Security Affairs

NOVEMBER 24, 2024

According to DoJ PopeyeTools has offered for sale the access devices and personally identifiable information (PII) of at least 227,000 individuals and generated at least $1.7 seized $283,000 in cryptocurrency from an account linked to Sami as part of actions against the illicit activities of PopeyeTools. million in revenue.

Cybercrime 136

Cybercrime Cryptocurrency Banking Accountability 136

Security Affairs

APRIL 26, 2024

As cryptocurrencies have grown in popularity, there has also been growing concern about cybercrime involvement in this sector Cryptocurrencies have revolutionized the financial world, offering new investment opportunities and decentralized transactions.

Cryptocurrency 135

Cryptocurrency Cybercrime Education Scams 135

Security Affairs

MARCH 13, 2025

The Medusa ransomware operation hit over 300 organizations in critical infrastructure sectors in the United States until February 2025. The FBI, CISA, and MS-ISAC have issued a joint advisory detailing Medusa ransomware tactics, techniques, and indicators of compromise (IOCs) based on FBI investigations as recent as February 2025.

Ransomware 77

Ransomware Encryption Cryptocurrency Insurance 77

Security Affairs

MARCH 24, 2025

. “In this scenario, criminals use free online document converter tools to load malware onto victims computers, leading to incidents such as ransomware.” They can also steal personal data, banking details, cryptocurrency info, emails, and passwords by scraping the files the users upload. ” continues the alert.

Malware 123

Malware Scams Identity Theft Antivirus 123

Security Affairs

MARCH 15, 2025

A clipper malware is a type of malicious software designed to intercept and manipulate clipboard data, typically for cryptocurrency theft. When a victim copies a cryptocurrency wallet address, the malware replaces it with an attacker-controlled address, redirecting funds to the hacker instead of the intended recipient.

Software 116

Software Cryptocurrency Malware Encryption 116

Security Affairs

NOVEMBER 21, 2024

Victims included gaming, telecom, and cryptocurrency firms, with losses reaching millions in stolen cryptocurrency and data from hundreds of thousands of accounts. Victims included gaming, telecom, and cryptocurrency firms, with losses reaching millions in stolen cryptocurrency and data from hundreds of thousands of accounts.

Cybercrime 116

Cybercrime Identity Theft Cryptocurrency Phishing 116

Security Affairs

MARCH 8, 2021

Experts warn of ongoing attacks targeting QNAP network-attached storage (NAS) devices to abuse them in cryptocurrency mining. Researchers at 360Netlab are warning of a cryptocurrency malware campaign targeting unpatched QNAP network-attached storage (NAS) devices. Unity is an XMRig cryptocurrency miner. and Quick.tar.gz.

Cryptocurrency 143

Cryptocurrency Firmware Malware Threat Detection 143

Security Affairs

MARCH 14, 2025

The US Justice Department announced that the LockBit ransomware developer Rostislav Panev was extradited from Israel to the U.S. The US Justice Department announced that one of the LockBit ransomware developer, Rostislav Panev (51), has been extradited to the United States. reads the press release published by DoJ.

Ransomware 71

Ransomware Cryptocurrency Small Business Malware 71

Security Affairs

NOVEMBER 17, 2024

that reboots locked devices Ymir ransomware, a new stealthy ransomware grow in the wild Amazon discloses employee data breach after May 2023 MOVEit attacks A new fileless variant of Remcos RAT observed in the wild A surge in Pro-Russia cyberattacks after decision to monitor North Korean Troops in Ukraine U.S.

Cryptocurrency 117

Cryptocurrency Malware Hacking Ransomware 117

Security Affairs

DECEMBER 2, 2024

INTERPOL also issued a Purple Notice to warn countries about emerging fraudulent activities involving cryptocurrencies. The authorities have warned of “USDT Token Approval Scam” that allows scammers access to the victims’ cryptocurrency wallets and make unauthorized transactions. The operation led to 27 arrests and 19 indictments.

Cryptocurrency 133

Cryptocurrency Phishing Scams Cybercrime 133

Security Affairs

JANUARY 2, 2022

North Korea-linked threat actors are behind some of the largest cyberattacks against cryptocurrency exchanges. North Korea-linked APT groups are suspected to be behind some of the largest cyberattacks against cryptocurrency exchanges. billion (2 trillion won) worth of cryptocurrency from multiple exchanges during the past five years.

Cryptocurrency 144

Cryptocurrency Cybercrime Media Government 144

Security Affairs

OCTOBER 13, 2024

Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches 123

Data breaches Cryptocurrency Cybercrime Artificial Intelligence 123

Security Affairs

NOVEMBER 3, 2024

Chinese threat actors use Quad7 botnet in password-spray attacks FBI arrested former Disney World employee for hacking computer menus and mislabeling allergy info Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide PTZOptics cameras zero-days actively exploited in the wild New LightSpy spyware (..)

