Malwarebytes

MARCH 3, 2022

The main attack vector is phishing which the group uses to gain a foothold before moving on to breach the network from there. In the case of the Nvidia breach, LAPSUS$ claimed it was mainly after the removal of the lite hast rate (LHR) limitations in all GeForce 30 series firmware—apparently all to help out gamers and the mining community.

Ransomware 82

Ransomware Password Management Passwords Hacking 82

Security Affairs

NOVEMBER 16, 2018

The attackers’ research vector is now shifting from software vulnerabilities to those located at the hardware and firmware level. In 2017-2018 hackers’ interest in cryptocurrency exchanges ramped up. Thus, 60% of the total amount was stolen from Coincheck , a Japanese cryptocurrency exchange. Attacks on Crypto.

Cybercrime 83

Cybercrime Hacking Banking Phishing 83

Security Affairs

AUGUST 25, 2019

Intel addresses High-Severity flaws in NUC Firmware and other tools. 5 Common Phishing Attacks and How to Avoid Them? Employees abused systems at Ukrainian nuclear power plant to mine cryptocurrency. Bluetana App allows detecting Bluetooth card skimmers in just 3 seconds. Hacker publicly releases Jailbreak for iOS version 12.4.

Small Business 49

Small Business Spyware Data breaches Advertising 49

SecureList

MAY 27, 2022

MoonBounce: the dark side of UEFI firmware. Late last year, we became aware of a UEFI firmware-level compromise through logs from our firmware scanner (integrated into Kaspersky products at the start of 2019). The campaign has two goals: gathering information and stealing cryptocurrency. Targeted attacks.

Phishing 110

Phishing Spyware Firmware Malware 110

SecureList

MARCH 1, 2021

The manufacturer of the mobile device preloads an adware application or a component with the firmware. It stole credentials for various financial systems including online banking applications and cryptocurrency wallets in Brazil. Another example of the partnership is so-called preinstall. variant is a native ELF executable.

Mobile 138

Mobile Malware Adware Banking 138

eSecurity Planet

FEBRUARY 16, 2021

Attackers often use botnets to send out spam or phishing campaigns to carry out distributed denial of service (DDoS) attacks. CISA reported that LokiBot “employs Trojan malware to steal sensitive information such as usernames, passwords, cryptocurrency wallets, and other credentials.” Phishing and Social Engineering.

Malware 104

Malware Adware Spyware Antivirus 104

SecureList

APRIL 27, 2022

We found overlaps in the infrastructure used by a tunneling tool used by the actor and several possible phishing websites set up within the above time frame. This application contains a legitimate program called DeFi Wallet, that saves and manages a cryptocurrency wallet, but also implants a malicious file when executed.

Malware 135

Malware Firmware Government Phishing 135

SecureList

NOVEMBER 18, 2022

In July, we reported a rootkit that we found in modified Unified Extensible Firmware Interface (UEFI) firmware, the code that loads and initiates the boot process when the computer is turned on. First, the threat actor sends a spear-phishing email to the potential victim with a lure to download additional documents.

Malware 105

Malware Computers and Electronics Adware Cryptocurrency 105

eSecurity Planet

JULY 25, 2023

Phishing attacks: Deceptive techniques, such as fraudulent emails or websites, trick individuals into revealing sensitive information like credit card and payment information, passwords, or login credentials. Cryptojacking : Unauthorized use of a computer’s processing power to mine cryptocurrencies.

Software 98

Software Data breaches DDOS Ransomware 98

eSecurity Planet

OCTOBER 21, 2022

The method of infection can vary from attack to attack and can include social engineering strategies, such as phishing and email spoofing , or a fraudulent website masquerading as legitimate, among others. This note will provide instructions on how to pay the ransom, usually through difficult-to-trace means like cryptocurrency.

Malware 75

Malware Adware Spyware Antivirus 75

eSecurity Planet

DECEMBER 7, 2023

Phishing and social engineering are common ways threat actors can obtain a symmetric key, but cryptanalysis and brute force attempts can also break symmetric key ciphers. This feature can be included in firmware, in operating systems, or as a feature in open-source, shareware, or commercial applications.

Encryption 108

Encryption Authentication Passwords Password Management 108

SecureList

JULY 28, 2022

In late 2021, we encountered a malicious DXE driver incorporated into several UEFI firmware images that were flagged by our firmware scanner (integrated into Kaspersky products at the start of 2019). Based on our telemetry, the actor initiated the attack by sending a spear-phishing email containing a macro-embedded Word document.

Malware 136

Malware Firmware Phishing Cryptocurrency 136

SecureList

NOVEMBER 14, 2023

In May, Ars Technica reported that BootGuard private keys had been stolen following a ransomware attack on Micro-Star International (MSI) in March this year (firmware on PCs with Intel chips and BootGuard enabled will only run if it is digitally signed using the appropriate keys).

Hacking 110

Hacking Energy and Utilities Media Malware 110