Security Affairs

APRIL 2, 2025

Judging by the analysis of transactions, they were able to transfer about $270,000 in various cryptocurrencies to their crypto wallets.” “However, in reality, this amount may be larger; the attackers also targeted Monero, a cryptocurrency that is untraceable.” 231 banking malware.

Cryptocurrency 126

Cryptocurrency Malware Firmware Mobile 126

Security Affairs

JULY 18, 2025

NoMoreRansom warns users to remove the malware first with a reliable antivirus before using the decryptor, or files may be re-encrypted repeatedly. Affiliates paid fees to administrators like Ptitsyn for decryption keys, with payments routed via unique cryptocurrency wallets from 2021–2024. In February 2025, the U.S.

Ransomware 133

Ransomware Encryption Malware Cybercrime 133

Security Affairs

MARCH 14, 2025

Panev received over $230,000 in laundered cryptocurrency from Khoroshev between 2022 and 2024. He developed the code to disable antivirus software, deploy malware, and print ransom notes to all printers connected to a victim network. A $10 million reward was offered for information on Khoroshev through the U.S.

Ransomware 69

Ransomware Cryptocurrency Small Business Malware 69

Security Affairs

JUNE 6, 2025

de email addresses and pay the ransom in cryptocurrency. The threat actors behind the operation use tools like AdFind and Grixba to gather network data and identify antivirus defenses, then disable security software using GMER, IOBit, or PowerTool. .” The Play ransomware group follows a double extortion model. de or @web[.]de

Ransomware 97

Ransomware Encryption Antivirus Malware 97

SecureList

APRIL 8, 2025

If not, the script checks for processes associated with antivirus software, security solutions, virtual environments, and research tools. The message contains system information, the infected device’s external IP address and country, CPU name, operating system, installed antivirus, username, and computer name.

Passwords 79

Passwords Cryptocurrency Software Antivirus 79

SecureList

APRIL 21, 2025

Introduction The evolution of Malware-as-a-Service (MaaS) has significantly lowered the barriers to entry for cybercriminals, with information stealers becoming one of the most commercially successful categories in this underground economy. Fake Telegram channels for pirated content and cryptocurrencies.

Malware 77

Malware Cryptocurrency Software Antivirus 77

Cisco Security

JULY 7, 2025

National Academies of Sciences, Engineering and Medicine (NASEM) , a private non-profit dedicated to providing independent, objective advice to inform policy and confront challenging issues for the benefit of society. Endpoint security still meant antivirus agents. Due to his high-profile work, Hyrum was approached by the U.S.

Cyber Risk 101

Cyber Risk Media Risk Cybersecurity 101

eSecurity Planet

FEBRUARY 17, 2025

Simply put, they are antivirus solutions. In fact, it is one of the most popular antivirus solutions. Per 6sense, McAfee Cloud Security makes up 12.47% of the worldwide antivirus market share. 5 McAfee Total Protection is a set of five consumer security plans, including antivirus, web protection, and safety scores.

Antivirus 67

Antivirus Identity Theft VPN Spyware 67

Security Boulevard

MARCH 24, 2025

Information and summaries provided here are as-is for warranty purposes. While MFA is primarily a security feature, its primary privacy benefit is adding another layer of security to prevent unauthorized access to information contained in particular important or sensitive accounts.

Surveillance 75

Surveillance Telecommunications Data breaches Spyware 75

eSecurity Planet

MAY 27, 2025

This is information that, if leaked, could have severe legal and financial consequences. Traditional antivirus systems usually fail to detect suspicious activity due to this. That includes client records, litigation strategies, contracts, and communications. Connections from WinSCP or Rclone to outside networks.

Phishing 60

Phishing Scams Antivirus Backups 60

SecureList

APRIL 23, 2025

We immediately took action by communicating meaningful information to the Korea Internet & Security Agency (KrCERT/CC) for rapid action upon detection, and we have now confirmed that the software exploited in this campaign has all been updated to patched versions. The data is sent and received in JSON format. The USERENV.

Malware 139

Malware Software Encryption Internet 139

Digital Shadows

NOVEMBER 26, 2024

Attackers exploiting cloud accounts pose significant risks, targeting virtual machines (VMs) for activities like cryptocurrency mining, leading to unexpected costs for organizations. This helps security teams make informed decisions on potential threats to their environments.

Cyber Attacks 59

Cyber Attacks Phishing Ransomware Cyber Insurance 59

Malwarebytes

FEBRUARY 20, 2025

ACRStealer is capable of: Identifying which antivirus solution is on a device Stealing crypto wallets and login credentials Stealing browser information Harvesting File Transfer Protocol (FTP) credentials Reading all text files With that kind of information, cybercriminals can go after your cryptocurrency and other funds.

