SecureList

MAY 6, 2024

A significant share of scam, phishing and malware attacks is about money. Methodology In this report, we present an analysis of financial cyberthreats in 2023, focusing on banking Trojans and phishing pages that target online banking, shopping accounts, cryptocurrency wallets and other financial assets. million in 2022.

Phishing 80

Phishing Banking Mobile Scams 80

Security Affairs

DECEMBER 17, 2023

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6

Data breaches 83

Data breaches Cybercrime Firewall Artificial Intelligence 83

Security Affairs

JUNE 11, 2023

Gox exchange and operating BTC-e Japanese Pharmaceutical giant Eisai hit by a ransomware attack Clop ransomware gang was testing MOVEit Transfer bug since 2021 Stealth Soldier backdoor used is targeted espionage attacks in Libya Researchers published PoC exploit code for actively exploited Windows elevation of privilege issue Experts detail a new Kimsuky (..)

Social Engineering 90

Social Engineering Data breaches Ransomware Cybercrime 90

Security Affairs

JANUARY 8, 2023

Experts warn of a new variant of the Dridex banking malware that is targeting systems using the macOS operating system. Trend Micro experts discovered a new variant of the Dridex banking malware that targets the MacOS platform and that used a new technique to deliver documents embedded with malicious macros. doc” command.

Banking 95

Banking Malware Social Engineering Cybercrime 95

Security Affairs

APRIL 25, 2023

North Korea-linked APT group BlueNoroff (aka Lazarus) was spotted targeting Mac users with new RustBucket malware. Researchers from security firm Jamf observed the North Korea-linked BlueNoroff APT group using a new macOS malware, dubbed RustBucket, family in recent attacks. The trojan can run on both ARM and x86 architectures.

Malware 83

Malware Social Engineering Architecture Education 83

CyberSecurity Insiders

AUGUST 17, 2022

The aim behind the said social engineering attack is simple, one to trap employees with fake job offers and second to lure customers in signing up the page and then steal their currency. But now have spread malware in disguise of a PDF file to employees in reputable positions at Coinbase.

Social Engineering 117

Social Engineering Cryptocurrency Education Cybercrime 117

SecureWorld News

JULY 27, 2023

A new study from Uptycs has uncovered an increase in the distribution of information stealing malware. Some highlights include: Stealers are primarily sold on cybercrime forums. Newly discovered stealer families include modules that specifically steal logs from MFA applications, like the Rhadamanthys malware.

Malware 67

Malware Social Engineering Passwords Spyware 67

Security Affairs

OCTOBER 3, 2021

TA544 is a financially motivated threat actor that is active at least since 2017, it focuses on attacks on banking users, it leverages banking malware and other payloads to target organizations worldwide, mainly in Italy and Japan. Upon enabling the macro, the infection process will start. Pierluigi Paganini.

Malware 85

Malware Banking Social Engineering Retail 85

Security Affairs

JANUARY 24, 2022

Experts warn Emotet malware campaign using “unconventional” IP address formats in an attempt to evade detection. Threat actors behind a recent Emotet malware campaign have been observed using using “unconventional” IP address formats to evade detection. ” reported Trend Micro. ” reported Trend Micro.

Malware 127

Malware Social Engineering Ransomware Banking 127

Security Affairs

OCTOBER 30, 2021

INTERPOL published the African Cyberthreat Assessment Report 2021, a report that analyzes evolution of cybercrime in Africa. A new report published by INTERPOL, titled the African Cyberthreat Assessment Report 2021 , sheds the light on cybercrime in Africa.

Cybercrime 80

Cybercrime Scams DDOS Banking 80

SecureList

NOVEMBER 23, 2021

The COVID-19 pandemic is likely to cause a massive wave of poverty, and that invariably translates into more people resorting to crime, including cybercrime. Cracking down hard on the cybercrime world. We might see certain economies crashing and local currencies plummeting, which would make Bitcoin theft a lot more attractive.

Cryptocurrency 104

Cryptocurrency Banking Cybercrime Ransomware 104

Security Affairs

AUGUST 6, 2023

Reptile Rootkit employed in attacks against Linux systems in South Korea New PaperCut flaw in print management software exposes servers to RCE attacks A cyberattack impacted operations of multiple hospitals in several US states Married couple pleaded guilty to laundering billions in cryptocurrency stolen from Bitfinex in 2016 Malicious packages in (..)

Malware 78

Malware Cybercrime Cryptocurrency Social Engineering 78

Security Affairs

MAY 18, 2022

Data stolen from this kind of malware includes private keys, seed phrases, and wallet addresses, that could be used by threat actors to initiate fraudulent transactions. The increasing popularity of cryptocurrency is attracting cybercrime that is using different means to target the cryptocurrency industry. ClipBanker trojans.

