Security Affairs

NOVEMBER 26, 2024

Banshee Stealer, a MacOS Malware-as-a-Service, shut down after its source code leaked online. In August 2024, Russian hackers promoted BANSHEE Stealer, a macOS malware targeting x86_64 and ARM64, capable of stealing browser data, crypto wallets, and more. The code is now available on GitHub. concludes the report.

Malware 144

Malware Cryptocurrency Encryption Passwords 144

Security Affairs

APRIL 20, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malicious NPM Packages Targeting PayPal Users New Malware Variant Identified: ResolverRAT Enters the Maze Nice chatting with you: what connects cheap Android smartphones, WhatsApp and cryptocurrency theft?

Malware 78

Malware Cryptocurrency Engineering Encryption 78

Security Affairs

JANUARY 10, 2025

In August 2024, Russian crooks advertised a macOS malware called BANSHEE Stealer that can target both x86_64 and ARM64 architectures. The malware authors claimed it can steal a broad range of data from compromised systems, including browser data, cryptocurrency wallets, and around 100 browser extensions.

Malware 122

Malware Advertising Antivirus Cybercrime 122

SecureList

FEBRUARY 5, 2025

In March 2023, researchers at ESET discovered malware implants embedded into various messaging app mods. The campaign, which targeted Android and Windows users, saw the malware spread through unofficial sources. The campaign, which targeted Android and Windows users, saw the malware spread through unofficial sources.

Malware 144

Malware Encryption Mobile Cryptocurrency 144

eSecurity Planet

MAY 5, 2025

A notorious hacker group known as Golden Chickens is back in the spotlight after cybersecurity researchers discovered two new digital weapons designed to steal passwords, watch every word you type, and target your cryptocurrency. But unlike most modern malware, TerraLogger doesnt send the stolen data anywhere at least not yet.

Passwords 68

Passwords Malware Cryptocurrency Cybercrime 68

Security Affairs

MARCH 23, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Decrypting Encrypted files from Akira Ransomware (Linux/ESXI variant 2024) using a bunch of GPUs Jaguar Land Rover Breached by HELLCAT Ransomware Group Using Its Infostealer PlaybookThen a Second Hacker Strikes ClearFakes (..)

Malware 66

Malware Threat Detection Cryptocurrency Ransomware 66

Krebs on Security

SEPTEMBER 5, 2023

In November 2022, the password manager service LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. Taylor Monahan is founder and CEO of MetaMask , a popular software cryptocurrency wallet used to interact with the Ethereum blockchain.

Cryptocurrency 361

Cryptocurrency Passwords Encryption Accountability 361

Security Affairs

NOVEMBER 17, 2024

Agency Warns Employees About Phone Use Amid Ongoing China Hack APT Actors Embed Malware within macOS Flutter Applications The Botnet is Back: SSC STRIKE Team Uncovers a Renewed Cyber Threat Iranian “Dream Job” Campaign 11.24

Cryptocurrency 112

Cryptocurrency Malware Hacking Ransomware 112

Security Affairs

MAY 4, 2025

“The ransomware either encrypted data from victims computer networks or claimed to take that data from the networks. Black Kingdom ransomware was first spotted in late February 2020 by security researcher GrujaRS , the ransomware encrypts files and appends the.DEMON extension to filenames of the encrypted documents.

Ransomware 115

Ransomware Encryption VPN Malware 115

Security Affairs

APRIL 26, 2024

As cryptocurrencies have grown in popularity, there has also been growing concern about cybercrime involvement in this sector Cryptocurrencies have revolutionized the financial world, offering new investment opportunities and decentralized transactions.

Cryptocurrency 131

Cryptocurrency Cybercrime Education Scams 131

Security Affairs

MARCH 18, 2025

dll module revealed that the malware supports sophisticated functionalities to steal credentials from browsers, digital wallet data, clipboard content, and system information. Microsoft has yet to attribute the malware to a specific threat actor or geolocation, however, the IT giant believes that it was not widespread at this time.

Malware 113

Malware Cryptocurrency Encryption Passwords 113

SecureList

OCTOBER 29, 2024

Attackers are increasingly distributing malware through a rather unusual method: a fake CAPTCHA as the initial infection vector. As with the previous stage, the victim doesn’t always encounter malware. Researchers from various companies reported this campaign in August and September.

Adware 129

Adware Malware Cryptocurrency Password Management 129

Security Affairs

OCTOBER 13, 2024

The Mexican Drug Cartels Want You Casio: Notice of Partial Service Outage and Information Leak Caused by Ransomware Attack He founded a “startup” to access sanctioned Russian websites: the cyber police of Khmelnytskyi region exposed the hacker Hacked ‘AI Girlfriend’ Data Shows Prompts Describing Child Sexual Abuse Malware Over 300,000!

