Security Affairs

MARCH 8, 2021

Experts warn of ongoing attacks targeting QNAP network-attached storage (NAS) devices to abuse them in cryptocurrency mining. Researchers at 360Netlab are warning of a cryptocurrency malware campaign targeting unpatched QNAP network-attached storage (NAS) devices. Unity is an XMRig cryptocurrency miner. and Quick.tar.gz.

Cryptocurrency 105

Cryptocurrency Firmware Malware Threat Detection 105

CyberSecurity Insiders

OCTOBER 3, 2022

Ferrari, the luxury car maker, was recently hit by a ransomware attack that apparently led to data leak that is now being posted online on an installment basis. NOTE 2- FBI and other law enforcement agencies across the world are urging the populace not to pay a ransom, if in case, they are targeted by a file encrypting malware.

Ransomware 125

Ransomware Cryptocurrency Encryption Accountability 125

Krebs on Security

JANUARY 28, 2022

In December 2021, researchers discovered a new ransomware-as-a-service named ALPHV (a.k.a. “ BlackCat “), considered to be the first professional cybercrime group to create and use a ransomware strain written in the Rust programming language. Image: Varonis. Image: Varonis. The upshot? ” Meanwhile, the U.S.

Ransomware 260

Ransomware Accountability Cybercrime Malware 260

Security Affairs

SEPTEMBER 22, 2022

The gap is being abused for malicious cryptocurrency mining.” “If left unremedied and successfully exploited, this vulnerability could be used for multiple and more malicious attacks, such as a complete domain takeover of the infrastructure and the deployment information stealers, remote access trojans (RATs), and ransomware.”

Cryptocurrency 110

Cryptocurrency Firewall Malware Hacking 110

Security Boulevard

AUGUST 2, 2022

Current threat actor activity is incentivized by a broad attack surface represented through high volumes of users and systems, and high potential profits represented through the variety of cryptocurrency offerings. It is easy to detect and block things like malicious cryptocurrency apps or crypto-phishing websites.

Cryptocurrency 98

Cryptocurrency Ransomware Government Risk 98

CyberSecurity Insiders

APRIL 5, 2023

North Korea has established a hacking group named APT43 to fund its cybercrime activities, aimed at advancing Pyongyang’s geopolitical interests. On April 3 of this year, Google’s Threat Analysis Group (TAG) announced that APT43 was in-volved in cryptocurrency theft and digital currency laundering.

Hacking 105

Hacking Social Engineering Cryptocurrency Healthcare 105

CyberSecurity Insiders

JANUARY 10, 2022

Ragnar Locker Ransomware, notorious hacking group that spreads file encrypting malware to large-scale organizations, has hit a security firm this time and stole data to prove it’s worth. NOTE- Ragnar Locker is a malware that is found targeting only Windows machines as of now.

Ransomware 135

Ransomware Cybersecurity IoT Cryptocurrency 135

Security Affairs

SEPTEMBER 17, 2018

Palo Alto Network researchers discovered a new malware, tracked as XBash, that combines features from ransomware, cryptocurrency miners, botnets, and worms. Security researchers at Palo Alto Networks have discovered a new piece of malware, dubbed XBash piece that is targeting both Linux and Microsoft Windows servers.

Cryptocurrency 89

Cryptocurrency Malware Ransomware Cybercrime 89

The Last Watchdog

JUNE 20, 2018

Cryptojacking, as defined by the Federal Trade Commission , is the use of JavaScript code to capture cryptocurrencies in users’ browsers without asking permission. Related: Why cryptojacking is more insidious than ransomware. LW: So cryptocurrency got discovered as the ideal payment vehicle for ransomware.

Cryptocurrency 176

Cryptocurrency Passwords Ransomware Malware 176

Appknox

APRIL 13, 2021

Along with wireless payments like Google or Apple pay (that still require assigning a banking account or card i.e. physical currency), the cryptocurrencies like Bitcoin are getting widely used. No surprise here, that cash payments are becoming a relic of the past.

Cryptocurrency 105

Cryptocurrency Wireless Hacking Banking 105

Security Affairs

FEBRUARY 10, 2022

I transcribed a recent interview, here some questions and answers about nation-state hacking, spyware, and cyber warfare. Malware, spyware are the most common means but do not forget the power of social network platforms that can be used for surveillance and misinformation purposes.

Spyware 88

Spyware Hacking Ransomware Surveillance 88

Security Affairs

MARCH 28, 2019

The activity of the Lazarus Group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks and experts that investigated on the crew consider it highly sophisticated. The group is considered responsible for the massive WannaCry ransomware attack, a string of SWIFT attacks in 2016, and the Sony Pictures hack.