Cryptocurrency 115

Cryptocurrency Hacking Phishing Cyber Attacks 115

Security Affairs

JUNE 18, 2024

Over the last few years, ransomware attacks have become one of the most prevalent and expensive forms of cybercrime. Today, this tactic has evolved, where ransomware operators in nearly every case first exfiltrate sensitive data and then threaten to publicly expose it if a ransom demand is not paid.

Ransomware 143

Ransomware Cryptocurrency Insurance Cybercrime 143

Security Affairs

MARCH 3, 2020

The Department of Justice has charged the two Chinese nationals for laundering cryptocurrency for North Korea-linked APT groups. for helping North Korea-linked hackers in laundering cryptocurrency. The cryptocurrency have been stolen by the APT groups from two cryptocurrency exchanges. and Li Jiadong (???),

Cryptocurrency 141

Cryptocurrency Banking Hacking Accountability 141

Security Affairs

APRIL 13, 2020

The crew behind the Sodinokibi Ransomware plans to stop accepting Bitcoin and switched on Monero cryptocurrency to hide the money trail. The gang behind the Sodinokibi Ransomware has started accepting the Monero cryptocurrency instead of Bitcoin to make it harder investigation by law enforcement agencies.

Ransomware 143

Ransomware Cryptocurrency Advertising Hacking 143

Security Affairs

JANUARY 11, 2025

Department of Justice charged three Russian citizens with operating crypto-mixing services that helped crooks launder cryptocurrency. that helped crooks launder cryptocurrency. were allegedly used for laundering funds from ransomware and cybercrimes. laundered funds for multiple ransomware groups. and Sinbad.io

Cybercrime 80

Cybercrime Cryptocurrency Hacking Ransomware 80

Security Affairs

JANUARY 7, 2021

The Ryuk ransomware had a disruptive impact on multiple industries around the world, operators already earned more than $150 million. The Ryuk ransomware gang is one of the most prolific criminal operations that caused destruction in multiple industries around the world. ” concludes the report.

Ransomware 145

Ransomware Cryptocurrency Antivirus Banking 145

Security Affairs

OCTOBER 14, 2020

G7 Finance ministers expressed concern on Tuesday over the rise in ransomware attacks during the Covid-19 pandemic, including some involving cryptocurrencies. G7 Finance ministers warn of ransomware attacks that have been growing in scale, sophistication, and frequency over the past two years. ” continues the statement.

Ransomware 140

Ransomware Cryptocurrency Financial Services Banking 140

Security Affairs

SEPTEMBER 22, 2022

The gap is being abused for malicious cryptocurrency mining.” “If left unremedied and successfully exploited, this vulnerability could be used for multiple and more malicious attacks, such as a complete domain takeover of the infrastructure and the deployment information stealers, remote access trojans (RATs), and ransomware.”

Cryptocurrency 141

Cryptocurrency Firewall Malware Hacking 141

Security Affairs

MAY 25, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Sarcoma Ransomware Unveiled: Anatomy of a Double Extortion Gang RVTools Bumblebee Malware Attack How a Trusted IT Tool Became a Malware Delivery Vector Malicious Checker Packages on PyPI Probe TikTok and Instagram for (..)

Malware 88

Malware Cryptocurrency Banking Ransomware 88

Security Affairs

JULY 23, 2022

DoJ seized $500,000 worth of Bitcoin from North Korea-linked threat actors who are behind the Maui ransomware. Department of Justice (DoJ) has seized $500,000 worth of Bitcoin from North Korean threat actors who used the Maui ransomware to target several organizations worldwide. reads the advisory published by US authorties.

Ransomware 145

Ransomware Healthcare Cryptocurrency Encryption 145

Security Affairs

JULY 15, 2022

Microsoft researchers linked the Holy Ghost ransomware (H0lyGh0st) operation to North Korea-linked threat actors. The Microsoft Threat Intelligence Center (MSTIC) researchers linked the activity of the Holy Ghost ransomware (H0lyGh0st) operation to a North Korea-linked group they tracked as DEV-0530. ” concludes Microsoft.

Ransomware 145

Ransomware Cryptocurrency Government Small Business 145

Security Affairs

MAY 1, 2021

Taiwanese vendor QNAP is warning its customers of AgeLocker ransomware attacks on their NAS devices. Crooks behind the AgeLocker ransomware operation are targeting QNAP NAS devices, the Taiwanese vendor warns. ” reads the security advisory published by the vendor. . Follow me on Twitter: @securityaffairs and Facebook.