Identity Theft 91

Identity Theft Malware Financial Services Antivirus 91

Security Affairs

JULY 25, 2025

The images are polyglot files that hide malicious code appended at the end and execute directly in memory to evade antivirus detection. Koske malware supports mining 18 cryptocurrencies, selecting CPU- or GPU-optimized miners based on the hardware of the infected host. One is C code compiled into a rootkit.so

Malware 80

Malware Artificial Intelligence DNS Antivirus 80

Krebs on Security

SEPTEMBER 17, 2020

One of the alleged hackers was first profiled here in 2012 as the owner of a Chinese antivirus firm. ” Once inside of a target organization, the hackers stole source code, software code signing certificates, customer account data and other information they could use or resell. Image: FBI. Security analysts and U.S. Image: DOJ.

Antivirus 364

Antivirus Hacking Government Software 364

Schneier on Security

NOVEMBER 28, 2022

Devices belonging to females were more likely to be snooped on, and that snooping tended to seek more sensitive data, including both sexually revealing and non-sexual pictures, documents, and financial information. […]. As noted earlier, two of the visits resulted in the logs the researchers relied on being unrecoverable. A few notes.

Antivirus 359

Antivirus Cryptocurrency Accountability Malware 359

Security Affairs

APRIL 24, 2024

A malware campaign has been exploiting the updating mechanism of the eScan antivirus to distribute backdoors and cryptocurrency miners. Avast researchers discovered and analyzed a malware campaign that exploited the update mechanism of the eScan antivirus to distribute backdoors and crypto miners. ” concludes the report.

Antivirus 136

Antivirus Malware DNS Cryptocurrency 136

Krebs on Security

DECEMBER 29, 2022

You just knew 2022 was going to be The Year of Crypto Grift when two of the world’s most popular antivirus makers — Norton and Avira — kicked things off by installing cryptocurrency mining programs on customer computers. Chipmaker NVIDIA says a cyberattack led to theft of information on more than 71,000 employees.

Cryptocurrency 331

Cryptocurrency Cybercrime Computers and Electronics Scams 331

SecureList

OCTOBER 4, 2024

In a recent campaign starting in 2022, unknown malicious actors have been trying to mine cryptocurrency on victims’ devices without user consent; they’ve used large amounts of resources for distribution, but what’s more, used multiple unusual vectors for defense evasion and persistence.

Scams 145

Scams Cryptocurrency Malware Software 145

Krebs on Security

FEBRUARY 28, 2024

Malicious hackers are targeting people in the cryptocurrency space in attacks that start with a link added to the target’s calendar at Calendly , a popular application for scheduling appointments and meetings. The attackers impersonate established cryptocurrency investors and ask to schedule a video conference call. capital).

Malware 350

Malware Cryptocurrency Software Phishing 350

Security Affairs

MAY 2, 2021

The bold author of a new cryptocurrency stealer, dubbed WeSteal, is promising its customers a leading way to make money in 2021. According to Palo Alto Networks, the author of WeSteal, that goes online as “ComplexCodes,” started advertising the cryptocurrency stealer on underground forums in mid-February 2021.

Cryptocurrency 121

Cryptocurrency Malware Advertising System Administration 121

Security Affairs

FEBRUARY 16, 2021

Latin American Javali trojan weaponizing Avira antivirus legitimate injector to implant malware. The title of the accessed web-pages are collected and compared with the target organizations and services hardcoded and defined by crooks, generally the name of the banking portals, cryptocurrency portals, and financial firms.

Antivirus 137

Antivirus Malware Banking Internet 137

Security Affairs

MARCH 28, 2019

In 2018, the Lazarus APT group targeted several cryptocurrency exchanges , including the campaign tracked as Operation AppleJeus discovered in August 2018. If you’re part of the booming cryptocurrency or technological startup industry, exercise extra caution when dealing with new third parties or installing software on your systems.”

Cryptocurrency 111

Cryptocurrency Malware Advertising Antivirus 111

SecureWorld News

JANUARY 10, 2022

Back in July 2021, NortonLifeLock announced Norton Crypto, a feature made available in the popular antivirus product Norton 360, which allows users to mine cryptocurrency while their PC is idle. Norton "Antivirus" now sneakily installs cryptomining software on your computer, and then SKIMS A COMMISSION. January 4, 2022.

Antivirus 98

Antivirus Cryptocurrency Marketing Software 98

Security Affairs

JUNE 27, 2021

Researchers have discovered a strain of cryptocurrency-mining malware, tracked as Crackonosh, that abuses Windows Safe mode to avoid detection. . Researchers from Avast have spotted a strain of cryptocurrency miner, tracked as Crackonosh, that abuses Windows Safe mode to avoid detection. ” reads the analysis published by Avast.

