Malwarebytes

MARCH 18, 2025

We were alerted to Mac and Windows stealers currently distributed via Reddit posts targeting users engaging in cryptocurrency trading. These two malware families have wreaked havoc, pillaging victims’ personal data and enabling their distributors to make substantial gains, mostly by taking over cryptocurrency wallets.

Cryptocurrency 111

Cryptocurrency Malware Scams Antivirus 111

SecureList

OCTOBER 21, 2024

Kral In mid-2023, we discovered the Kral downloader which, back then, downloaded the notorious Aurora stealer. This changed in February this year when we discovered a new Kral stealer, which we believe is part of the same malware family as the downloader due to certain code similarities. That file is the Kral downloader.

Passwords 123

Passwords Malware Encryption Cryptocurrency 123

SecureList

OCTOBER 29, 2024

Inside this content is an obfuscated PowerShell script that ultimately downloads the malicious payload. Payload: Lumma stealer Initially, the malicious PowerShell script downloaded and executed an archive with the Lumma stealer. One of the modules can also take screenshots.

Adware 124

Adware Malware Cryptocurrency Data collection 124

SecureList

APRIL 8, 2025

Instead of the description copied from GitHub, the visitor is presented with an imposing list of office applications complete with version numbers and “Download” buttons. io/download. Page for downloading the suspicious archive Clicking that button finally downloads a roughly seven-megabyte archive named vinstaller.zip.

Passwords 82

Passwords Cryptocurrency Antivirus Software 82

eSecurity Planet

OCTOBER 22, 2024

By pasting the code into the Windows Command Prompt, you unknowingly execute commands that download malicious software onto your system. Matanbuchus and XMRig: Used for cryptocurrency mining, these malware strains can slow down systems while surreptitiously utilizing computing resources.

Scams 123

Scams Malware Phishing Social Engineering 123

Zero Day

JUNE 26, 2025

Also:  Best data removal services: Delete yourself from the internet If you have any cryptocurrency, you were probably encouraged to write down a seed phrase when you created your wallet and store it in a secure, offline location. While writing the phrase down is optimal, many people take a screenshot to remember it later.

Password Management 124

Password Management Small Business Passwords Artificial Intelligence 124

Malwarebytes

MAY 1, 2025

These messages frequently warn recipients about a problem with their accounts, like a password that needs to be updated, a policy change that requires a login, or a delayed package that has to be approved. In reality, those usernames and passwords are delivered directly to cybercriminals on the other side of the website.

Small Business 83

Small Business Cybersecurity Scams Passwords 83

SecureList

NOVEMBER 29, 2024

The group’s victims according to its DLS as a percentage of all groups’ published victims during the period under review ( download ) Number of new modifications In Q3 2024, we detected three new ransomware families and 2109 new variants, or half of what we discovered in the previous reporting period. 2 China 0.95 3 Libya 0.68

Mobile 105

Mobile Adware Ransomware Malware 105

SecureList

APRIL 29, 2025

Such accounts are often configured to have the same username as the password, which is a bad practice, making it easy for the attackers to exploit them. Suspicious authorized key After the initial SSH compromise, the threat actor downloads the first-stage script, tddwrt7s. This artifact is responsible for downloading the dota.

System Administration 90

System Administration Authentication Passwords Cryptocurrency 90

SecureWorld News

FEBRUARY 14, 2025

But Machin warns: "Clicking on a seemingly innocent link within an e-card can lead to downloading malware or being redirected to a phishing website designed to capture personal or company details." Use secure payment methods Avoid wire transfers, prepaid gift cards, or cryptocurrency for online purchases for Valentine's Day.

Scams 83

Scams Cybercrime Phishing Social Engineering 83

SecureList

FEBRUARY 5, 2025

The infected apps in Google Play had been downloaded more than 242,000 times. When initialized, it downloads a JSON configuration file from a GitLab URL embedded in the malware body. Images that match the search criteria are downloaded from the device in three steps. Suspicious SDK being called Spark is written in Java.

Malware 140

Malware Encryption Mobile Cryptocurrency 140

Malwarebytes

FEBRUARY 19, 2025

The latest, major threats to Mac computers can steal passwords and credit card details with delicate precision, targeting victims across the internet based on their device, location, and operating system. Some info stealers dont even require an additional stepthey can take cryptocurrency directly from a victims online accounts.

Malware 123

Malware Software Passwords Cryptocurrency 123

SecureList

DECEMBER 16, 2024

The number of unique threads about drainers on the dark web ( download ) In fact, in 2024, Telegram channels were a prominent hub for drainer-related activity. Stealers and drainers to see a rise in their promotion as services on the dark web Cryptocurrencies have been a prime target for cybercriminals for years.