Cryptocurrency 86

Cryptocurrency Malware Advertising Antivirus 86

Security Affairs

FEBRUARY 16, 2023

Talos researchers observed a financially motivated threat actor using a new ransomware dubbed MortalKombat and a clipper malware named Laplas. “The initial infection vector is a phishing email in which the attackers impersonate CoinPayments, a legitimate global cryptocurrency payment gateway. net] Payment Timed Out.””

Ransomware 79

Ransomware Cryptocurrency Malware Small Business 79

eSecurity Planet

JANUARY 26, 2023

Security researchers are warning that Google Ads are being actively leveraged to distribute malware to unsuspecting victims searching for software downloads. On January 20, CronUp researcher Germán Fernández warned that the DEV-0569 ransomware group is using Google Ads to distribute Gozi/Ursnif malware, RedLine stealer, and Royal ransomware.

Malware 119

Malware Ransomware Software Cryptocurrency 119

Security Affairs

DECEMBER 14, 2023

French police arrested a Russian national who is suspected of laundering money resulting from the criminal activity of the Hive ransomware gang. The French authorities arrested in Paris a Russian national who is suspected of laundering criminal proceeds for the Hive ransomware gang. anti-cybercrime (Ofac).”

Ransomware 111

Ransomware Cryptocurrency Cybercrime VPN 111

Security Affairs

MAY 2, 2024

The Ukrainian national, Yaroslav Vasinskyi (24), aka Rabotnik, has been sentenced to more than 13 years in prison and must pay $16 million in restitution for conducting numerous ransomware attacks and extorting victims. Vasinskyi is a REvil ransomware affiliate since at least March 1st, 2019. Vasinskyi was extradited to the U.S.

Ransomware 79

Ransomware Cryptocurrency Cybercrime Encryption 79

Security Affairs

JULY 23, 2022

DoJ seized $500,000 worth of Bitcoin from North Korea-linked threat actors who are behind the Maui ransomware. Department of Justice (DoJ) has seized $500,000 worth of Bitcoin from North Korean threat actors who used the Maui ransomware to target several organizations worldwide. reads the advisory published by US authorties.

Ransomware 126

Ransomware Healthcare Cryptocurrency Encryption 126

The Last Watchdog

FEBRUARY 20, 2023

Well-placed malware can cause crippling losses – especially for small and mid-sized businesses. One report showed ransomware attacks increased by 80 percent in 2022, with manufacturing being one of the most targeted industries. Amos These are just a handful of examples of ransomware attacks in the last year.

Ransomware 124

Ransomware Education Hacking Backups 124

SC Magazine

FEBRUARY 17, 2021

The Department of Justice has unsealed an indictment against three members of Lazarus Group for a wide range of financially-motivated hacks against private businesses that authorities said were designed to steal $1.3 billion in currency and cryptocurrency and further other strategic interests for the North Korean government.

Hacking 103

Hacking Cryptocurrency Banking Malware 103

CyberSecurity Insiders

AUGUST 26, 2022

One of the most ruthless cyberattacks is a ransomware attack. What Is a Ransomware Attack? Ransomware is a cyberattack that uses malware – software created to infiltrate a computer system and damage or disrupt it. Ransomware attacks are about as old as the internet itself.

Ransomware 123

Ransomware Education Software Malware 123

CyberSecurity Insiders

APRIL 19, 2023

AhnLab, a South Korean cybersecurity firm, has issued an alert about a ransomware attack on Microsoft SQL Servers that are being bombarded with Trigona Ransomware payloads meant to encrypt files after stealing data. This includes details such as names, bank account numbers, transaction details of the property, and ID card details.

Ransomware 96

Ransomware Cryptocurrency Banking Cyber Attacks 96

Security Affairs

JANUARY 13, 2024

Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

VPN 105

VPN Cybercrime Ransomware Hacking 105

Security Affairs

MAY 1, 2021

Taiwanese vendor QNAP is warning its customers of AgeLocker ransomware attacks on their NAS devices. Crooks behind the AgeLocker ransomware operation are targeting QNAP NAS devices, the Taiwanese vendor warns. The malware was designed to abuse NAS resources and mine cryptocurrency. SecurityAffairs – hacking, QNAP).

Ransomware 111

Ransomware Cryptocurrency Malware Internet 111

Security Affairs

JANUARY 7, 2021

The Ryuk ransomware had a disruptive impact on multiple industries around the world, operators already earned more than $150 million. The Ryuk ransomware gang is one of the most prolific criminal operations that caused destruction in multiple industries around the world. ” concludes the report.

Ransomware 126

Ransomware Cryptocurrency Antivirus Banking 126

Security Affairs

FEBRUARY 10, 2023

North Korea-linked APT groups conduct ransomware attacks against healthcare and critical infrastructure facilities to fund its activities. Ransomware attacks on critical infrastructure conducted by North Korea-linked hacker groups are used by the government of Pyongyang to fund its malicious cyber operations, U.S.