Data breaches 118

Data breaches Cryptocurrency Cybercrime Artificial Intelligence 118

Security Boulevard

SEPTEMBER 22, 2021

Cryptocurrency is best thought of as a digital currency that only exists on computers. Transaction data and the ledger are encrypted using cryptography. Cryptocurrency Main Features. Cryptocurrency Main Features. Let’s dig into how cryptocurrency works. Cryptocurrencies are decentralized and distributed.

Cryptocurrency 115

Cryptocurrency Banking Encryption Education 115

Security Affairs

AUGUST 3, 2020

million worth of cryptocurrency from cryptocurrency investment accounts. . Hackers stole roughly €1.183 million worth of cryptocurrency from investment accounts of 2gether, 26.79% of overall funds stored by the accounts. worth of cryptocurrency from 2gether appeared first on Security Affairs. Pierluigi Paganini.

Cryptocurrency 144

Cryptocurrency Accountability Hacking Advertising 144

SecureList

JUNE 12, 2023

Introduction Stealing cryptocurrencies is nothing new. Since then, stealing cryptocurrencies has continued to occupy cybercriminals. One of the latest additions to this phenomenon is the multi-stage DoubleFinger loader delivering a cryptocurrency stealer. For example, the Mt. recovery phrases). recovery phrases).

Cryptocurrency 120

Cryptocurrency Encryption Malware Ransomware 120

SecureList

APRIL 23, 2025

We found that the malware was running in the memory of a legitimate SyncHost. Although the exact method by which Cross EX was exploited to deliver malware remains unclear, we believe that the attackers escalated their privileges during the exploitation process as we confirmed the process was executed with high integrity level in most cases.

Malware 144

Malware Software Encryption Internet 144

SecureList

JANUARY 13, 2022

The group seems to work more like a unit within a larger formation of Lazarus attackers, with the ability to tap into its vast resources: be it malware implants, exploits, or infrastructure. Also, we have previously reported on cryptocurrency-focused BlueNoroff attacks. Malware infection.

Cryptocurrency 145

Cryptocurrency Malware Accountability Banking 145

Trend Micro

APRIL 23, 2023

We observed cryptocurrency and information stealer ViperSoftX evading initial loader detection and making its lure more believable by making the initial package loader via cracks, keygens, activators, and packers non-malicious.

Encryption 129

Encryption Cryptocurrency Cyber threats Malware 129

Security Affairs

OCTOBER 4, 2024

perfctl malware targets misconfigured Linux servers to deploy cryptocurrency miners and proxyjacking software in an ongoing campaign. Aqua Nautilus researchers shed light on a Linux malware, dubbed perfctl malware, that over the past 3-4 years targeted misconfigured Linux servers. ” reads the report.

Malware 136

Malware Cryptocurrency Encryption Software 136

Security Boulevard

DECEMBER 16, 2024

IntroductionIn October 2024, Zscaler ThreatLabz came across malware samples that use a network communication protocol that is similar to RisePro. However, unlike RisePro which has primarily been used for information stealing, this new malware specializes in downloading and executing second-stage payloads. exeapimonitor-x64.exex32dbg.exex64dbg.exex96dbg.execheatengine.exescylla.execharles.execheatengine-x86_64.exereclass.net.exeThese

Malware 97

Malware Cryptocurrency Encryption Software 97

Security Affairs

AUGUST 19, 2020

According to the Guardicore Labs researchers, the malware already infected over 500 servers in the U.S. ” The botnet’s P2P communication is encrypted using AES for symmetric encryption and the Diffie-Hellman protocol for key exchange. and Europe belonging to universities and a railway company.

Cryptocurrency 145

Cryptocurrency Malware Advertising Encryption 145

Security Affairs

JANUARY 25, 2021

Indian cryptocurrency exchange Buyucoin suffered a security incident, threat actors leaked sensitive data of 325K users. A new incident involving a cryptocurrency exchange made the headlines, the India-based cryptocurrency exchange suffered a security incident, threat actors leaked sensitive data of 325K users on the Dark Web.

Cryptocurrency 144

Cryptocurrency Hacking InfoSec Data breaches 144

Security Affairs

AUGUST 15, 2022

Security researchers from Cleafy reported that the SOVA Android banking malware is back and is rapidly evolving. The SOVA Android banking trojan was improved, it has a new ransomware feature that encrypts files on Android devices, Cleafy researchers report. The malware has been active since 2021 and evolves over time.

Encryption 98

Encryption Malware Banking Ransomware 98

SecureList

APRIL 25, 2025

While external malware now faces greater permission restrictions, pre-installed malware within system partitions has become impossible to remove. The modular architecture of the malware gives attackers virtually unlimited control over the system, enabling them to tailor functionality to specific applications.

