Cryptocurrency, Firmware and Social Engineering

The Crypto Game of Lazarus APT: Investors vs. Zero-days

SecureList

OCTOBER 23, 2024

List of in-the-wild 0-days caught and reported by Kaspersky over the past 10 years Social activity What never ceases to impress us is how much effort Lazarus APT puts into their social engineering campaigns.

Engineering

Engineering Accountability Social Engineering Cryptocurrency

Security Affairs newsletter Round 352

Security Affairs

FEBRUARY 6, 2022

LockBit ransomware gang claims to have stolen data from PayBito crypto exchange FBI issued a flash alert on Lockbit ransomware operation CISA orders federal agencies to fix actively exploited CVE-2022-21882 Windows flaw Over 500,000 people were impacted by a ransomware attack that hit Morley Ransomware attack hit Swissport International causing delays (..)

Cryptocurrency

Cryptocurrency Social Engineering Small Business Hacking

IT threat evolution Q1 2022

SecureList

MAY 27, 2022

MoonBounce: the dark side of UEFI firmware. Late last year, we became aware of a UEFI firmware-level compromise through logs from our firmware scanner (integrated into Kaspersky products at the start of 2019). The campaign has two goals: gathering information and stealing cryptocurrency. Targeted attacks.

Phishing

Phishing Spyware Firmware Malware

Security Affairs newsletter Round 450 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

DECEMBER 17, 2023

CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6

Data breaches

Data breaches Cybercrime Firewall Ransomware

APT trends report Q2 2022

SecureList

JULY 28, 2022

In late 2021, we encountered a malicious DXE driver incorporated into several UEFI firmware images that were flagged by our firmware scanner (integrated into Kaspersky products at the start of 2019). We discovered a highly active campaign, starting in March 2022, targeting stock and cryptocurrency investors in South Korea.

Malware

Malware Firmware Phishing Cryptocurrency

IT threat evolution Q3 2022

SecureList

NOVEMBER 18, 2022

In July, we reported a rootkit that we found in modified Unified Extensible Firmware Interface (UEFI) firmware, the code that loads and initiates the boot process when the computer is turned on. The group delivers its malware using social engineering. RedLine also comes with a cryptocurrency miner.

Malware

Malware Computers and Electronics Adware Cryptocurrency

Advanced threat predictions for 2025

SecureList

NOVEMBER 25, 2024

This is particularly notable in the case of Lazarus APT, specifically its attacks against cryptocurrency investors in May. Additionally, IoT devices frequently run on embedded systems with firmware that can be easily analyzed for vulnerabilities. The surge in mobile applications for controlling these devices adds another layer of risk.

IoT

IoT Energy and Utilities Phishing Cryptocurrency

Vulnerability Recap 9/2/24 – Big Companies Upgrade vs Risks

eSecurity Planet

SEPTEMBER 2, 2024

The fix: Upgrade to SonicWall’s firmware updates for Gen 5 (to version 5.9.2.14-13o), Threat actors exploited this weakness to incorporate devices into botnets, affecting devices running firmware versions up to FullImg-1023-1007-1011-1009. Victims of social engineering risked compromised systems and probable data theft.

Risk

Risk Firewall Firmware Engineering

Mobile malware evolution 2020

SecureList

MARCH 1, 2021

In their campaigns to infect mobile devices, cybercriminals always resort to social engineering tools, the most common of these passing a malicious application off as another, popular and desirable one. The manufacturer of the mobile device preloads an adware application or a component with the firmware. Trends of the year.

Mobile

Mobile Malware Adware Banking

Advanced threat predictions for 2024

SecureList

NOVEMBER 14, 2023

In May, Ars Technica reported that BootGuard private keys had been stolen following a ransomware attack on Micro-Star International (MSI) in March this year (firmware on PCs with Intel chips and BootGuard enabled will only run if it is digitally signed using the appropriate keys).

Hacking

Hacking Energy and Utilities Malware Government

What is Incident Response? Ultimate Guide + Templates

eSecurity Planet

JULY 25, 2023

Social engineering attacks: These involve manipulating individuals to gain unauthorized access to sensitive information or systems. Cryptojacking : Unauthorized use of a computer’s processing power to mine cryptocurrencies. Examples include baiting, pretexting, and impersonation.

Data breaches

Data breaches Software DDOS Ransomware

Types of Encryption, Methods & Use Cases

eSecurity Planet

DECEMBER 7, 2023

Phishing and social engineering are common ways threat actors can obtain a symmetric key, but cryptanalysis and brute force attempts can also break symmetric key ciphers. This feature can be included in firmware, in operating systems, or as a feature in open-source, shareware, or commercial applications.

Encryption

Encryption Authentication Passwords Password Management

Nastiest Malware 2024

Webroot

OCTOBER 31, 2024

The rise of AI-driven phishing and social engineering, increased targeting of critical infrastructure, and the emergence of more sophisticated fileless malware are all trends that have shaped the cybersecurity battlefield this year.

Malware

Malware Ransomware Healthcare Passwords

APT trends report Q1 2022

SecureList

APRIL 27, 2022

This application contains a legitimate program called DeFi Wallet, that saves and manages a cryptocurrency wallet, but also implants a malicious file when executed. In December we were made aware of a UEFI firmware-level compromise through logs from our firmware scanning technology. Other interesting discoveries. Final thoughts.

Malware

Malware Firmware Government Phishing

Types of Malware & Best Malware Protection Practices

eSecurity Planet

FEBRUARY 16, 2021

CISA reported that LokiBot “employs Trojan malware to steal sensitive information such as usernames, passwords, cryptocurrency wallets, and other credentials.” Phishing and Social Engineering. Firmware rootkit. Because trojans use social engineering for targeted attacks, educating users is imperative.

Malware

Malware Adware Spyware Antivirus

What is Malware? Definition, Purpose & Common Protections

eSecurity Planet

OCTOBER 21, 2022

The method of infection can vary from attack to attack and can include social engineering strategies, such as phishing and email spoofing , or a fraudulent website masquerading as legitimate, among others. This note will provide instructions on how to pay the ransom, usually through difficult-to-trace means like cryptocurrency.

Malware

Malware Adware Spyware Antivirus

Cyber Security Informer

The Crypto Game of Lazarus APT: Investors vs. Zero-days

Security Affairs newsletter Round 352

Trending Sources

IT threat evolution Q1 2022

Security Affairs newsletter Round 450 by Pierluigi Paganini – INTERNATIONAL EDITION

APT trends report Q2 2022

IT threat evolution Q3 2022

Advanced threat predictions for 2025

Vulnerability Recap 9/2/24 – Big Companies Upgrade vs Risks

Mobile malware evolution 2020

Advanced threat predictions for 2024

What is Incident Response? Ultimate Guide + Templates

Types of Encryption, Methods & Use Cases

Nastiest Malware 2024

APT trends report Q1 2022

Types of Malware & Best Malware Protection Practices

What is Malware? Definition, Purpose & Common Protections

Stay Connected