Security Affairs

MARCH 28, 2019

Security experts at Group-IB have detected the activity of Gustuff a mobile Android Trojan, which includes potential targets of customers in leading international banks, users of cryptocurrency services, popular ecommerce websites and marketplaces. Gustuff has previously never been reported.

Banking 89

Banking Cryptocurrency Mobile Advertising 89

SecureList

MAY 6, 2024

A significant share of scam, phishing and malware attacks is about money. Methodology In this report, we present an analysis of financial cyberthreats in 2023, focusing on banking Trojans and phishing pages that target online banking, shopping accounts, cryptocurrency wallets and other financial assets. million in 2022.

Phishing 80

Phishing Banking Mobile Scams 80

Security Affairs

NOVEMBER 15, 2021

Security researchers from Cleafy discovered a new Android banking trojan, named SharkBot, that is targeting banks in Europe. At the end of October, researchers from cyber security firms Cleafy and ThreatFabric have discovered a new Android banking trojan named SharkBot. ” reads the analysis published by the researchers.

Banking 127

Banking Mobile Social Engineering Malware 127

SecureList

SEPTEMBER 28, 2023

Introduction As long as cybercriminals want to make money, they’ll keep making malware, and as long as they keep making malware, we’ll keep analyzing it, publishing reports and providing protection. Last month we covered a wide range of cybercrime topics. This blog post contains excerpts from those reports.

Banking 91

Banking Malware Cybercrime Encryption 91

eSecurity Planet

DECEMBER 21, 2021

Cryptocurrency Fuels Ransomware. One constant in all this will be cryptocurrency, the coin of the realm when it comes to ransomware. Cryptocurrency really is fueling this in a sense. … If you were to take cryptocurrency away from that, they don’t have a convenient digital platform.

Cryptocurrency 134

Cryptocurrency Ransomware Cybercrime Social Engineering 134

Security Affairs

MARCH 23, 2023

Experts warn of an emerging Android banking trojan dubbed Nexus that was employed in attacks against 450 financial applications. Cybersecurity firm experts from Cleafy warn of an emerging Android banking trojan, named Nexus, that was employed by multiple groups in attacks against 450 financial applications.

Banking 78

Banking Cryptocurrency Malware Advertising 78

Security Affairs

OCTOBER 18, 2020

Multiple members of QQAAZZ multinational cybercriminal gang were charged for providing money-laundering services to high-profile malware operations. According to law enforcement bodies, the gang provides services to multiple malware operations, including Dridex , GozNym , and Trickbot. ” states the DoJ. ” states the DoJ.

Malware 108

Malware Banking Cryptocurrency Cybercrime 108

Krebs on Security

AUGUST 29, 2023

government today announced a coordinated crackdown against QakBot , a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. Emerging in 2007 as a banking trojan, QakBot (a.k.a. government has used court orders to remotely disinfect systems compromised with malware.

Hacking 253

Hacking Malware Ransomware Government 253

SecureList

OCTOBER 20, 2021

Having been in the field for so long, we have witnessed some major changes in the cybercrime world’s modus operandi. This report shares our insights into the Russian-speaking cybercrime world and the changes in how it operates that have happened in the past five years. Client-side attacks on the wane.

Cybercrime 137

Cybercrime Banking Malware Ransomware 137

Security Affairs

SEPTEMBER 26, 2023

A new campaign is spreading Xenomorph malware to Android users in the United States, Spain, Portugal, Italy, Canada, and Belgium. Researchers from ThreatFabric uncovered a new campaign spreading Xenomorph malware to Android users in the United States and all over the world. reads the report published by Threat Fabric. “In

Malware 111

Malware Banking Phishing Engineering 111

Security Affairs

AUGUST 15, 2022

Security researchers from Cleafy reported that the SOVA Android banking malware is back and is rapidly evolving. The SOVA Android banking trojan was improved, it has a new ransomware feature that encrypts files on Android devices, Cleafy researchers report. The malware has been active since 2021 and evolves over time.

Encryption 98

Encryption Malware Banking Ransomware 98

Security Affairs

AUGUST 27, 2020

Microsoft warned of a recently uncovered piece of malware, tracked as Anubis that was designed to steal information from infected systems. This week, Microsoft warned of a recently uncovered piece of malware, tracked as Anubis, that was distributed in the wild to steal information from infected systems. Pierluigi Paganini.

Malware 128

Malware Advertising Cryptocurrency Cybercrime 128

Security Affairs

NOVEMBER 10, 2020

Researchers from Kaspersky Lab spotted a new Android banking Trojan, dubbed Ghimob, that is able to steal data from 112 financial Apps. Ghimob is a new Android banking Trojan discovered by Kaspersky that is able to steal data from 112 financial apps. ” continues the analysis. ” concludes the report.

