Malwarebytes

MARCH 1, 2024

Cybercriminals are targeting Mac users interested in cryptocurrency opportunities with fake calendar invites. In reality the link runs a script to install Mac malware on the target’s machine. “AppleScript has been used against Mac users with moderate frequency by malware creators over the years.

Cryptocurrency 98

Cryptocurrency Malware Authentication Banking 98

Hacker Combat

AUGUST 8, 2022

North Korean hackers use phoney Coinbase job offers to target cryptocurrency professionals. The renowned North Korean hacking outfit Lazarus has uncovered a new social engineering scheme in which the hackers pose as Coinbase to lure workers into the fintech sector. Lazarus hackers go after cryptocurrency.

Social Engineering 93

Social Engineering Cryptocurrency Engineering Malware 93

CyberSecurity Insiders

AUGUST 17, 2022

The aim behind the said social engineering attack is simple, one to trap employees with fake job offers and second to lure customers in signing up the page and then steal their currency. But now have spread malware in disguise of a PDF file to employees in reputable positions at Coinbase.

Social Engineering 117

Social Engineering Cryptocurrency Education Cybercrime 117

Security Affairs

MAY 18, 2022

Microsoft researchers warn of the rising threat of cryware targeting non-custodial cryptocurrency wallets, also known as hot wallets. Microsoft warns of the rise of cryware, malicious software used to steal info an dfunds from non-custodial cryptocurrency wallets, also known as hot wallets. Ransomware. Password and info stealers.

Cryptocurrency 92

Cryptocurrency Social Engineering Malware Cybercrime 92

Krebs on Security

APRIL 20, 2023

Researchers at ESET say this job offer from a phony HSBC recruiter on LinkedIn was North Korean malware masquerading as a PDF file. Mandiant found the compromised 3CX software would download malware that sought out new instructions by consulting encrypted icon files hosted on GitHub. Image: Mandiant.

Malware 281

Malware Software Technology Accountability 281

Security Affairs

JUNE 11, 2023

Gox exchange and operating BTC-e Japanese Pharmaceutical giant Eisai hit by a ransomware attack Clop ransomware gang was testing MOVEit Transfer bug since 2021 Stealth Soldier backdoor used is targeted espionage attacks in Libya Researchers published PoC exploit code for actively exploited Windows elevation of privilege issue Experts detail a new Kimsuky (..)

Social Engineering 89

Social Engineering Data breaches Ransomware Cybercrime 89

SecureList

MARCH 1, 2021

In 2020, Kaspersky mobile products and technologies detected: 5,683,694 malicious installation packages, 156,710 new mobile banking Trojans, 20,708 new mobile ransomware Trojans. The word “covid” in various combinations was typically used in the names of packages hiding spyware and banking Trojans, adware or Trojan droppers.

Mobile 132

Mobile Malware Adware Banking 132

SecureList

NOVEMBER 23, 2021

We should expect more fraud, targeting mostly BTC , because this cryptocurrency is the most popular. Currently, at a value of approximately $60,000, cybercriminals have adapted their malware to monitor the operating system’s clipboard and redirect funds to addresses under their control. MageCart attacks moving to the server side.

Cryptocurrency 104

Cryptocurrency Banking Cybercrime Ransomware 104

SecureList

NOVEMBER 22, 2022

As the financial threat landscape has been dramatically evolving over the past few years, with the expansion of such activities as ransomware or cryptofraud, we believe it is no longer sufficient to look at the threats to traditional financial institutions (like banks), but rather assess financial threats as a whole.

Cryptocurrency 87

Cryptocurrency Mobile Ransomware Banking 87

Security Affairs

DECEMBER 17, 2023

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6 CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6

Data breaches 82

Data breaches Cybercrime Firewall Artificial Intelligence 82

Appknox

JUNE 23, 2022

Anti-virus giant, Kaspersky, blocked 6,463,414 mobile malware, adware, and risk-ware attacks. Thus, these Australian attacks significantly contribute to the rising trend in socially engineered attacks. How Can Social Engineering Affect the Current State of Security in Australia?

Social Engineering 92

Social Engineering Mobile Scams Engineering 92

Security Affairs

AUGUST 6, 2023

Reptile Rootkit employed in attacks against Linux systems in South Korea New PaperCut flaw in print management software exposes servers to RCE attacks A cyberattack impacted operations of multiple hospitals in several US states Married couple pleaded guilty to laundering billions in cryptocurrency stolen from Bitfinex in 2016 Malicious packages in (..)