Malware 84

Malware Cryptocurrency Firmware Accountability 84

Security Affairs

AUGUST 16, 2024

Russian cybercriminals are advertising a new macOS malware called Banshee Stealer with a monthly subscription price of $3,000. In August 2024, Russian crooks advertised a macOS malware called BANSHEE Stealer that can target both x86_64 and ARM64 architectures. ” concludes the report. ” concludes the report.

Malware 131

Malware Cryptocurrency Advertising Architecture 131

SecureList

MARCH 5, 2025

They started distributing malware under the guise of restriction bypass programs and injecting malicious code into existing programs. Most active of all have been schemes for distributing popular stealers, remote access tools (RATs), Trojans that provide hidden remote access, and miners that harness computing power to mine cryptocurrency.

Malware 117

Malware Cryptocurrency Antivirus Technology 117

Security Affairs

JANUARY 12, 2022

Experts warn of a new variant of the RedLine malware that is distributed via emails as fake COVID-19 Omicron stat counter app as a lure. The malicious code can also act as a first-stage malware. Upon executing the Omicron Stats.exe, it unpacks resources encrypted with triple DES using ciphermode ECB and padding mode PKCS7.

Malware 145

Malware Manufacturing Cryptocurrency Cybercrime 145

SecureList

MARCH 31, 2022

For the Lazarus threat actor, financial gain is one of the prime motivations, with a particular emphasis on the cryptocurrency business. This application contains a legitimate program called DeFi Wallet that saves and manages a cryptocurrency wallet, but also implants a malicious file when executed. Backdoor creation.

Malware 145

Malware Encryption Cryptocurrency Architecture 145

Security Affairs

APRIL 19, 2021

XCSSET, a Mac malware targeting Xcode developers, was now re-engineered and employed in a campaign aimed at Apple’s new M1 chips. Experts from Trend Micro have uncovered a Mac malware campaign targeting Xcode developers that employed a re-engineered version of the XCSSET malware to support Apple’s new M1 chips.

Malware 139

Malware Cryptocurrency Architecture Engineering 139

Security Affairs

NOVEMBER 5, 2023

North Korea-linked Lazarus group is using new KandyKorn macOS Malware in attacks against blockchain engineers. North Korea-linked Lazarus APT group were spotted using new KandyKorn macOS malware in attacks against blockchain engineers, reported Elastic Security Labs. Stage 1 (Dropper) – testSpeed.py

Engineering 131

Engineering Malware Cryptocurrency Encryption 131

The Last Watchdog

DECEMBER 18, 2024

Quantum computing advances are making traditional encryption obsolete, and adversaries are stockpiling data for future decryption. FIPS-203 enables legal PQC deployment, prompting CISOs to overhaul encryption strategies. While fully agentic AI malware remains years away, the industry must prepare now.

Risk 173

Risk Threat Detection Technology Phishing 173

Security Affairs

APRIL 13, 2024

Researchers warn threat actors are manipulating GitHub search results to target developers with persistent malware. Checkmarx researchers reported that t hreat actors are manipulating GitHub search results to deliver persistent malware to developers systems. The archive contained an executable named feedbackAPI.exe.

Malware 143

Malware Cryptocurrency Encryption Hacking 143

Security Affairs

OCTOBER 20, 2021

A Cookie Theft malware was employed in phishing attacks against YouTube creators, Google’s Threat Analysis Group (TAG) warns. Financially motivated threat actors are using Cookie Theft malware in phishing attacks against YouTube creators since late 2019. The hackers used fake collaboration opportunities (i.e. Pierluigi Paganini.

Accountability 145

Accountability Malware Phishing Social Engineering 145

Krebs on Security

APRIL 20, 2023

Researchers at ESET say this job offer from a phony HSBC recruiter on LinkedIn was North Korean malware masquerading as a PDF file. Mandiant found the compromised 3CX software would download malware that sought out new instructions by consulting encrypted icon files hosted on GitHub. Image: Mandiant.

Malware 329

Malware Software Technology Accountability 329

Krebs on Security

DECEMBER 29, 2022

You just knew 2022 was going to be The Year of Crypto Grift when two of the world’s most popular antivirus makers — Norton and Avira — kicked things off by installing cryptocurrency mining programs on customer computers.

Cryptocurrency 308

Cryptocurrency Cybercrime Computers and Electronics Passwords 308

Security Affairs

NOVEMBER 19, 2024

Ptitsyn reportedly sold the ransomware on darknet forums under aliases like “derxan” and “zimmermanx,” enabling other criminals to encrypt data and demand ransom. Ptitsyn and his conspirators used a ransomware-as-a-service (RaaS) model to distribute their malware to a network of affiliates.

Cybercrime 117

Cybercrime Ransomware Healthcare Education 117