Banking 101

Banking Mobile Malware Spyware 101

Security Affairs

MAY 1, 2023

The previously undetected LOBSHOT malware is distributed using Google ads and gives operators VNC access to Windows devices. Threat actors are using an elaborate scheme of fake websites through Google Ads to spread their malware, the backdoors are embedded in installers for apparently legitimate applications, such as AnyDesk.

Malware 87

Malware Cybercrime Banking Software 87

SecureList

NOVEMBER 21, 2023

At Kaspersky, we constantly monitor the financial cyberthreat landscape, which includes threats to financial institutions, such as banks, and financially motivated threats, such as ransomware, that target a broader range of industries. We highlighted the growing popularity of cryptocurrencies and anticipated an increase in crypto scams.

Penetration Testing 119

Penetration Testing Banking Ransomware Mobile 119

Security Affairs

APRIL 5, 2019

A few days ago, the researchers of ZLab Yoroi-Cybaze dissected another attack wave of the infamous Ursnif malware, also known as Gozi ISFB , an offspring of the original Gozi which source code was leaked in 2014. Ursnif/Gozi is active from over a decade and was one of the most active malware listed in 2017 and 2018.

Banking 84

Banking Malware Cryptocurrency Advertising 84

Security Affairs

FEBRUARY 19, 2024

The man was held in the Netherlands, and he was charged for his alleged role in the international cybercrime operation known as Raccoon Infostealer. The Raccoon stealer was first spotted in April 2019, it was designed to steal victims’ credit card data, email credentials, cryptocurrency wallets, and other sensitive data.

Identity Theft 94

Identity Theft Cryptocurrency Cybercrime Hacking 94

SecureWorld News

AUGUST 8, 2022

Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC) released a joint Cybersecurity Advisory (CSA) providing details on the top malware strains of 2021. The top malware strains in 2021 included remote access Trojans (RATs), banking Trojans, information stealers, and ransomware.

Malware 87

Malware Banking Healthcare Penetration Testing 87

Security Affairs

DECEMBER 22, 2022

billion worth of cryptocurrency and other virtual assets in the past five years. billion) in cryptocurrency and other virtual assets in the past five years. Cyber security and intelligence experts believe that attacks aimed at the cryptocurrency industry will continue to increase next year. trillion won ($1.2 Citing the U.S.

Cryptocurrency 128

Cryptocurrency Cybercrime Media Government 128

Security Affairs

FEBRUARY 10, 2022

Spanish National Police has arrested eight alleged members of a crime organization who were able to steal money from the bank accounts of the victims through SIM swapping attacks. Once hijacked a SIM, the attackers can steal money, cryptocurrencies and personal information, including contacts synced with online accounts.

Banking 106

Banking Accountability Mobile Cryptocurrency 106

SecureList

NOVEMBER 23, 2021

The COVID-19 pandemic is likely to cause a massive wave of poverty, and that invariably translates into more people resorting to crime, including cybercrime. We should expect more fraud, targeting mostly BTC , because this cryptocurrency is the most popular. Cracking down hard on the cybercrime world.

Cryptocurrency 104

Cryptocurrency Banking Cybercrime Ransomware 104

Security Affairs

APRIL 14, 2024

He explained to one buyer that the malware allowed access to another person’s computer without their knowledge. When informed that the target had significant cryptocurrency and project files, Chakhmakhchyan agreed to sell the Hive RAT. ” reported the DoJ. ” continues DoJ.

Computers and Electronics 109

Computers and Electronics Advertising Cryptocurrency Malware 109

SecureList

MARCH 29, 2023

However, traditional financial threats – such as banking malware and financial phishing, continue to take up a significant share of such financially-motivated cyberattacks. For instance, malicious spam campaigns targeting organizations grew 10-fold in April 2022, spreading Qbot and Emotet malware.

Banking 71

Banking Phishing Cryptocurrency Mobile 71

SecureList

NOVEMBER 22, 2022

As the financial threat landscape has been dramatically evolving over the past few years, with the expansion of such activities as ransomware or cryptofraud, we believe it is no longer sufficient to look at the threats to traditional financial institutions (like banks), but rather assess financial threats as a whole.

Cryptocurrency 87

Cryptocurrency Mobile Ransomware Banking 87

Security Affairs

MAY 18, 2022

Microsoft researchers warn of the rising threat of cryware targeting non-custodial cryptocurrency wallets, also known as hot wallets. Microsoft warns of the rise of cryware, malicious software used to steal info an dfunds from non-custodial cryptocurrency wallets, also known as hot wallets. Ransomware. Password and info stealers.