Malware 77

Malware Cybercrime Cryptocurrency Social Engineering 77

Malwarebytes

MARCH 1, 2023

One major advantage for the malware distributors behind the exploit kit is that the outdated browser has reached end-of-life (EOL), which means it no longer receives security updates and patches against known threats. .” It all depends on which cybercriminals pay the RIG EK administrator to install their malware on victim machines.

Internet 91

Internet Internet Social Engineering Malware 91

Security Affairs

OCTOBER 20, 2020

Group-IB assisted Paxful, an international peer-to-peer cryptocurrency marketplace, in countering web-bot and social engineering attacks. The combination of advanced anti-fraud technologies and intelligence protects both banking and retail customers. About Group-IB.

Cryptocurrency 59

Cryptocurrency Social Engineering eCommerce Engineering 59

SecureWorld News

AUGUST 2, 2021

Robinhood is an increasingly popular trading app where you can buy and sell stocks, as well as cryptocurrency. Phishing attempts come via email where scammers use different social engineering tactics to pose as a reputable sender like the IRS, your bank or brokerage firm. Be especially wary of.zip,exe,doc files.

Phishing 88

Phishing Social Engineering Scams Identity Theft 88

eSecurity Planet

SEPTEMBER 30, 2021

However, researchers at threat intelligence firm Intel 471 in a report this week said they have seen a rise in these services, enabling attackers to target everything from bank accounts to social media platforms. So far, Intel 471 researchers found accounts illegally accessed at eight Canadian-based banks.

Authentication 107

Authentication Social Engineering Phishing Banking 107

eSecurity Planet

SEPTEMBER 14, 2022

As a matter of fact, the most-reported crime in the 2021 Internet Crime Report report was phishing , a social engineering scam wherein the victim receives a deceptive message from someone in an attempt to get the victim to reveal personal information or account credentials or to trick them into downloading malware.

Social Engineering 118

Social Engineering Energy and Utilities Phishing Scams 118

Malwarebytes

APRIL 11, 2023

In a recent tweet , the FBI office in Denver warned consumers against using free public charging stations, stating that criminals have managed to hijack public chargers with the objective of infecting devices with malware or other software that can give hackers access to your phone, tablet or computer.

Mobile 98

Mobile Banking Malware Spyware 98

Security Affairs

SEPTEMBER 2, 2018

Security experts from Kaspersky Lab have uncovered a new spam campaign leveraging the Loki Bot malware to target corporate mailboxes. The Loki Bot attacks started in July and aimed at stealing passwords from browsers, messaging applications, mail and FTP clients, and cryptocurrency wallets. Securi ty Affairs – Loki Bot, malware).

Social Engineering 54

Social Engineering Cryptocurrency Advertising Malware 54

Security Boulevard

AUGUST 23, 2022

The malware, Interception.dll, is designed to execute by loading three files: a decoy PDF document and two executables FinderFontsUpdater.app and safarifontagent, according to a series of tweets by ESET Research. Compiled for M1 processor-based Macs and Intel silicon, the malware was uploaded to VirusTotal from Brazil, ESET said.

Cyber threats 52

Cyber threats Social Engineering Banking Malware 52

Hot for Security

MARCH 2, 2021

By applying high-pressure tactics and the promise of expedited payments, scammers have managed to dupe recipients into providing their personal information and bank account numbers or paying a small “processing fees.” IRS and Bank-related scams. Billions of unsolicited emails are sent to inboxes every day.

Scams 116

Scams Identity Theft Banking Phishing 116

Security Affairs

JULY 19, 2019

He is suspected of large-scale production and selling of malware.” “The young man offered programs with names like Rubella, Cetan and Dryad, enabling the buyer to include secret code or malware in amongst others Word or Excel files.” ” reads the announcement.

Malware 70

Malware Social Engineering Advertising Antivirus 70

Security Affairs

NOVEMBER 19, 2019

The report’s findings reveal that email remains the main method of delivering ransomware, banking Trojans, and backdoors. The first half of 2019 saw a 10-fold increase in the number of password-protected objects, such as documents and archive files, being used to deliver malware. Another trend was disguising malware in emails.

Ransomware 71

Ransomware Antivirus Malware Banking 71

Security Affairs

OCTOBER 10, 2018

As stated in Group-IB’s annual report “ Hi-Tech Crime Trends 2018 ” presented at the CyberCrimeCon18 conference, every month, 1-2 banks lose money as a result of cyber attacks, and the damage caused by one successful theft is, on average, $2 million. Considering this, banks need to rethink their approach to protection against cyber threats.

Cyber Attacks 83

Cyber Attacks Banking Cyber threats Phishing 83

Identity IQ

FEBRUARY 8, 2024

Transactions on the dark web are typically conducted using cryptocurrencies such as Bitcoin to maintain anonymity. The deep web is also made up of content that is not indexed by search engines and requires a login to access. The dark web is similar in that it can’t be found by search engines, but that is where the similarities end.