Antivirus 144

Antivirus Cryptocurrency Malware Software 144

The Hacker News

NOVEMBER 26, 2021

A new malware campaign has been discovered targeting cryptocurrency, non-fungible token (NFT), and DeFi aficionados through Discord channels to deploy a crypter named "Babadeda" that's capable of bypassing antivirus solutions and stage a variety of attacks. "[T]his

Malware 132

Malware Antivirus Cryptocurrency Ransomware 132

Security Affairs

MAY 25, 2024

Threat actors used fake AV websites masquerading as legitimate antivirus products from Avast, Bitdefender, and Malwarebytes to distribute malware. The fake websites were masquerading as legitimate antivirus products from Avast, Bitdefender, and Malwarebytes. exe.zip”) that was used to deploy the Lumma information stealer.

Malware 141

Malware Antivirus Cryptocurrency Hacking 141

Security Affairs

NOVEMBER 26, 2021

Morphisec researchers spread cryptocurrency malware dubbed Babadeda in attacks aimed at crypto and NFT communities. Morphisec researchers spotted a new crypto-malware strain, tracked as Babadeda, targeting cryptocurrency, non-fungible token (NFT), and DeFi passionates through Discord channels. ” concludes the report.

Cryptocurrency 145

Cryptocurrency Malware Antivirus Phishing 145

The Hacker News

APRIL 16, 2025

Cheap Android smartphones manufactured by Chinese companies have been observed pre-installed with trojanized apps masquerading as WhatsApp and Telegram that contain cryptocurrency clipper functionality as part of a campaign since June 2024.

Antivirus 103

Antivirus Manufacturing Cryptocurrency Malware 103

Security Affairs

APRIL 19, 2021

Avast researchers analyzed the activity of a simple cryptocurrency malware dubbed HackBoss that allowed its operators to earn over $560K. The antivirus company Avast analyzed the case of a simple malware dubbed HackBoss and how it allowed its operators to earn more $560K worth of cryptocurrency since November 2018.

Cryptocurrency 145

Cryptocurrency Hacking Malware Banking 145

The Last Watchdog

SEPTEMBER 6, 2023

Over time, Bitcoin has become the most widely used cryptocurrency in the world. Keep your name and birthday away from utilizing information that might be easily guessed. To avoid potential vulnerabilities, keep your operating system, antivirus software, and other security tools up to date. Secure your network, device.

Cryptocurrency 100

Cryptocurrency Backups Passwords Software 100

Security Boulevard

JANUARY 16, 2022

Norton 360, a popular antivirus product, has installed a cryptocurrency mining program on its customers’ computers, some cities in Texas have been hit with a phishing scam designed to get users to pay through fraudulent QR code stickers on public parking meters, and how Facebook is still collecting data about you even if you deactivate […].

Accountability 121

Accountability Antivirus Cryptocurrency Scams 121

Security Affairs

OCTOBER 17, 2019

European airport systems were infected with a Monero cryptocurrency miner that was linked to the Anti-CoinMiner campaign discovered this summer by Zscaler researchers. . Experts pointed out that the Monero miners were installed on the European airport systems, even if they were running an industry-standard antivirus.

Cryptocurrency 75

Cryptocurrency Antivirus Advertising Malware 75

Security Affairs

DECEMBER 1, 2020

Microsoft warns of Vietnam-linked Bismuth group that is deploying cryptocurrency miner while continues its cyberespionage campaigns. Researchers from Microsoft reported that the Vietnam-linked Bismuth group, aka OceanLotus , Cobalt Kitty , or APT32 , is deploying cryptocurrency miners while continues its cyberespionage campaigns.

Cryptocurrency 138

Cryptocurrency Antivirus Manufacturing Government 138

Security Affairs

NOVEMBER 15, 2021

The trojan allows to hijack users’ mobile devices and steal funds from online banking and cryptocurrency accounts. Once the banking Trojan is installed on the victim’s device, threat actors can steal sensitive banking information through the abuse of Accessibility Services (i.e.

Banking 144

Banking Mobile Social Engineering Malware 144

Security Affairs

JANUARY 7, 2021

Both exchanges are structured in a way that probably wouldn’t obligate them to comply with law enforcement requests and both were founded by Chinese nationals that moved their business to countries that are more friendly to cryptocurrency exchanges. ” concludes the report.

Ransomware 145

Ransomware Cryptocurrency Antivirus Banking 145

Security Affairs

SEPTEMBER 14, 2019

Researchers at Z s caler have spotted a new malware dubbed InnfiRAT that infects victims’ systems to steal cryptocurrency wallet data. . Researchers at Z s caler have discovered a new Trojan dubbed InnfiRAT that implements many standard Trojan capabilities along with the ability to steal cryptocurrency wallet data. .

Cryptocurrency 111

Cryptocurrency Malware Advertising Antivirus 111