Ransomware 78

Ransomware Healthcare Cryptocurrency Government 78

Security Affairs

JULY 15, 2022

Microsoft researchers linked the Holy Ghost ransomware (H0lyGh0st) operation to North Korea-linked threat actors. The Microsoft Threat Intelligence Center (MSTIC) researchers linked the activity of the Holy Ghost ransomware (H0lyGh0st) operation to a North Korea-linked group they tracked as DEV-0530. ” concludes Microsoft.

Ransomware 129

Ransomware Cryptocurrency Government Small Business 129

Security Affairs

AUGUST 15, 2022

Security researchers from Cleafy reported that the SOVA Android banking malware is back and is rapidly evolving. The SOVA Android banking trojan was improved, it has a new ransomware feature that encrypts files on Android devices, Cleafy researchers report. The malware has been active since 2021 and evolves over time.

Encryption 97

Encryption Malware Banking Ransomware 97

Security Affairs

NOVEMBER 4, 2020

The source code for the KPot information stealer was put up for auction and the REvil ransomware operators want to acquire it. The authors of KPot information stealer have put its source code up for auction , and the REvil ransomware operators will likely be the only group to bid. SecurityAffairs – hacking, malware).

Ransomware 135

Ransomware Malware Advertising Cybercrime 135

Security Affairs

OCTOBER 14, 2020

G7 Finance ministers expressed concern on Tuesday over the rise in ransomware attacks during the Covid-19 pandemic, including some involving cryptocurrencies. G7 Finance ministers warn of ransomware attacks that have been growing in scale, sophistication, and frequency over the past two years. ” continues the statement.

Ransomware 124

Ransomware Cryptocurrency Financial Services Banking 124

Security Affairs

MARCH 3, 2020

The Department of Justice has charged the two Chinese nationals for laundering cryptocurrency for North Korea-linked APT groups. for helping North Korea-linked hackers in laundering cryptocurrency. The cryptocurrency have been stolen by the APT groups from two cryptocurrency exchanges. and Li Jiadong (???),

Cryptocurrency 97

Cryptocurrency Banking Hacking Accountability 97

Security Affairs

OCTOBER 6, 2022

Researchers linked the threat actor behind the Eternity malware-as-a-service (MaaS) to a new malware strain called LilithBot. Zscaler researchers linked a recently discovered sample of a new malware called LilithBot to the Eternity group (aka EternityTeam; Eternity Project). ” reads the report published by Zscaler.

Malware 89

Malware DDOS Ransomware Cryptocurrency 89

Security Boulevard

FEBRUARY 24, 2021

In mid-February 2021, the Department of Justice shared the content of what had been a sealed indictment charging three North Korean (DPRK) hacking “operatives” with a plethora of cybercrimes, including “cyber heists and extortion schemes, targeting both traditional and cryptocurrencies.” Assistant Attorney General John C.

Cybercrime 136

Cybercrime Hacking Cryptocurrency Ransomware 136

CyberSecurity Insiders

FEBRUARY 8, 2021

Reuters’ published a news article saying Brazil’s electro-nuclear power plant was hit by a ransomware attack, bringing down the operations to a halt on a partial note. Also known with the names Hidden Cobra and Zinc, the cyber crime group is known to hack critical infrastructure, thus making money through double extortion techniques.

Ransomware 134

Ransomware Social Engineering Cryptocurrency Cybercrime 134

CyberSecurity Insiders

NOVEMBER 10, 2022

The US Department of Justice arrested a Canadian Citizen born in Russia for spreading Lockbit ransomware. Details are in that the arrest was made after a 2-3 years long investigation concluded and Mr. Vasilev was found guilty of malware spread and wealth creation illegally.

Ransomware 82

Ransomware Healthcare Encryption Cryptocurrency 82

Security Affairs

DECEMBER 2, 2023

Researchers devised an attack technique to extract ChatGPT training data Fortune-telling website WeMystic exposes 13M+ user records Expert warns of Turtle macOS ransomware US govt sanctioned North Korea-linked APT Kimsuky Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022 Apple addressed 2 new (..)

Ransomware 94

Ransomware Hacking Spyware Cybercrime 94

SecureWorld News

AUGUST 8, 2022

Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC) released a joint Cybersecurity Advisory (CSA) providing details on the top malware strains of 2021. The top malware strains in 2021 included remote access Trojans (RATs), banking Trojans, information stealers, and ransomware.

Malware 83

Malware Banking Penetration Testing Healthcare 83

Security Affairs

APRIL 19, 2021

XCSSET, a Mac malware targeting Xcode developers, was now re-engineered and employed in a campaign aimed at Apple’s new M1 chips. Experts from Trend Micro have uncovered a Mac malware campaign targeting Xcode developers that employed a re-engineered version of the XCSSET malware to support Apple’s new M1 chips.

Malware 108

Malware Cryptocurrency Architecture Engineering 108