Cryptocurrency, Encryption and Telecommunications

Security Affairs newsletter Round 498 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

NOVEMBER 17, 2024

CISA adds Palo Alto Networks Expedition bugs to its Known Exploited Vulnerabilities catalog Hackers target critical flaw CVE-2024-10914 in EOL D-Link NAS Devices China-linked threat actors compromised multiple telecos and spied on a limited number of U.S.

Cryptocurrency

Cryptocurrency Hacking Malware Telecommunications

Operation SyncHole: Lazarus APT goes back to the well

SecureList

APRIL 23, 2025

The campaign, dubbed “Operation SyncHole”, has impacted at least six organizations in South Korea’s software, IT, financial, semiconductor manufacturing, and telecommunications industries, and we are confident that many more companies have actually been compromised. All traffic is encrypted with the generated AES key.

Malware

Malware Software Encryption Internet

The Crypto Game of Lazarus APT: Investors vs. Zero-days

SecureList

OCTOBER 23, 2024

Attackers’ accounts on X One of the tactics used by the attackers was to contact influential figures in the cryptocurrency space to get them to promote their malicious website and most likely to also compromise them.

Engineering

Engineering Accountability Social Engineering Cryptocurrency

Security Affairs newsletter Round 516 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

MARCH 23, 2025

Tornado Cash Delisting LayerX Labs Identifies New Phishing Campaign Targeted at Mac Users Malware Jaguar Land Rover Breached by HELLCAT Ransomware Group Using Its Infostealer PlaybookThen a Second Hacker Strikes ClearFakes New Widespread Variant: Increased Web3 Exploitation for Malware Delivery StilachiRAT analysis: From system reconnaissance to cryptocurrency (..)

Spyware

Spyware Data breaches Cybercrime Banking

Happy 13th Birthday, KrebsOnSecurity!

Krebs on Security

DECEMBER 29, 2022

You just knew 2022 was going to be The Year of Crypto Grift when two of the world’s most popular antivirus makers — Norton and Avira — kicked things off by installing cryptocurrency mining programs on customer computers. The now-defunct and always phony cryptocurrency trading platform xtb-market[.]com,

Cryptocurrency

Cryptocurrency Cybercrime Computers and Electronics Scams

What Is Encryption? Definition, How it Works, & Examples

eSecurity Planet

DECEMBER 7, 2023

Encryption uses mathematical algorithms to transform and encode data so that only authorized parties can access it. What Encryption Is and How It Relates to Cryptology The science of cryptography studies codes, how to create them, and how to solve them. How Does Encryption Process Data? How Does Encryption Process Data?

Encryption

Encryption Passwords IoT Firewall

Multiple malware families delivered exploiting GeoServer GeoTools flaw CVE-2024-36401

Security Affairs

SEPTEMBER 8, 2024

Researchers at Fortinet FortiGuard Labs reported that threat actors exploited the recently disclosed OSGeo GeoServer GeoTools flaw ( CVE-2024-36401 ) to deliver various malware families, including cryptocurrency miners, bots, and the SideWalk backdoor. government entities in Belgium, and telecommunications companies in Thailand and Brazil.

Malware

Malware Telecommunications Encryption DDOS

800 arrests after police dupe crime groups into using backdoored phones

Malwarebytes

JUNE 8, 2021

An international operation that monitored an encrypted device company under control of the Federal Bureau of Investigation (FBI) and the Australian Federal Police (AFP) has led to a massive, coordinated string by law enforcement in a several countries. Providing a service after taking down the real enablers. Why stop now?

Encryption

Encryption Telecommunications Cryptocurrency Advertising

HIVE Ransomware Shut Down by International Law Enforcement

SecureWorld News

JANUARY 27, 2023

The United States Department of Justice (DOJ) recently announced that it has successfully taken down the HIVE ransomware network, an international cybercrime ring that had been responsible for stealing and encrypting the data of more than 1,500 companies from 80 different countries.

Ransomware

Ransomware Cybercrime Cryptocurrency Telecommunications

Octo Tempest cybercriminal group is "a growing concern"—Microsoft

Malwarebytes

OCTOBER 27, 2023

In a security blog about Octo Tempest Microsoft states: “Octo Tempest monetized their intrusions in 2022 by selling SIM swaps to other criminals and performing account takeovers of high-net-worth individuals to steal their cryptocurrency.” Stop malicious encryption.

