Cryptocurrency, Cybercrime, DDOS and Passwords

Fake Lawsuit Threat Exposes Privnote Phishing Sites

Krebs on Security

APRIL 4, 2024

The disclosure revealed a profitable network of phishing sites that behave and look like the real Privnote, except that any messages containing cryptocurrency addresses will be automatically altered to include a different payment address controlled by the scammers. co showing the site did indeed swap out any cryptocurrency addresses.

Phishing

Phishing Cryptocurrency DDOS Internet

Hackers breached four prominent underground cybercrime forums

Security Affairs

MARCH 6, 2021

A suspicious wave of attacks resulted in the hack of four cybercrime forums Verified, Crdclub, Exploit, and Maza since January. Since January, a series of mysterious cyberattacks that resulted in the hack of popular Russian-language cybercrime forums. usernames, partially obfuscated password hashes, email addresses).

Cybercrime

Cybercrime DDOS Hacking Passwords

Beware bad passwords as attackers co-opt Linux servers into cybercrime

Naked Security

JUNE 21, 2023

Did you prevent password-only logins on your SSH servers? On ALL of them? Are you sure about that?

Passwords

Passwords Cybercrime DDOS Cryptocurrency

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

New evolving Abcbot DDoS botnet targets Linux systems

Security Affairs

NOVEMBER 13, 2021

Qihoo 360’s Netlab detailed a new evolving DDoS botnet called Abcbot with wormable capabilities that targets Linux systems. Researchers from Qihoo 360’s Netlab security team have spotted a new botnet, tracked as Abcbot, that targets Linux systems to launch distributed denial-of-service (DDoS) attacks. Pierluigi Paganini.

DDOS

DDOS Malware Passwords Cryptocurrency

Fake DDoS protection pages on compromised WordPress sites lead to malware infections

Security Affairs

AUGUST 21, 2022

Threat actors compromise WordPress sites to display fake Cloudflare DDoS protection pages to distribute malware. DDoS Protection pages are associated with browser checks performed by WAF/CDN services which verify if the site visitor is a human or a bot. The file poses as a tool required to bypass the DDoS verification.

DDOS

DDOS Malware Antivirus Firewall

Crooks target Ukraine’s IT Army with a tainted DDoS tool

Security Affairs

MARCH 10, 2022

Threat actors are spreading password-stealing malware disguised as a security tool to target Ukraine’s IT Army. Cisco Talos researchers have uncovered a malware campaign targeting Ukraine’s IT Army , threat actors are using infostealer malware mimicking a DDoS tool called the “Liberator.” ” continues the report.

DDOS

DDOS Digital transformation Malware Advertising

Eternity Project: You can pay $260 for a stealer and $490 for a ransomware

Security Affairs

MAY 15, 2022

Researchers at cybersecurity firm Cyble analyzed a Tor website named named ‘Eternity Project’ that offers for sale a broad range of malware, including stealers, miners, ransomware, and DDoS Bots. Eternity Stealer. Stolen data are exfiltrated via Telegram Bot.

Ransomware

Ransomware DDOS Cybercrime Malware

New shc Linux Malware used to deploy CoinMiner

Security Affairs

JANUARY 4, 2023

Researchers discovered a new Linux malware developed with the shell script compiler ( shc ) that was used to deliver a cryptocurrency miner. The ASEC analysis team recently discovered that a Linux malware developed with shell script compiler ( shc ) that threat actors used to install a CoinMiner. ” reads the report published by ASEC.

Malware

Malware DDOS Cryptocurrency Firewall

Security Service of Ukraine arrested the popular hacker Sanix who sold billions of stolen credentials

Security Affairs

MAY 20, 2020

The man is known in the cybercrime underground for selling billions of stolen credentials. Early last year, it caught the attention of global cybersecurity experts by posting on one of the forums the sale of a database with 773 million e-mail addresses and 21 million unique passwords.”

