Security Affairs

JANUARY 2, 2022

North Korea-linked threat actors are behind some of the largest cyberattacks against cryptocurrency exchanges. North Korea-linked APT groups are suspected to be behind some of the largest cyberattacks against cryptocurrency exchanges. billion (2 trillion won) worth of cryptocurrency from multiple exchanges during the past five years.

Cryptocurrency 124

Cryptocurrency Cybercrime Media Government 124

Krebs on Security

JUNE 15, 2021

Department of Justice (DOJ) last week announced the arrest of a 55-year-old Latvian woman who’s alleged to have worked as a programmer for Trickbot , a malware-as-a-service platform responsible for infecting millions of computers and seeding many of those systems with ransomware. Alla Witte’s personal website — allawitte[.]nl

Cybercrime 305

Cybercrime Ransomware Passwords Banking 305

Security Boulevard

FEBRUARY 24, 2021

In mid-February 2021, the Department of Justice shared the content of what had been a sealed indictment charging three North Korean (DPRK) hacking “operatives” with a plethora of cybercrimes, including “cyber heists and extortion schemes, targeting both traditional and cryptocurrencies.” Assistant Attorney General John C.

Cybercrime 136

Cybercrime Hacking Cryptocurrency Ransomware 136

CSO Magazine

APRIL 18, 2023

Security researchers warn of a new malware loader that's used as part of the infection chain for the Aurora information stealer. The Aurora infostealer is written in Go and is operated as a malware-as-a-service platform that's advertised on Russian-language cybercrime forums.

Malware 120

Malware Cryptocurrency Cybercrime Advertising 120

Security Affairs

APRIL 13, 2024

Researchers warn threat actors are manipulating GitHub search results to target developers with persistent malware. Checkmarx researchers reported that t hreat actors are manipulating GitHub search results to deliver persistent malware to developers systems. Merely checking for known vulnerabilities is insufficient.

Malware 112

Malware Cryptocurrency Encryption Hacking 112

Security Affairs

OCTOBER 16, 2023

Researchers uncovered an ongoing campaign abusing popular messaging platforms Skype and Teams to distribute the DarkGate malware. The threat actors abused popular messaging platforms such as Skype and Teams to deliver a script used as a loader for a second-stage payload, which was an AutoIT script containing the DarkGate malware.

Malware 104

Malware Cryptocurrency Accountability Cybercrime 104

Security Affairs

MAY 28, 2023

Bandit Stealer is a new stealthy information stealer malware that targets numerous web browsers and cryptocurrency wallets. Trend Micro researchers discovered a new info-stealing malware, dubbed Bandit Stealer, which is written in the Go language and targets multiple browsers and cryptocurrency wallets.

Cryptocurrency 94

Cryptocurrency Malware Advertising Phishing 94

eSecurity Planet

DECEMBER 21, 2021

Cryptocurrency Fuels Ransomware. One constant in all this will be cryptocurrency, the coin of the realm when it comes to ransomware. Cryptocurrency really is fueling this in a sense. … If you were to take cryptocurrency away from that, they don’t have a convenient digital platform.

Cryptocurrency 140

Cryptocurrency Ransomware Cybercrime Social Engineering 140

Security Affairs

APRIL 24, 2024

A malware campaign has been exploiting the updating mechanism of the eScan antivirus to distribute backdoors and cryptocurrency miners. Avast researchers discovered and analyzed a malware campaign that exploited the update mechanism of the eScan antivirus to distribute backdoors and crypto miners.

Antivirus 97

Antivirus Malware DNS Cryptocurrency 97

Threatpost

SEPTEMBER 9, 2021

John Hammond, security researcher with Huntress, discusses how financially motivated cybercrooks use and abuse cryptocurrency.

Cryptocurrency 111

Cryptocurrency Cybercrime InfoSec Mobile 111

Security Affairs

FEBRUARY 24, 2023

Researchers warn of an evasive cryptojacking malware targeting macOS which spreads through pirated applications Jamf Threat Labs researchers reported that an evasive cryptojacking malware targeting macOS was spotted spreading under the guise of the Apple-developed video editing software, Final Cut Pro. ” concludes the report.

Cryptocurrency 91

Cryptocurrency Malware Software Passwords 91

Heimadal Security

FEBRUARY 2, 2023

1,894 web injects (overlays of phishing windows) are for sale on Russian cybercrime forums. The phishing windows are meant to steal credentials from banking, cryptocurrency exchange, and e-commerce apps imitating widely-used software, and they are compatible with various Android banking malware.

Cybercrime 68

Cybercrime Banking Cryptocurrency Phishing 68

Graham Cluley

MARCH 7, 2024

If you have been optimistically daydreaming that losses attributed to cybercrime might have reduced in the last year, it's time to wake up. The FBI's latest annual Internet Crime Complaint Center (IC3) report has just been published, and makes for some grim reading. Read more in my article on the Tripwire State of Security blog.