Cryptocurrency 93

Cryptocurrency Social Engineering Malware Cybercrime 93

CyberSecurity Insiders

OCTOBER 14, 2021

This gang of cybercriminals targets individuals within an organization with social engineering tactics designed to fool them into opening a document from a ZIP file attached to an email. How do hackers use social engineering? Social engineering schemes range from covert to obvious. OnePercent Group attacks.

Social Engineering 133

Social Engineering Ransomware Engineering Phishing 133

The Last Watchdog

APRIL 6, 2020

This can make them particularly susceptible to social engineering trickery, the trigger for online extortion and fraud campaigns, Bastable told me. BEC campaigns accounted for an estimated $26 billion in cybercrime-related losses reported to the FBI over a three year period. The total stolen: $2.3 The FBI is investigating.

Scams 147

Scams Social Engineering Ransomware Engineering 147

Krebs on Security

APRIL 30, 2020

In many ways, the COVID-19 pandemic has been a boon to cybercriminals: With unprecedented numbers of people working from home and anxious for news about the virus outbreak, it’s hard to imagine a more target-rich environment for phishers, scammers and malware purveyors. ” Alex Holden , founder and CTO of Hold Security , agreed.

Cybercrime 308

Cybercrime Computers and Electronics Marketing Scams 308

SecureList

NOVEMBER 22, 2022

As the financial threat landscape has been dramatically evolving over the past few years, with the expansion of such activities as ransomware or cryptofraud, we believe it is no longer sufficient to look at the threats to traditional financial institutions (like banks), but rather assess financial threats as a whole.

Cryptocurrency 87

Cryptocurrency Mobile Ransomware Banking 87

Security Affairs

MARCH 10, 2020

Microsoft is warning of human-operated ransomware, this kind of attack against businesses is becoming popular in the cybercrime ecosystem. Human-operated ransomware is a technique usually employed in nation-state attacks that is becoming very popular in the cybercrime ecosystem. ” reads the post published by Microsoft.

Ransomware 116

Ransomware Cybercrime Social Engineering Banking 116

eSecurity Planet

SEPTEMBER 14, 2022

Cybercrime is a growth industry like no other. 70% of attacks were on banks. Then, we’ll go over the basic, foundational techniques most scammers find themselves using, such as social engineering and phishing. Social Tactics. In 2021 alone, IC3 received 847,376 complaints which amounted to $6.9

Social Engineering 118

Social Engineering Energy and Utilities Phishing Scams 118

Security Affairs

MARCH 30, 2020

The Zeus Sphinx malware is back, operators are now spreading it exploiting the interest in the Coronavirus outbreak. The Zeus Sphinx malware is back, it was observed in a new wave of attacks attempting to exploit the interest in the Coronavirus outbreak. ” reads the analysis published by IBM Z-Force. ” continues the post.”Next,

Banking 103

Banking Malware Social Engineering Advertising 103

Security Affairs

JULY 11, 2022

Figure 2 presents an example of an SMS sent to Internet end-users during the ANUBIS social engineering wave. The image is related to an ongoing campaign in Portugal impersonating a specific organization to steal banking credentials. Figure 2: Example of SMS sent during the social engineering wave.

Phishing 100

Phishing Social Engineering Banking Engineering 100

Identity IQ

DECEMBER 20, 2023

Businesses faced constant threats with phishing scams , malware , and other tactics. This signals a new era of cybercrime where private data becomes prized currency, putting every email address and credit card number at risk. But the numbers alone tell only part of the story.

Data breaches 72

Data breaches Identity Theft Cybercrime Social Engineering 72

Malwarebytes

FEBRUARY 14, 2023

In a collaborative partnership, officials in the United States and the United Kingdom unmasked and imposed financial sanctions against seven members of the notorious Russian gang TrickBot (alias "TrickLoader"), a mainstream banking Trojan turned malware-as-a-service (MaaS) platform for other criminals. Educate your staff.

Ransomware 64

Ransomware Backups Banking Social Engineering 64

SecureList

SEPTEMBER 28, 2022

Prilex is a Brazilian threat actor that has evolved out of ATM-focused malware into modular point-of-sale malware. Active since 2014, in 2016, the group decided to give up ATM malware and focus all of their attacks on PoS systems, targeting the core of the payment industry. It all started with ATMs during a carnival celebration.

Malware 96

Malware Banking Software Encryption 96

Security Affairs

SEPTEMBER 15, 2023

The stolen data also includes driver’s license numbers and/or social security numbers. The intrusion resulted from a social engineering attack on a third-party IT support vendor used by Caesars Entertainment. ” The investigation is still ongoing to determine the extent of security incident.

