Security Affairs

MAY 28, 2023

Bandit Stealer is a new stealthy information stealer malware that targets numerous web browsers and cryptocurrency wallets. Trend Micro researchers discovered a new info-stealing malware, dubbed Bandit Stealer, which is written in the Go language and targets multiple browsers and cryptocurrency wallets.

Cryptocurrency 95

Cryptocurrency Malware Advertising Phishing 95

Malwarebytes

DECEMBER 5, 2022

Now, researchers at Volexity have analyzed a new campaign that is likely targeting cryptocurrency users and organizations with a variant of the AppleJeus malware by using malicious Microsoft Office documents. One of the group's preferred tactics is to use trojanized cryptocurrency related apps, like AppleJeus. Lazarus Group.

Cryptocurrency 79

Cryptocurrency Malware Scams Cybercrime 79

Security Affairs

APRIL 15, 2022

The cybercrime gang has been active since at least January 2020. The malware is also able to steal details from cryptocurrency wallets and load additional malware to conduct malicious operations. “It features the ability to steal sensitive information from victims and can download additional malware to infected systems. .””

Cybercrime 86

Cybercrime Malware Cryptocurrency Hacking 86

Security Affairs

SEPTEMBER 9, 2021

In January 2021, the cybercrime gang launched a new campaign targeting Kubernetes environments with the Hildegard malware. Experts pointed out that even if the group is expanding its arsenal adding new capabilities, it still focuses on cryptocurrency mining. ” reads the analysis published by AT&T. Pierluigi Paganini.

Cybercrime 93

Cybercrime Cryptocurrency Penetration Testing Malware 93

CSO Magazine

APRIL 18, 2023

The Aurora infostealer is written in Go and is operated as a malware-as-a-service platform that's advertised on Russian-language cybercrime forums.

Malware 120

Malware Cryptocurrency Cybercrime Advertising 120

Malwarebytes

APRIL 19, 2022

A new advisory issued by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the US Treasury Department (Treasury), highlights the cyberthreats associated with cryptocurrency thefts and tactics used by a North Korean state-sponsored advanced persistent threat (APT) group since at least 2020.

Social Engineering 114

Social Engineering Cryptocurrency Computers and Electronics Engineering 114

SecureList

OCTOBER 20, 2021

Having been in the field for so long, we have witnessed some major changes in the cybercrime world’s modus operandi. This report shares our insights into the Russian-speaking cybercrime world and the changes in how it operates that have happened in the past five years. Conclusion: cybersecurity and cybercrime have matured.

Cybercrime 142

Cybercrime Banking Malware Ransomware 142

Krebs on Security

JANUARY 30, 2024

authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. 12 blog post , the attackers used their access to Mailchimp employee accounts to steal data from 214 customers involved in cryptocurrency and finance. 9, 2024, U.S.

Social Engineering 326

Social Engineering Mobile Cybercrime Passwords 326

Security Affairs

FEBRUARY 24, 2020

The malware is cheap compared to similar threats, it is able to steal sensitive data from about 60 applications, including (browsers, cryptocurrency wallets, email and FTP clients). And this goes beyond usernames and passwords to information that can get them immediate financial gain like credit card information and cryptocurrency wallets.”

Cybercrime 90

Cybercrime Malware Cryptocurrency Advertising 90

SecureList

MAY 6, 2024

Methodology In this report, we present an analysis of financial cyberthreats in 2023, focusing on banking Trojans and phishing pages that target online banking, shopping accounts, cryptocurrency wallets and other financial assets. Cryptocurrency phishing saw a 16% year-on-year increase in 2023, with 5.84 million in 2022.

Phishing 109

Phishing Banking Mobile Scams 109

SecureWorld News

JULY 19, 2022

Stay away from cryptocurrencies—for now. It says these fraudsters are "claiming to offer legitimate cryptocurrency investment services, and convincing investors to download fraudulent mobile apps, which the cyber criminals have used with increasing success over time to defraud the investors of their cryptocurrency.".

Cryptocurrency 77

Cryptocurrency Scams Cybercrime Accountability 77

Security Affairs

JUNE 3, 2022

The bot focuses on cryptocurrency mining and cryptocurrency theft via clipboard hijacking. Clipminer was first spotted in early 2021, it likely spread via Trojanized downloads of cracked or pirated software. Then the downloader connects to the Tor network to download the components of the Clipminer.

Cryptocurrency 137

Cryptocurrency Malware Hacking Software 137

Malwarebytes

SEPTEMBER 11, 2023

The malspam campaign used stolen email threads to lure victims into clicking a hyperlink, which downloaded the malware. A cybercriminal who goes by the handle RastaFarEye has been advertising DarkGate Loader on cybercrime forums since June 16, 2023. When the user opens the downloaded MSI file, the DarkGate infection is triggered.