Cybercrime 110

Cybercrime Internet Internet Scams 110

SecureList

JUNE 12, 2023

Introduction Stealing cryptocurrencies is nothing new. Since then, stealing cryptocurrencies has continued to occupy cybercriminals. One of the latest additions to this phenomenon is the multi-stage DoubleFinger loader delivering a cryptocurrency stealer. For example, the Mt. recovery phrases).

Cryptocurrency 79

Cryptocurrency Encryption Malware Ransomware 79

Security Affairs

MAY 2, 2021

The bold author of a new cryptocurrency stealer, dubbed WeSteal, is promising its customers a leading way to make money in 2021. WeSteal is a Python-based malware that uses regular expressions to search for strings related to wallet addresses that victims have copied to their clipboard. There is the name of the malware itself.

Cryptocurrency 106

Cryptocurrency Malware Advertising System Administration 106

Security Affairs

NOVEMBER 1, 2021

Operators behind the Squid Game cryptocurrency have exit scam making off with an estimated $2.1 Operators behind the Squid Game cryptocurrency have exit scam making off with an estimated $2.1 The following graph shows that the cryptocurrency peaked at a price of $2,861 before dropping to $0 around. ” reported GixModo.

Cryptocurrency 116

Cryptocurrency Scams Cybercrime Advertising 116

Security Affairs

FEBRUARY 24, 2020

Raccoon Malware is a recently discovered infostealer that can extract sensitive data from about 60 applications on a targeted system. Racoon malware , Legion, Mohazo, and Racealer, is an infostealer that recently appeared in the threat landscape that is advertised in hacking forums. ” reads the report published by CyberArk.

Cybercrime 87

Cybercrime Malware Cryptocurrency Advertising 87

Security Affairs

APRIL 15, 2022

The cybercrime gang has been active since at least January 2020. The malware is also able to steal details from cryptocurrency wallets and load additional malware to conduct malicious operations. ZingoStealer uses Telegram chat features to exfiltrate data and distribute malware updates and components.

Cybercrime 85

Cybercrime Malware Cryptocurrency Hacking 85

Security Affairs

MARCH 1, 2023

Experts warn of a new wave of attacks against cryptocurrency entities, threat actors are using a RAT dubbed Parallax RAT for Infiltration. Researchers from cybersecurity firm Uptycs warns of attacks targeting cryptocurrency organizations with the Parallax remote access Trojan (RAT).

Cryptocurrency 87

Cryptocurrency Malware Phishing Hacking 87

Security Affairs

MARCH 6, 2021

A suspicious wave of attacks resulted in the hack of four cybercrime forums Verified, Crdclub, Exploit, and Maza since January. Since January, a series of mysterious cyberattacks that resulted in the hack of popular Russian-language cybercrime forums. The hack of the Maza cybercrime forum was also reported by researchers at Flashpoint.

Cybercrime 145

Cybercrime DDOS Hacking Passwords 145

The Hacker News

MARCH 23, 2022

Vulnerable routers from MikroTik have been misused to form what cybersecurity researchers have called one of the largest botnet-as-a-service cybercrime operations seen in recent years.

Malware 103

Malware Cryptocurrency Cybercrime Cybersecurity 103

Security Affairs

MARCH 6, 2024

A new Linux malware campaign campaign is targeting misconfigured Apache Hadoop, Confluence, Docker, and Redis instances. Researchers from Cado Security observed a new Linux malware campaign targeting misconfigured Apache Hadoop, Confluence, Docker, and Redis instances.

Malware 138

Malware Cryptocurrency Engineering Internet 138

Security Affairs

JANUARY 12, 2022

Experts warn of a new variant of the RedLine malware that is distributed via emails as fake COVID-19 Omicron stat counter app as a lure. The malicious code can also act as a first-stage malware. SecurityAffairs – hacking, RedLine malware). Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Malware 132

Malware Manufacturing Cryptocurrency Cybercrime 132

Security Affairs

SEPTEMBER 9, 2021

The TeamTNT botnet is a crypto-mining malware operation that has been active since April 2020 and that targets Docker installs. In January 2021, the cybercrime gang launched a new campaign targeting Kubernetes environments with the Hildegard malware. ” reads the analysis published by AT&T. Pierluigi Paganini.

Cybercrime 90

Cybercrime Cryptocurrency Penetration Testing Malware 90

Security Affairs

SEPTEMBER 17, 2018

Palo Alto Network researchers discovered a new malware, tracked as XBash, that combines features from ransomware, cryptocurrency miners, botnets, and worms. Security researchers at Palo Alto Networks have discovered a new piece of malware, dubbed XBash piece that is targeting both Linux and Microsoft Windows servers.