Marketing 104

Marketing Cryptocurrency Data breaches Malware 104

IT Security Guru

MARCH 13, 2025

Cryptocurrency isnt just a buzzword anymore. By December 2024, the number of global cryptocurrency owners reached approximately 659 million, marking a 13% increase from January 2024. Hackers often eye anything thats frequently connected, so staying sharp with two-factor authentication and strong passwords is a must.

Cryptocurrency 62

Cryptocurrency Internet Internet Risk 62

SecureList

NOVEMBER 29, 2024

The malware, which received commands via the Dropbox cloud service, was used to download additional payloads. These documents are in fact password-protected ZIP or other archives. All the active sub-campaigns host the initial downloader on Dropbox. One of these was an implant called GrewApacha, used by APT31 since at least 2021.

Energy and Utilities 99

Energy and Utilities Ransomware Malware Government 99

SecureList

MARCH 25, 2025

Cryptocurrency phishing saw an 83.37% year-over-year increase in 2024, with 10.7 Distribution of financial phishing pages by category, 2024 ( download ) Online shopping scams The most popular online brand target for fraudsters was Amazon (33.19%). million detections compared to 5.84 million in 2023. on the previous year.

Phishing 73

Phishing Banking Scams Mobile 73

Penetration Testing

JULY 9, 2025

The malware’s infection chains and system persistence methods echo those used in DPRK’s cryptocurrency-stealing operations—albeit now adapted and deployed globally by Russia-affiliated threat actors. That’s when the malware begins to harvest sensitive data—and lay the groundwork for persistent access.

Malware 77

Malware Surveillance InfoSec Penetration Testing 77

SecureList

OCTOBER 23, 2024

On the surface, this website resembled a professionally designed product page for a decentralized finance (DeFi) NFT-based (non-fungible token) multiplayer online battle arena (MOBA) tank game, inviting users to download a trial version. But that was just a disguise. As big computer games fans ourselves, we immediately wanted to try it.

Engineering 145

Engineering Accountability Social Engineering Cryptocurrency 145

SecureList

APRIL 21, 2025

Fake Telegram channels for pirated content and cryptocurrencies. The attackers create Telegram channels with names containing keywords related to cryptocurrencies or pirated content, such as software, movies, etc. txt file contains aBase64-encoded PowerShell script that then downloads and runs theLumma Stealer. shop/firefire[.]png.

Malware 79

Malware Cryptocurrency Software Antivirus 79

SecureList

MAY 28, 2025

2022: From zero to threat Zanubis was first observed in the wild around August 2022, initially targeting financial institutions and cryptocurrency exchange users in Peru. Fake screen designed to verify invoices Meanwhile, for the bank, victims are enticed to download the malware under the guise of instructions from a fake bank advisor.

Banking 101

Banking Malware Encryption Energy and Utilities 101

Security Boulevard

MARCH 24, 2025

Vulnerabilities Apples Passwords app was vulnerable to phishing attacks for nearly three months after launch 9to5Mac Mysk security researchers first discovered this vulnerability after noticing the Passwords app had connected to 130 different domains over regular (unencrypted) HTTP.

Surveillance 75

Surveillance Telecommunications Spyware Data breaches 75

Malwarebytes

JUNE 9, 2025

Secure your accounts Change the passwords on all your online accounts, especially financial and email accounts. Use strong, unique passwords and enable multi-factor authentication (MFA) wherever possible. Never fall for people that claim they can recover payments in cryptocurrencies. These are known as recovery scams.

Scams 69

Scams Banking Artificial Intelligence Accountability 69

SecureList

FEBRUARY 21, 2025

The Lumma stealer gathers system and installed software information from the compromised devices, as well as sensitive data such as cookies, usernames, passwords, banking card numbers, and connection logs. Command servers This sample contains encoded and encrypted addresses of command servers. averageorganicfallfaw[.]shop

Phishing 83

Phishing Encryption Banking Malware 83

SecureList

DECEMBER 19, 2024

Over the past few years, the Lazarus group has been distributing its malicious software by exploiting fake job opportunities targeting employees in various industries, including defense, aerospace, cryptocurrency, and other global sectors. It is unclear exactly how the files were downloaded by the victims.

Malware 138

Malware Encryption Software Cryptocurrency 138

Digital Shadows

NOVEMBER 26, 2024

Implementing strong password policies, enabling Network Level Authentication (NLA), and configuring rate limiting can significantly reduce the risk of unauthorized access. It maintains its dominance by posing as a fake browser update, targeting high-ranking websites to appear legitimate and ultimately increasing download success rates.