Cybercrime

Cybercrime Passwords Advertising Hacking

LilithBot Malware, a new MaaS offered by the Eternity Group

Security Affairs

OCTOBER 6, 2022

In May, researchers at cybersecurity firm Cyble analyzed a Tor website named named ‘Eternity Project’ that offers for sale a broad range of malware, including stealers, miners, ransomware, and DDoS Bots. The operators behind the project allow their customers to customize the binary features through the Telegram channel.

Malware

Malware DDOS Ransomware Cryptocurrency

Clouding the issue: what cloud threats lie in wait in 2022?

Malwarebytes

MARCH 17, 2022

Cryptocurrency wallet attacks. People new to cryptocurrency often gravitate to services which take the hassle out of setting everything up. Some folks may feel the above process isn’t as secure as storing their cryptocurrency on standalone devices. Below, we dig into a few of those. Ransomware supply chain triple-threat.

Cryptocurrency

Cryptocurrency Backups Phishing Password Management

How Did Authorities Identify the Alleged Lockbit Boss?

Krebs on Security

MAY 13, 2024

This post examines the activities of Khoroshev’s many alter egos on the cybercrime forums, and tracks the career of a gifted malware author who has written and sold malicious code for the past 14 years. used the password 225948. was used by a Russian-speaking member called Pin on the English-language cybercrime forum Opensc.

Ransomware

Ransomware Cybercrime Accountability Malware

Security Affairs newsletter Round 341

Security Affairs

NOVEMBER 20, 2021

U.S. (..)

Banking

Banking Small Business Data breaches Firmware

DDoS attacks in Q4 2021

SecureList

FEBRUARY 10, 2022

Q4 2021 saw the appearance of several new DDoS botnets. A zombie network, named Abcbot by researchers, first hit the radar in July, but at the time it was little more than a simple scanner attacking Linux systems by brute-forcing weak passwords and exploiting known vulnerabilities.

DDOS

DDOS Cryptocurrency Marketing Accountability

Your Small Business Cybersecurity Guide to the Most Common Cyberthreats

SiteLock

AUGUST 27, 2021

This makes stealthy attacks incredibly popular in the cybercrime community. Cybercriminals conducting DDoS attacks deploy a network of hacked machines called a “botnet” to flood servers with traffic they can’t handle. Even when a DDoS attack doesn’t take a site completely offline, it usually slows it enough to make it unusable.

Small Business

Small Business Cybersecurity Phishing DDOS

Outlaw is Back, a New Crypto-Botnet Targets European Organizations

Security Affairs

APRIL 28, 2020

The first version spotted by TrendMicro includes a DDoS script that could be used by botmaster to set-up DDoS for-hire service offered on the dark web. Based on our findings, there are some similarities in both techniques and architectures with another cybercrime group, which appeared in the wild around 2012, most probably Romanian.

Architecture

Architecture Malware Hacking DDOS

Ten Years Later, New Clues in the Target Breach

Krebs on Security

DECEMBER 14, 2023

That reporting was based on clues from an early Russian cybercrime forum in which a hacker named Rescator — using the same profile image that Rescator was known to use on other forums — claimed to have originally been known as “Helkern,” the nickname chosen by the administrator of a cybercrime forum called Darklife.

Cybercrime

Cybercrime Accountability Advertising Computers and Electronics

Security Affairs newsletter Round 434 by Pierluigi Paganini – International edition

Security Affairs

AUGUST 27, 2023

million in critical infrastructure cyber projects via new program Ivanti Ships Urgent Patch for API Authentication Bypass Vulnerability Defense contractor Belcan leaks admin password with a list of flaws Leaseweb is restoring ‘critical’ systems after security breach Microsoft is now a cybersecurity titan.

Cybercrime

Cybercrime Hacking Cryptocurrency Ransomware

APT trends report Q1 2022

SecureList

APRIL 27, 2022

Subsequently, DDoS attacks hit several government websites. This application contains a legitimate program called DeFi Wallet, that saves and manages a cryptocurrency wallet, but also implants a malicious file when executed. We recently discovered a Trojanized DeFi application, compiled in November 2021.