Cryptocurrency 90

Cryptocurrency Malware Ransomware Cybercrime 90

Security Affairs

JUNE 24, 2020

The CryptoCore hacker group that is believed to be operating out of Eastern Europe has stolen around $200 million from online cryptocurrency exchanges. Experts from ClearSky states that a hacker group tracked as CryptoCore, which is believed to be operating out of Eastern Europe, has stolen around $200 million from cryptocurrency exchanges.

Cryptocurrency 101

Cryptocurrency Phishing Accountability Passwords 101

Malwarebytes

SEPTEMBER 11, 2023

Researchers have found a new method by which cybercriminals are spreading the DarkGate Loader malware. The malspam campaign used stolen email threads to lure victims into clicking a hyperlink, which downloaded the malware. Until now, DarkGate was typically distributed via phishing emails.

Malware 116

Malware Social Engineering Cryptocurrency Cybercrime 116

Security Affairs

DECEMBER 12, 2022

Researchers spotted a cryptocurrency mining campaign targeting Linux users with Go-based CHAOS malware (Trojan.Linux.CHAOSRAT). In November 2022, Trend Micro researchers discovered a cryptocurrency mining campaign targeting Linux users with Go-based CHAOS malware (Trojan.Linux.CHAOSRAT). Download files. Restart the PC.

Malware 99

Malware Cryptocurrency Hacking Software 99

Security Affairs

NOVEMBER 8, 2022

Researchers observed a SmokeLoader campaign that is distributing a new clipper malware dubbed Laplas Clipper that targets cryptocurrency users. Cyble researchers uncovered a SmokeLoader campaign that is distributing community malware, such as SystemBC and Raccoon Stealer 2.0 , along with a new clipper malware tracked as Laplas.

Malware 93

Malware Cryptocurrency Hacking Cybercrime 93

Security Affairs

JUNE 25, 2023

Researchers observed threat actors spreading a trojanized Super Mario Bros game installer to deliver multiple malware. The researchers pointed out that attackers target gamers because they often use powerful hardware for gaming, which is excellent for mining cryptocurrencies. stream” to carry out cryptocurrency mining activities.”

Malware 96

Malware Cryptocurrency Passwords Hacking 96

Krebs on Security

AUGUST 29, 2023

government today announced a coordinated crackdown against QakBot , a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. Qakbot/Qbot was once again the top malware loader observed in the wild in the first six months of 2023. Source: Reliaquest.com.

Hacking 246

Hacking Malware Ransomware Government 246

Malwarebytes

SEPTEMBER 18, 2023

In a public announcement , Free Download Manager has acknowledged that a specific web page on its site was compromised by a Ukrainian cybercrime group, exploiting it to distribute malware. All the Free Download Manager users who downloaded FDM for Linux between 2020 and 2022 should scan their computers for malware.

Malware 114

Malware Cryptocurrency Cybercrime Software 114

Security Affairs

MAY 1, 2023

The previously undetected LOBSHOT malware is distributed using Google ads and gives operators VNC access to Windows devices. Threat actors are using an elaborate scheme of fake websites through Google Ads to spread their malware, the backdoors are embedded in installers for apparently legitimate applications, such as AnyDesk.

Malware 88

Malware Cybercrime Banking Software 88

Threatpost

SEPTEMBER 16, 2021

John Hammond, security researcher with Huntress, discusses a wallet-hijacking RAT, and how law enforcement recovered millions in Bitcoin after the Colonial Pipeline attack.

Cryptocurrency 87

Cryptocurrency Cybercrime InfoSec Malware 87

SecureList

OCTOBER 20, 2021

Having been in the field for so long, we have witnessed some major changes in the cybercrime world’s modus operandi. This report shares our insights into the Russian-speaking cybercrime world and the changes in how it operates that have happened in the past five years. Malware developers — no longer hiring.

Cybercrime 137

Cybercrime Banking Malware Ransomware 137

Security Affairs

AUGUST 27, 2020

Microsoft warned of a recently uncovered piece of malware, tracked as Anubis that was designed to steal information from infected systems. This week, Microsoft warned of a recently uncovered piece of malware, tracked as Anubis, that was distributed in the wild to steal information from infected systems. Pierluigi Paganini.

Malware 125

Malware Advertising Cryptocurrency Cybercrime 125

Security Boulevard

AUGUST 2, 2022

Current threat actor activity is incentivized by a broad attack surface represented through high volumes of users and systems, and high potential profits represented through the variety of cryptocurrency offerings. It is easy to detect and block things like malicious cryptocurrency apps or crypto-phishing websites.

Cryptocurrency 98

Cryptocurrency Ransomware Government Risk 98