Social Engineering 112

Social Engineering Ransomware Banking Cyber Attacks 112

SecureList

NOVEMBER 23, 2022

In this research, we analyze various types of threats, such as financial malware and phishing pages mimicking the world’s biggest retail platforms, banking and payment systems, and discuss recent trends. Kaspersky distinguishes several types of financial phishing: banking, payment system, and online store phishing.

Phishing 99

Phishing Banking Scams Retail 99

Identity IQ

MAY 7, 2021

Once they have access to an account with sufficient authority, cybercriminals can use that trusted email address to scam other companies into making fraudulent payments or just distribute malware en mass. Install Anti-Malware Software. Malware is a crucial tool used to carry out account takeover attacks. The Bottom Line.

Accountability 105

Accountability Data breaches Passwords Social Engineering 105

BH Consulting

OCTOBER 6, 2022

Banks and insurance companies are telling customers to be wary of scam messages. Social engineering techniques, such as phishing, target not the systems but the people using them. So with European Cybersecurity Month here, now’s a good time to familiarise ourselves again with a popular cybercrime tactic. A message to you.

Security Awareness 52

Security Awareness Phishing Scams Social Engineering 52

Security Affairs

JANUARY 30, 2019

According to the ENISA Threat Landscape Report 2018, 2018 has brought significant changes in the techniques, tactics, and procedures associated with cybercrime organizations and nation-state actors. Nation-state hacking reduced the use of complex malware and appears to go towards low profile social engineering attacks.

Cyber threats 83

Cyber threats IoT Social Engineering Advertising 83

Identity IQ

FEBRUARY 7, 2023

Phishing is a type of social engineering scam most commonly hidden in a fraudulent email but sometimes via text message, website, or phone call where a criminal posing as a legitimate institution, such as a bank or service, tries to obtain sensitive information from a target victim. What is Phishing? Malicious Web Links.

Phishing 98

Phishing Identity Theft Scams Banking 98

Security Affairs

OCTOBER 20, 2020

Group-IB assisted Paxful, an international peer-to-peer cryptocurrency marketplace, in countering web-bot and social engineering attacks. The combination of advanced anti-fraud technologies and intelligence protects both banking and retail customers. million customers against possible attacks. About Group-IB.

Cryptocurrency 59

Cryptocurrency Social Engineering eCommerce Engineering 59

Security Affairs

OCTOBER 10, 2018

As stated in Group-IB’s annual report “ Hi-Tech Crime Trends 2018 ” presented at the CyberCrimeCon18 conference, every month, 1-2 banks lose money as a result of cyber attacks, and the damage caused by one successful theft is, on average, $2 million. Considering this, banks need to rethink their approach to protection against cyber threats.

Cyber Attacks 83

Cyber Attacks Banking Cyber threats Phishing 83

The Last Watchdog

JUNE 21, 2020

Balaban This ransomware was doing the rounds over spam generated by the Gameover ZeuS botnet, which had been originally launched in 2011 as a toolkit for stealing victim’s banking credentials and was repurposed for malware propagation. Forward outlook Ransomware is a dynamic and increasingly hybrid segment of cybercrime.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

Security Boulevard

FEBRUARY 24, 2021

When the pandemic struck, online bad actors took it as an opportunity to double-down on their attacks through ransomware, malware, and social engineering. Meanwhile, greater reliance on mobile devices for everything from managing our bank accounts to checking credit scores leaves fintech users more at-risk than ever.

Cybersecurity 105

Cybersecurity Artificial Intelligence Risk Cybercrime 105

Security Affairs

NOVEMBER 4, 2019

The City of Ocala in Florida is the last victim in order of time of a profitable business email compromise scam (BEC) attack, fraudsters redirected over $742,000 to a bank account under their control. This phase involves social engineering techniques, OSING, and also malware. ” reported BleepingComputer.

Scams 46

Scams Banking Social Engineering Accountability 46

Security Affairs

SEPTEMBER 2, 2018

Security experts from Kaspersky Lab have uncovered a new spam campaign leveraging the Loki Bot malware to target corporate mailboxes. Loki Bot operators employ various social engineering technique to trick victims into opening weaponized attachments that would deploy the Loki Bot stealer. Securi ty Affairs – Loki Bot, malware).

Social Engineering 55

Social Engineering Cryptocurrency Advertising Malware 55

Security Affairs

MAY 24, 2019

Getting your paycheck deposited directly into your bank account seems like a handy solution but in some cases. Getting your paycheck deposited directly into your bank account seems like a handy solution because you don’t have to pick up the check from your workplace and take it to the bank to deposit it.

Phishing 92

Phishing Accountability Banking Social Engineering 92