Cyber Attacks 59

Cyber Attacks Phishing Ransomware Cyber Insurance 59

Graham Cluley

JUNE 12, 2025

Skip to content Graham Cluley Cybersecurity and AI keynote speaker BOOK ME Speaking · Writing · Podcasts · Video · Contact · About · Games 🔍 ⁠This weeks sponsor: Proton Pass - Easily create unique, secure passwords. Sync across unlimited devices. Integrated 2FA.

Malware 61

Malware Cryptocurrency Accountability Advertising 61

Webroot

OCTOBER 31, 2024

Throughout 2024, RedLine demonstrated its effectiveness by stealing over 170 million passwords in just a six-month period, highlighting its massive impact. The malware’s capabilities expanded to include stealing not only passwords but also credit card details, cryptocurrency wallets, and browser data.

Malware 117

Malware Ransomware Healthcare Encryption 117

Malwarebytes

FEBRUARY 20, 2025

ACRStealer is often distributed via the tried and tested method of download as cracks and keygens , which are used in software piracy. With the capture of usernames and passwords from web browsers, attackers can access your accounts, including email, social media, and financial services. ID-number}.

Identity Theft 87

Identity Theft Malware Financial Services Antivirus 87

eSecurity Planet

FEBRUARY 17, 2025

Plus, it stops unsafe downloads in Microsoft Edge and other supported apps. Users looking for extra tight security: It was reported that Microsoft Defender missed a type of malware that hijacked a victim’s Google account in the Chrome browser and stole over $24,000 in cryptocurrency. It warns you about phishing attempts.

Antivirus 67

Antivirus Identity Theft VPN Spyware 67

Security Affairs

MARCH 2, 2025

from Bybit, it is the largest cryptocurrency heist ever International Press Newsletter Cybercrime Mining Company NioCorp Loses $500,000 in BEC Hack Inside Black Bastas Exposed Internal Chat Logs: A Firsthand Look The Bleeding Edge of Phishing: darcula-suite 3.0

Cybercrime 61

Cybercrime Hacking Ransomware Cryptocurrency 61

Krebs on Security

FEBRUARY 28, 2024

Malicious hackers are targeting people in the cryptocurrency space in attacks that start with a link added to the target’s calendar at Calendly , a popular application for scheduling appointments and meetings. The attackers impersonate established cryptocurrency investors and ask to schedule a video conference call.

Malware 348

Malware Cryptocurrency Software Scams 348

Malwarebytes

SEPTEMBER 20, 2023

The dangers of cryptocurrency phishing are back in the news, after tech investor Mark Cuban was reported to have lost around $870k via a phishing link. As for the specifics of the phishing tactic deployed, Cuban is reported as saying he may have downloaded a bogus wallet tool via a search engine query.

Cryptocurrency 124

Cryptocurrency Scams Phishing Engineering 124

CyberSecurity Insiders

NOVEMBER 26, 2021

Google, the business subsidiary of tech giant Alphabet Inc, has released a report saying that the compromised cloud accounts were leading hackers to mine cryptocurrency that could prove as a double threat to customers. The post Compromised cloud accounts leading to Cryptocurrency mining appeared first on Cybersecurity Insiders.

Cryptocurrency 131

Cryptocurrency Accountability Passwords Software 131

Approachable Cyber Threats

MARCH 1, 2022

Our 2022 update to our famous password table that’s been shared across the news, internet, social media, and organizations worldwide. Looking for a high resolution version to download? Download the table now. Password Strength in 2022 It’s been two years since we first shared our (now famous) password table.

Passwords 145

Passwords Software Internet Internet 145

Security Affairs

APRIL 18, 2021

Threat actors targeted are exploiting the ProxyLogon vulnerabilities in Microsoft Exchange servers to deploy Monero cryptocurrency miners. “The.zip file is not a compressed archive, but a batch script that then invokes the built-into-Windows certutil.exe program to download two additional files, win_s.zip and win_d.zip.”

Cryptocurrency 123

Cryptocurrency Hacking Passwords Information Security 123

Security Affairs

SEPTEMBER 14, 2023

Researchers discovered a free download manager site that has been compromised to serve Linux malware to users for more than three years. Researchers from Kaspersky discovered a free download manager site that has been compromised to serve Linux malware. org subdomain. org subdomain. ” reported Kasperksy. freedownloadmanager[.]org

Malware 134

Malware Software Cryptocurrency Hacking 134

Malwarebytes

SEPTEMBER 18, 2023

In a public announcement , Free Download Manager has acknowledged that a specific web page on its site was compromised by a Ukrainian cybercrime group, exploiting it to distribute malware. Visitors from these IP addresses were always given the correct download link. of our visitors might have encountered this issue.”

Malware 116

Malware Cryptocurrency Cybercrime Software 116