wave of cyberattacks is sweeping through Russia as cybercriminals deploy the so-called SilentCryptoMiner a cryptocurrency miner masquerading as a legitimate internet bypass tool. Beyond cryptocurrency theft, such attacks could pave the way for further exploitation, including deploying remote access tools (RATs) and stealers.

VPN

Security Affairs

MARCH 14, 2025

Panev received over $230,000 in laundered cryptocurrency from Khoroshev between 2022 and 2024. He developed the code to disable antivirus software, deploy malware, and print ransom notes to all printers connected to a victim network.

Ransomware

SecureList

APRIL 8, 2025

If not, the script checks for processes associated with antivirus software, security solutions, virtual environments, and research tools. The message contains system information, the infected device’s external IP address and country, CPU name, operating system, installed antivirus, username, and computer name.

Passwords

SecureList

MARCH 5, 2025

Most active of all have been schemes for distributing popular stealers, remote access tools (RATs), Trojans that provide hidden remote access, and miners that harness computing power to mine cryptocurrency. This technique is used to hinder automatic analysis by antivirus solutions and sandboxes. Gaining persistence in the system.

Malware

Security Affairs

JUNE 6, 2025

de email addresses and pay the ransom in cryptocurrency. The threat actors behind the operation use tools like AdFind and Grixba to gather network data and identify antivirus defenses, then disable security software using GMER, IOBit, or PowerTool. .” The Play ransomware group follows a double extortion model. de or @web[.]de

Ransomware

SecureList

JULY 10, 2025

Additionally, he used free online services for malware detection to protect his system, but no commercial antivirus software. With these tools, the attackers successfully obtained passphrases for the developer’s wallets and then syphoned off cryptocurrency. Both implants communicated with the C2 server 144.172.112[.]84

Malware

SecureList

APRIL 21, 2025

Fake Telegram channels for pirated content and cryptocurrencies. The attackers create Telegram channels with names containing keywords related to cryptocurrencies or pirated content, such as software, movies, etc. When a user searches for such content, the fraudulent channels appear at the top of the search.

Malware

eSecurity Planet

FEBRUARY 17, 2025

Simply put, they are antivirus solutions. In fact, it is one of the most popular antivirus solutions. Per 6sense, McAfee Cloud Security makes up 12.47% of the worldwide antivirus market share. 5 McAfee Total Protection is a set of five consumer security plans, including antivirus, web protection, and safety scores.

Antivirus

eSecurity Planet

MAY 27, 2025

Traditional antivirus systems usually fail to detect suspicious activity due to this. The FBI is also asking organizations that have been targeted or compromised by Luna Moth to report the incident and share details such as ransom notes, phishing emails, cryptocurrency wallet addresses, and phone numbers used by the attackers.

Phishing

Cisco Security

JULY 7, 2025

Endpoint security still meant antivirus agents. And, the advent of Bitcoin and other cryptocurrencies has provided a relatively safe channel for ransom, extortion and other illicit payments. Cloud computing was nascent and was still without online storage and elastic compute.

Cyber Risk

SecureList

APRIL 23, 2025

LPEClient LPEClient is a tool known for victim profiling and payload delivery ( T1105 ) that has previously been observed in attacks on defense contractors and the cryptocurrency industry. All of these techniques are designed to bypass security products such as antivirus and EDR solutions, but they load the payload in different ways.

Malware

Security Boulevard

MARCH 24, 2025

Cybercriminals Exploit CheckPoint Antivirus Driver in Malicious Campaign Infosecurity Magazine Threat actors are leveraging a "bring your own vulnerable driver" (BYOVD) attack to bypass Windows security measures. Specifically, it was fetching account icons and defaulted to opening password reset pages over HTTP.

Surveillance

Malwarebytes

FEBRUARY 20, 2025

ACRStealer is capable of: Identifying which antivirus solution is on a device Stealing crypto wallets and login credentials Stealing browser information Harvesting File Transfer Protocol (FTP) credentials Reading all text files With that kind of information, cybercriminals can go after your cryptocurrency and other funds.

Identity Theft

Digital Shadows

NOVEMBER 26, 2024

Attackers exploiting cloud accounts pose significant risks, targeting virtual machines (VMs) for activities like cryptocurrency mining, leading to unexpected costs for organizations. Compromised cloud storage can result in account breaches, data theft, or extortion in which attackers exploit reputational damage to demand ransoms.

Cyber Attacks

Zero Day

JULY 29, 2025

The NordLynx protocol has fast and secure connections worldwide, and features like specialty servers, an antivirus (offline malware scanner for PCs), and a Dark Web Monitor are welcome. The PC version, Threat Protection Pro, also has antivirus capabilities, scanning any downloaded files for trojans, spyware, and viruses.