Social Engineering

Social Engineering Engineering Ransomware Backups

Medical research data Advarra stolen after SIM swap

Malwarebytes

NOVEMBER 6, 2023

In 2022, Octo Tempest began selling SIM swaps to other criminals and performing account takeovers of high-net-worth individuals in order to steal their cryptocurrency. Stop malicious encryption. Make it harder for intruders to operate inside your organization by segmenting networks and assigning access rights prudently.

Ransomware

Ransomware Backups Accountability Social Engineering

Ransomware world in 2021: who, how and why

SecureList

MAY 12, 2021

To ensure that their ability to restore encrypted files would never be questioned, they cultivated an online presence, wrote press releases and generally made sure their name would be known to all potential victims. They interact with each other through internet handles, paying for services with cryptocurrency.

Ransomware

Ransomware Encryption Malware Cybercrime

Nvidia, the ransomware breach with some plot twists

Malwarebytes

MARCH 3, 2022

The LAPSUS$ group is a relative newcomer to the ransomware scene, but it has made a name for itself by bringing down big targets like Impresa, the largest media conglomerate in Portugal, Brazil’s Ministry of Health, and Brazilian telecommunications operator Claro. Image courtesy of The Verge. Hacked back?

Ransomware

Ransomware Password Management Passwords Hacking

Ransomware review: March 2023

Malwarebytes

MARCH 8, 2023

Among its victims are Tonga Communications Corporation (TCC), a state-owned telecommunications company, and oil and gas regulator company PetroChina Indonesia. The agencies have reason to believe cryptocurrency ransom payments from such operations support DPRK's "national-level priorities and objectives." Stop malicious encryption.

Ransomware

Ransomware Healthcare Government Education

Caught in the Act: StealC, the Cyber Thief in C

Security Boulevard

JULY 15, 2024

StealC is an information stealer capable of exfiltrating a variety of confidential information, including passwords, emails, and cryptocurrency wallets. Can be used to perform cryptographic operations, potentially aiding in encrypting/decrypting data without raising suspicion. dll FreeBL cryptographic library from Mozilla.

Malware

Malware Encryption Telecommunications DNS

Advanced threat predictions for 2024

SecureList

NOVEMBER 14, 2023

However, instead of encrypting the data, it purposefully destroyed it in the affected systems. It determined that the injection point was situated within the connection between two Egyptian telecommunication providers. The malware posed as ransomware, demanding money from the victims for “decrypting” their data.

Hacking

Hacking Malware Energy and Utilities Government

The Surge of Double Extortion Ransomware Attacks

Pen Test

OCTOBER 10, 2023

A particularly insidious new trend is the rise of "double extortion" attacks, in which cybercriminals not only encrypt an organization's data but also threaten to publicly release sensitive stolen information if the ransom is not paid. CryptoLocker, in 2013, pioneered the use of strong encryption algorithms.

Ransomware

Ransomware Backups Insurance Cyber Insurance

DDoS attacks in Q1 2021

SecureList

MAY 10, 2021

Botnet operators use infected devices to carry out DDoS attacks or mine cryptocurrency. At the same time, ransomware operators, having already started to steal victims’ data before encryption, also turned their eyes on DDoS as an extortion tool. Data for Q1 2020 is taken as 100% ( download ). Conclusion.

DDOS

DDOS Cryptocurrency Media Marketing

Cyber Security Informer

Security Affairs newsletter Round 498 by Pierluigi Paganini – INTERNATIONAL EDITION

Operation SyncHole: Lazarus APT goes back to the well

Trending Sources

The Crypto Game of Lazarus APT: Investors vs. Zero-days

Security Affairs newsletter Round 516 by Pierluigi Paganini – INTERNATIONAL EDITION

Happy 13th Birthday, KrebsOnSecurity!

What Is Encryption? Definition, How it Works, & Examples

Multiple malware families delivered exploiting GeoServer GeoTools flaw CVE-2024-36401

800 arrests after police dupe crime groups into using backdoored phones

HIVE Ransomware Shut Down by International Law Enforcement

Octo Tempest cybercriminal group is "a growing concern"—Microsoft

Medical research data Advarra stolen after SIM swap

Ransomware world in 2021: who, how and why

Nvidia, the ransomware breach with some plot twists

Ransomware review: March 2023

Caught in the Act: StealC, the Cyber Thief in C

Advanced threat predictions for 2024

The Surge of Double Extortion Ransomware Attacks

DDoS attacks in Q1 2021

Stay Connected