Cryptocurrency 92

Cryptocurrency Social Engineering Malware Cybercrime 92

SecureList

FEBRUARY 23, 2022

Driven by poverty and unemployment, cybercriminals intensified their malicious activity against bank customers and bank infrastructure. SpyEye, developed in 2009 and described as a “bank Trojan with a form grabbing capability”, surged from the eighth most common banking malware tool with a 3.4%

Banking 94

Banking Phishing Cryptocurrency Malware 94

Security Affairs

DECEMBER 17, 2023

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6

Data breaches 82

Data breaches Cybercrime Firewall Artificial Intelligence 82

Security Affairs

DECEMBER 20, 2023

The Kingdom Market was established in March 2021, the offer of the dark web marketplace included drugs, malware, stolen data, and forged documents. “To pay, users of the darknet marketplace used the cryptocurrencies Bitcoin, Litecoin, Monero and Zcash. ” reads a press release published by BKA.

Marketing 107

Marketing Cryptocurrency Accountability Banking 107

CyberSecurity Insiders

AUGUST 17, 2022

But now have spread malware in disguise of a PDF file to employees in reputable positions at Coinbase. We already know that North Korea leader Kim Jong Un is fulfilling his nuclear ambitions by stealing currency from banks, stealing cryptocurrency from individual accounts, and raiding crypto exchanges to steal currency.

Social Engineering 117

Social Engineering Cryptocurrency Education Cybercrime 117

Security Affairs

AUGUST 18, 2020

Ukrainian authorities arrested the members of a cybercrime gang who ran 20 cryptocurrency exchanges involved in money laundering. Police in Ukraine announced the arrest of the members of a cybercrime gang composed of three individuals who ran 20 cryptocurrency exchanges used in money laundering activities.

Cryptocurrency 104

Cryptocurrency Computers and Electronics Cybercrime Digital transformation 104

Security Affairs

JUNE 11, 2023

Gox exchange and operating BTC-e Japanese Pharmaceutical giant Eisai hit by a ransomware attack Clop ransomware gang was testing MOVEit Transfer bug since 2021 Stealth Soldier backdoor used is targeted espionage attacks in Libya Researchers published PoC exploit code for actively exploited Windows elevation of privilege issue Experts detail a new Kimsuky (..)

Social Engineering 89

Social Engineering Data breaches Ransomware Cybercrime 89

Krebs on Security

MAY 4, 2023

government this week put a $10 million bounty on the head of a Russian man who for the past 18 years operated Try2Check , one of the cybercrime underground’s most trusted services for checking the validity of stolen credit card data. In 2017, U.S. In Kulkov’s case, it no doubt was critical to U.S.

Marketing 235

Marketing Cybercrime Accountability Cryptocurrency 235

Security Affairs

AUGUST 21, 2022

Threat actors compromise WordPress sites to display fake Cloudflare DDoS protection pages to distribute malware. Recently security experts from Sucuri, spotted JavaScript injections targeting WordPress sites to display fake DDoS Protection pages which lead victims to download remote access trojan malware. Pierluigi Paganini.

DDOS 91

DDOS Malware Antivirus Firewall 91

Security Affairs

OCTOBER 23, 2018

A new version of the Azorult info-stealer appeared in the wild, it is able to steal more data, including other types of cryptocurrencies. A new version of the Azorult info-stealer appeared in the wild, it is able to steal more data, including other types of cryptocurrencies, and implements new features. ” continues CheckPoint.

Marketing 78

Marketing Cybercrime Cryptocurrency Advertising 78

SC Magazine

FEBRUARY 17, 2021

billion in currency and cryptocurrency and further other strategic interests for the North Korean government. The charges captures years-worth of North Korean hacking, including the widely publicized 2014 Sony hack, the 2016 hack of the Central Bank of Bangladesh, the 2017 WannaCry ransomware attack and others.

Hacking 103

Hacking Cryptocurrency Banking Malware 103

Security Affairs

AUGUST 6, 2023

Reptile Rootkit employed in attacks against Linux systems in South Korea New PaperCut flaw in print management software exposes servers to RCE attacks A cyberattack impacted operations of multiple hospitals in several US states Married couple pleaded guilty to laundering billions in cryptocurrency stolen from Bitfinex in 2016 Malicious packages in (..)

Malware 77

Malware Cybercrime Cryptocurrency Social Engineering 77

Security Affairs

OCTOBER 26, 2022

The man is currently being held in the Netherlands, he was charged for his alleged role the international cybercrime operation known as Raccoon Infostealer. The Raccoon stealer was first spotted in April 2019, it was designed to steal victims’ credit card data, email credentials, cryptocurrency wallets, and other sensitive data.

Identity Theft 81

Identity Theft Cryptocurrency Cyber threats Cybercrime 81