VPN

Security Affairs

JULY 25, 2025

The images are polyglot files that hide malicious code appended at the end and execute directly in memory to evade antivirus detection. Koske malware supports mining 18 cryptocurrencies, selecting CPU- or GPU-optimized miners based on the hardware of the infected host. One is C code compiled into a rootkit.so

Malware

Krebs on Security

JANUARY 8, 2022

Many readers were surprised to learn recently that the popular Norton 360 antivirus suite now ships with a program which lets customers make money mining virtual currency. Avira Free Antivirus). “Avira Crypto allows you to use your computer’s idle time to mine the cryptocurrency Ethereum (ETH),” the FAQ explains.

Antivirus

Krebs on Security

SEPTEMBER 17, 2020

One of the alleged hackers was first profiled here in 2012 as the owner of a Chinese antivirus firm. One of the men indicted as part of APT41 — now 35-year-old Tan DaiLin — was the subject of a 2012 KrebsOnSecurity story that sought to shed light on a Chinese antivirus product marketed as Anvisoft. Image: FBI.

Antivirus

Bleeping Computer

JUNE 2, 2021

NortonLifelock has added the ability to mine Ethereum cryptocurrency directly within its Norton 360 antivirus program as a way to "protect" users from malicious mining software. [.].

Antivirus

Schneier on Security

JANUARY 7, 2022

Norton 360 can now mine Ethereum. It’s opt-in, and the company keeps 15%. It’s hard to uninstall this option.

Antivirus

Krebs on Security

JANUARY 6, 2022

Norton 360 , one of the most popular antivirus products on the market today, has installed a cryptocurrency mining program on its customers’ computers. According to the FAQ posted on its site , “ Norton Crypto ” will mine Ethereum (ETH) cryptocurrency while the customer’s computer is idle.

Cryptocurrency

The Hacker News

APRIL 24, 2024

A new malware campaign has been exploiting the updating mechanism of the eScan antivirus software to distribute backdoors and cryptocurrency miners like XMRig through a long-standing threat codenamed GuptiMiner targeting large corporate networks.

Antivirus

Security Affairs

APRIL 24, 2024

A malware campaign has been exploiting the updating mechanism of the eScan antivirus to distribute backdoors and cryptocurrency miners. Avast researchers discovered and analyzed a malware campaign that exploited the update mechanism of the eScan antivirus to distribute backdoors and crypto miners.

Antivirus

Bleeping Computer

APRIL 23, 2024

North Korean hackers have been exploiting the updating mechanism of the eScan antivirus to plant backdoors on big corporate networks and deliver cryptocurrency miners through GuptiMiner malware. [.]

Antivirus

Schneier on Security

NOVEMBER 28, 2022

In one, the researcher explained they had installed antivirus software and performed a disk cleanup to “remove multiple viruses on the device.” The researchers added documents, both sexually revealing and non-sexual pictures, and a cryptocurrency wallet with credentials. The laptops were freshly imaged Windows 10 laptops.

Antivirus

Schneier on Security

MAY 14, 2020

The first of the new malware variants, COPPERHEDGE , is described as a Remote Access Tool (RAT) "used by advanced persistent threat (APT) cyber actors in the targeting of cryptocurrency exchanges and related entities." It's interesting to see the US government take a more aggressive stance on foreign malware. Me, I like reading the codenames.

Government

Krebs on Security

FEBRUARY 28, 2024

Malicious hackers are targeting people in the cryptocurrency space in attacks that start with a link added to the target’s calendar at Calendly , a popular application for scheduling appointments and meetings. The attackers impersonate established cryptocurrency investors and ask to schedule a video conference call. capital).

Malware

Bleeping Computer

JUNE 7, 2021

Last week, NortonLifelock announced that the Norton 360 antivirus suite would soon be able to mine Ethereum cryptocurrency while the computer is idle. In this article, we go hands-on with the new 'Norton Crypto' feature to show what's good about it and what's bad. [.].

Antivirus

Security Affairs

MAY 2, 2021

The bold author of a new cryptocurrency stealer, dubbed WeSteal, is promising its customers a leading way to make money in 2021. According to Palo Alto Networks, the author of WeSteal, that goes online as “ComplexCodes,” started advertising the cryptocurrency stealer on underground forums in mid-February 2021.

Cryptocurrency

Krebs on Security

DECEMBER 29, 2022

You just knew 2022 was going to be The Year of Crypto Grift when two of the world’s most popular antivirus makers — Norton and Avira — kicked things off by installing cryptocurrency mining programs on customer computers.

Cryptocurrency

Zero Day

JUNE 3, 2021

The vendor says that bringing mining in-house has security benefits.

Antivirus

Quick Heal Antivirus

SEPTEMBER 16, 2021

What is Cryptocurrency? Cryptocurrency is a type of digital currency that generally only exists electronically. The post Blockchain & Fraud Prevention: Strategies to overcome the cryptocurrency scam appeared first on Quick Heal Blog | Latest computer security news, tips, and advice. There is no.

Cryptocurrency