Malware 111

Malware Social Engineering Cryptocurrency Cybercrime 111

Krebs on Security

AUGUST 29, 2023

government today announced a coordinated crackdown against QakBot , a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. Researchers at AT&T Alien Labs say the crooks responsible for maintaining the QakBot botnet have rented their creation to various cybercrime groups over the years.

Hacking 262

Hacking Malware Ransomware Government 262

Security Affairs

APRIL 28, 2023

The malware allows operators to steal login credentials from popular services such as social media platforms and cryptocurrency wallets, then stolen data is sold on cybercrime forums by the operators. CryptBot distributors spread the malware through modified versions of legitimate software such as Google Earth Pro and Google Chrome.

Malware 93

Malware Cybercrime Cryptocurrency Media 93

Security Affairs

DECEMBER 12, 2022

Researchers spotted a cryptocurrency mining campaign targeting Linux users with Go-based CHAOS malware (Trojan.Linux.CHAOSRAT). In November 2022, Trend Micro researchers discovered a cryptocurrency mining campaign targeting Linux users with Go-based CHAOS malware (Trojan.Linux.CHAOSRAT). Download files. Upload files. Open a URL.

Malware 99

Malware Cryptocurrency Hacking Software 99

Security Affairs

NOVEMBER 26, 2021

Morphisec researchers spread cryptocurrency malware dubbed Babadeda in attacks aimed at crypto and NFT communities. Morphisec researchers spotted a new crypto-malware strain, tracked as Babadeda, targeting cryptocurrency, non-fungible token (NFT), and DeFi passionates through Discord channels. ” concludes the report.

Cryptocurrency 123

Cryptocurrency Malware Antivirus Phishing 123

Krebs on Security

MARCH 28, 2021

“web shells”) that various cybercrime groups worldwide have been using to commandeer any unpatched Exchange servers. But Watson said they don’t know how many of those systems also ran the secondary download from the rogue Krebsonsecurity domain. Just my Social Security number. I’d been doxed via DNS.

Hacking 357

Hacking Cybercrime DNS Antivirus 357

SecureList

NOVEMBER 23, 2021

The COVID-19 pandemic is likely to cause a massive wave of poverty, and that invariably translates into more people resorting to crime, including cybercrime. We should expect more fraud, targeting mostly BTC , because this cryptocurrency is the most popular. Cracking down hard on the cybercrime world.

Cryptocurrency 121

Cryptocurrency Banking Cybercrime Ransomware 121

Security Affairs

AUGUST 1, 2023

Researchers spotted a Python variant of the NodeStealer that was designed to take over Facebook business accounts and cryptocurrency wallets. The malicious code was designed to take over Facebook business accounts and steal funds from cryptocurrency wallets. ” reads the analysis published by Palo Alto Networks.

Accountability 89

Accountability Cryptocurrency Malware Phishing 89

Krebs on Security

AUGUST 16, 2022

Earlier this month, the administrator of the cybercrime forum Breached received a cease-and-desist letter from a cybersecurity firm. The administrator responded to this empty threat by purchasing the stolen banking data and leaking it on the forum for everyone to download.

Data breaches 269

Data breaches Banking Cybercrime Marketing 269

Security Affairs

JUNE 5, 2019

A new piece of malware appeared in the threat landscape, dubbed BlackSquid it targets web servers with several exploits to deliver cryptocurrency miners. “Simultaneous with its attacks, BlackSquid also downloads and executes two XMRig cryptocurrency-mining components.! continues the analysis. Pierluigi Paganini.

Cryptocurrency 63

Cryptocurrency Malware Advertising Hacking 63

Security Affairs

JANUARY 4, 2024

Researchers discovered three malicious packages in the PyPI repository targeting Linux systems with a cryptocurrency miner. The malicious packages totaled more than 400 downloads before they were removed from the repository. This file outlines the cryptocurrency mining setting.

Cryptocurrency 116

Cryptocurrency Accountability Malware Hacking 116

SecureWorld News

JULY 11, 2022

Axie Infinity, a video game that utilizes NFTs and Ethereum-based cryptocurrencies, lost $540 million in March of this year after a senior engineer was tricked into opening a PDF of a fake job application, according to a story from The Block. So, what exactly happened with Axie Infinity?

Social Engineering 75

Social Engineering Hacking Cryptocurrency Engineering 75

Security Affairs

APRIL 24, 2024

A malware campaign has been exploiting the updating mechanism of the eScan antivirus to distribute backdoors and cryptocurrency miners. The researchers noticed that the downloaded package file is replaced with a malware-laced one on the wire because the process doesn’t use an HTTPS connection.