Malware

Malware Firmware Government Phishing

What is Malware? Definition, Purpose & Common Protections

eSecurity Planet

OCTOBER 21, 2022

For example, once it infects your device, a keylogger will start tracking every keystroke you make and sending a log of those keystrokes to the hacker, allowing them to reconstruct any sensitive information you might have entered after infection, such as your PIN, password, or social security number.

Malware

Malware Adware Spyware Antivirus

Security Affairs newsletter Round 339

Security Affairs

NOVEMBER 7, 2021

Casinos of tribal communities are losing millions in Ransomware attacks Threat actors stole $55 million worth of cryptocurrency from bZx DeFi platform Philips Tasy EMR healthcare infomatics solution vulnerable to SQL injection White hat hackers earn over $1 Million at Pwn2Own Austin 2021 A drone was modified to disrupt U.S. Operators made $2.1

Data breaches

Data breaches Cryptocurrency Ransomware Hacking

The dark web index 2021, report

Security Affairs

JUNE 4, 2021

Cryptocurrencies are represented in hacked accounts to trading sites. And there are even more specialized products such as DDoS attacks, email databases, and malware. Monero is the cryptocurrency of choice, instead, and all communications must be PGP encrypted. Cryptocurrency trading accounts. DDoS Attacks.

Accountability

Accountability Marketing Hacking Cryptocurrency

The History of Computer Viruses & Malware

eSecurity Planet

NOVEMBER 2, 2022

The document contained a list of pornographic sites, along with passwords for access to said sites and would then spread itself and its NSFW content by emailing the first 50 people in the victim’s contact list. In July 2001, the Code Red Worm attempted to subject the entire Internet to a distributed denial of service (DDoS) attack.

Malware

Malware Ransomware Antivirus Internet

ChatGPT: Cybersecurity friend or foe?

Malwarebytes

MAY 21, 2023

ChatGPT can be trained to identify and mitigate network security threats like DDoS attacks when used in conjunction with other technologies. Researchers also discovered cybercriminals exchanging ideas about how to create dark web marketplaces using ChatGPT that sell stolen credentials, malware, or even drugs in exchange for cryptocurrency.

Cybersecurity

Cybersecurity Artificial Intelligence Social Engineering Engineering

Cyber Security Informer

Fake Lawsuit Threat Exposes Privnote Phishing Sites

Hackers breached four prominent underground cybercrime forums

Webinars

Trending Sources

Beware bad passwords as attackers co-opt Linux servers into cybercrime

Webinars

New evolving Abcbot DDoS botnet targets Linux systems

Fake DDoS protection pages on compromised WordPress sites lead to malware infections

Crooks target Ukraine’s IT Army with a tainted DDoS tool

Eternity Project: You can pay $260 for a stealer and $490 for a ransomware

New shc Linux Malware used to deploy CoinMiner

Security Service of Ukraine arrested the popular hacker Sanix who sold billions of stolen credentials

LilithBot Malware, a new MaaS offered by the Eternity Group

Clouding the issue: what cloud threats lie in wait in 2022?

How Did Authorities Identify the Alleged Lockbit Boss?

Security Affairs newsletter Round 341

DDoS attacks in Q4 2021

Your Small Business Cybersecurity Guide to the Most Common Cyberthreats

Outlaw is Back, a New Crypto-Botnet Targets European Organizations

Ten Years Later, New Clues in the Target Breach

Security Affairs newsletter Round 434 by Pierluigi Paganini – International edition

APT trends report Q1 2022

What is Malware? Definition, Purpose & Common Protections

Security Affairs newsletter Round 339

The dark web index 2021, report

The History of Computer Viruses & Malware

ChatGPT: Cybersecurity friend or foe?

Stay Connected