Identity Theft 98

Identity Theft Cryptocurrency Government Engineering 98

SecureList

SEPTEMBER 6, 2022

In this report, we provide the latest statistics on cyberthreats to gamers, as well as detailed information on the most widespread and dangerous types of malware that players must be aware of. TOP 5 mobile games used as a lure for distribution of malware and unwanted software, by users, from July 1, 2021 through June, 30 2022.

Mobile 96

Mobile Passwords Software Accountability 96

SecureList

FEBRUARY 16, 2023

If the movie lover entered their bank card details on the fake site, they risked paying more than the displayed amount for content that did not exist and sharing their card details with the scammers. Soccer fans chasing merchandise risked compromising their bank cards or just losing some money.

Phishing 90

Phishing Scams Accountability Energy and Utilities 90

Webroot

FEBRUARY 11, 2021

As we mentioned in a previous blog , hackers come in many forms, but their methods can generally be classified into three distinct types of cybercriminals: The Impersonator – Hackers that pretend to be others, often using social engineering and human psychology to trick users.

Scams 108

Scams Phishing Firewall Social Engineering 108

eSecurity Planet

FEBRUARY 16, 2021

Malware, short for “malicious software,” is any unwanted software on your computer that, more often than not, is designed to inflict damage. Since the early days of computing, a wide range of malware types with varying functions have emerged. Best Practices to Defend Against Malware. Jump ahead: Adware. RAM scraper.

Malware 105

Malware Adware Spyware Antivirus 105

SecureList

JULY 11, 2022

E-mail scammers typically combine social engineering with technical skills to bypass spam filters and persuade the recipient to reply. Blackmail scams really came into their own with the popularization of cryptocurrencies: the blockchain’s anonymity eliminates the need for complex money-laundering chains.

Scams 98

Scams Accountability Banking Phishing 98

SecureWorld News

SEPTEMBER 27, 2020

When the malware is deployed there is also information provided on how to contact (the crime gang) to pay the fee that they are looking for and receive the key to unencrypt the data. This last point about lawyers and cryptocurrency hits home and bothers me the most. How do you gain their trust? From: Art To: Bob, David, John, Shane.

Ransomware 65

Ransomware Cryptocurrency Computers and Electronics Banking 65

Spinone

NOVEMBER 1, 2019

DLP is included in the organization policy, but individuals must also use this strategy to keep all data safe during ransomware or malware attack. Malware and Ransomware Adware – Software that automatically displays or downloads material when a user is offline. Some companies detect data leaks after months or even years.

Passwords 40

Passwords Social Engineering Malware Encryption 40

SecureList

AUGUST 23, 2021

We examined malware and unwanted software disguised as popular PC and mobile games. We also looked in greater detail at some of the strains of malware being distributed and the dangers they pose for users. Gathering secrets from browsers, crypto wallets and other applications, this malware affected users in forty-five countries.

Adware 112

Adware Mobile Phishing Malware 112

Krebs on Security

DECEMBER 29, 2022

You just knew 2022 was going to be The Year of Crypto Grift when two of the world’s most popular antivirus makers — Norton and Avira — kicked things off by installing cryptocurrency mining programs on customer computers.

Cryptocurrency 233

Cryptocurrency Cybercrime Computers and Electronics Scams 233

Security Affairs

JANUARY 27, 2022

Other affected businesses include Chip, a UK-based savings app boasting 400,000 users; Hoolah, a shopping app with over 100,000 installs ; Mode, a cryptocurrency app with over 50,000 installs ; and Greenwheels, a car-sharing service with over 50,000 installs. Threat actors can abuse PII to conduct phishing and social engineering attacks.

Identity Theft 86

Identity Theft Accountability Data breaches Social Engineering 86

SecureList

JUNE 7, 2023

Mobile statistics Targeted attacks BlueNoroff introduces new methods bypassing MotW At the close of 2022, we reported the recent activities of BlueNoroff , a financially motivated threat actor known for stealing cryptocurrency. However, recently the group has adopted new methods to deliver its malware. You can find the details here.

DNS 100

DNS Malware Cryptocurrency Retail 100

CyberSecurity Insiders

JANUARY 31, 2021

Regardless of how familiar you are with Information Security, you’ve probably come across the term ‘malware’ countless times. From accessing your business-critical resources and sensitive information to halting business operations and services, a malware infection can quickly become an organization’s worst nightmare come true.

Malware 107

Malware Computers and Electronics Adware Spyware 107