Antivirus 101

Antivirus Malware DNS Cryptocurrency 101

Security Affairs

AUGUST 27, 2020

According to Microsoft, the new piece of malware uses code forked from Loki malware to steal system info, credentials, credit card details, cryptocurrency wallets. Anubis is deployed in what appears to be limited, initial campaigns that have so far only used a handful of known download URLs and C2 servers.

Malware 127

Malware Advertising Cryptocurrency Cybercrime 127

SecureList

NOVEMBER 10, 2022

Cryptocurrency prices were dropping from the end of 2021 and throughout the first half of 2022. Apart from cryptocurrency theft they extort digital money or illicitly mine it using victim’s devices instead of their own. Cryptocurrency mining is a painstaking and costly process, and not as rewarding as when the prices were high.

Cryptocurrency 120

Cryptocurrency Malware Software Ransomware 120

Security Affairs

MAY 1, 2023

While investigating the malware distribution, the researchers noticed the use of an infrastructure known to belong to cybercrime group TA505. The command downloads the DLL (LOBSHOT malware) from download-cdn[.]com, com, which is a domain associated with the operations of the TA505 cybercrime gang.

Malware 89

Malware Cybercrime Banking Software 89

SecureList

NOVEMBER 22, 2022

Cryptocurrency targeted attacks. The cryptocurrency business continues to grow, and people continue to invest their money in this market because it’s a digital asset and all transactions occur online. These are attractive aspects that cybercrime groups will be unable to resist. million downloads.

Cryptocurrency 96

Cryptocurrency Mobile Ransomware Banking 96

Security Affairs

JANUARY 4, 2023

Researchers discovered a new Linux malware developed with the shell script compiler ( shc ) that was used to deliver a cryptocurrency miner. It downloads and runs files from external sources, and based on the fact that XMRig CoinMiner is downloaded and installed from the currently available address, it is assumed to be a CoinMiner downloader.”

Malware 95

Malware DDOS Cryptocurrency Firewall 95

SecureList

NOVEMBER 21, 2023

We highlighted the growing popularity of cryptocurrencies and anticipated an increase in crypto scams. It correctly pointed out that attackers were paying more attention to downloaders and droppers to evade detection. The usage of cryptocurrencies combined with the usage of mixer systems was the method of choice for major RaaS groups.

Penetration Testing 128

Penetration Testing Banking Ransomware Mobile 128

Malwarebytes

JANUARY 20, 2023

The US Department of Justice (DOJ) has released information about the arrest of Anatoly Legkodymov, the founder and majority owner of a cryptocurrency exchange called Bitzlato, on money laundering charges. Keep threats off your devices by downloading Malwarebytes today. Polite, Jr.

Ransomware 84

Ransomware Cryptocurrency Accountability Cybercrime 84

Security Affairs

APRIL 13, 2024

The recent malware campaign involves a large, padded executable file that shares similarities with the “Keyzetsu clipper” malware, targeting cryptocurrency wallets. On April 3rd, the attacker updated the code in one of their repositories, linking to a new URL that downloads a different encrypted.7z

Malware 122

Malware Cryptocurrency Encryption Hacking 122

Security Affairs

MARCH 28, 2019

Security experts at Group-IB have detected the activity of Gustuff a mobile Android Trojan, which includes potential targets of customers in leading international banks, users of cryptocurrency services, popular ecommerce websites and marketplaces. Gustuff has previously never been reported. Pierluigi Paganini.

Banking 90

Banking Cryptocurrency Mobile Advertising 90

SC Magazine

FEBRUARY 17, 2021

billion in currency and cryptocurrency and further other strategic interests for the North Korean government. billion in funds from banks across four continents since 2018 through cryptocurrency heists, ATM cash outs and developed new forms of malware. Law enforcement officials said the group has also targeted more than $1.2

Hacking 103

Hacking Cryptocurrency Banking Malware 103

Security Affairs

JANUARY 28, 2021

The TeamTNT cybercrime group has improved its Linux cryptocurrency miner by implementing open-source detection evasion capabilities. The TeamTNT cybercrime group has upgraded their Linux cryptocurrency miner by adding open-source detection evasion capabilities, AT&T Alien Labs researchers warn.

Cryptocurrency 121

Cryptocurrency Cybercrime DNS Malware 121

SecureList

OCTOBER 24, 2023

If all is good (from the attacker point of view), a fake WhatsApp download page is shown and the user is tricked into downloading the malware. Again, something interesting happens, as there are two URLs the malware can be downloaded from. Which URL is used depends on whether port 27275 is open on the user machine.

Ransomware 107

Ransomware Malware Advertising Passwords 107