Ransomware 145

Ransomware Cryptocurrency Malware Internet 145

Security Affairs

APRIL 7, 2025

By simply paying the fee, usually in cryptocurrencies, the customer will receive the sensitive material ready to be exploited. UNDERGR OUND FORUMS AND PAYMENT DYNAMICS Payments are handled through mechanisms long rooted in underground trades.

Cybercrime 141

Cybercrime Social Engineering Accountability Government 141

Security Affairs

JANUARY 27, 2021

and EU law enforcement authorities allowed the seizure of the leak sites used by NetWalker ransomware operators. and Europe have seized the dark web sites used by NetWalker ransomware operators. The authorities also charged a Canadian national involved in the NetWalker ransomware operations. A joint operation of U.S.

Ransomware 145

Ransomware Healthcare Government Cryptocurrency 145

Security Affairs

MARCH 17, 2020

Coronavirus -themed attacks continue to increase, experts observed new Coronavirus ransomware that acts as a cover for Kpot Infostealer. In this campaign, crooks are exploiting the interest in the Coronavirus (COVID-19) outbreak to deliver a couple of malware, the CoronaVirus Ransomware and the Kpot information-stealing Trojan.

Ransomware 140

Ransomware Advertising Cryptocurrency Passwords 140

Security Affairs

OCTOBER 16, 2021

billion worth of Bitcoin transactions to ransomware. billion worth of Bitcoin transactions likely associated with operations of top 10 most commonly reported ransomware variants. Studying data generated from ransomware-related SARs, the mean average total monthly suspicious amount of ransomware transactions was $66.4

Ransomware 137

Ransomware Cryptocurrency Hacking Cybercrime 137

Security Affairs

OCTOBER 4, 2021

Two ransomware operators arrested in Kyiv, Ukraine, that are suspected to have attacked more than 100 companies causing more than $150M in damages. A joint international law enforcement operation led to the arrest of the ransomware operators in Kyiv, Ukraine on September 28. million in cryptocurrencies. In addition, $ 1.3

Ransomware 138

Ransomware Cryptocurrency Cybercrime Mobile 138

Security Affairs

NOVEMBER 3, 2024

EIW — ESET Israel Wiper — used in active attacks targeting Israeli orgs Tenacious Pungsan: A DPRK threat actor linked to Contagious Interview Hybrid Russian Espionage and Influence Campaign Aims to Compromise Ukrainian Military Recruits and Deliver Anti-Mobilization Narratives Cryptocurrency Enthusiasts Targeted in Multi-Vector Supply Chain Attack (..)

Malware 117

Malware VPN Cryptocurrency Mobile 117

Security Affairs

JULY 1, 2020

Experts discovered a new ransomware dubbed EvilQuest designed to target macOS systems, it also installs a keylogger and a reverse shell to take over them. Unlike other MacOSx threats, EvilQuest also installs a keylogger, a reverse shell, and steals cryptocurrency wallets from infected hosts. ” reads the analysis wrote by Wardle.

Ransomware 145

Ransomware Malware Encryption Software 145

Security Affairs

JULY 8, 2020

Good news for the victims of the ThiefQuest (EvilQuest) ransomware, they can recover their encrypted files for free. The victims of the ThiefQuest (EvilQuest) ransomware victims can recover their encrypted files without needing to pay the ransom due to the availability of a free decryptor. macOS ransomware #decryptor ( #EvilQuest )! |

Ransomware 143

Ransomware Encryption Malware Advertising 143

Security Affairs

DECEMBER 8, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. warn of PRC-linked cyber espionage targeting telecom networks U.S.

Artificial Intelligence 108

Artificial Intelligence Spyware Hacking Ransomware 108

Security Affairs

DECEMBER 14, 2023

French police arrested a Russian national who is suspected of laundering money resulting from the criminal activity of the Hive ransomware gang. The French authorities arrested in Paris a Russian national who is suspected of laundering criminal proceeds for the Hive ransomware gang. anti-cybercrime (Ofac).”

Ransomware 143

Ransomware Cryptocurrency Cybercrime Manufacturing 143

Security Affairs

NOVEMBER 4, 2020

The source code for the KPot information stealer was put up for auction and the REvil ransomware operators want to acquire it. The authors of KPot information stealer have put its source code up for auction , and the REvil ransomware operators will likely be the only group to bid. KPOT source code up for sale!

Ransomware 145

Ransomware Malware Advertising Cybercrime 145

Security Affairs

JUNE 5, 2021

Department of Justice was to assign investigation on ransomware attacks the same priority as terrorism in the wake of the Colonial Pipeline hack. Department of Justice plans to equate investigations into ransomware attacks with investigations into terrorism in the wake of the Colonial Pipeline hack. ” reported Reuters.

Ransomware 128

Ransomware Cryptocurrency Hacking Cybercrime 128

Security Affairs

JULY 19, 2024

Two Russian nationals pleaded guilty to participating in the LockBit ransomware group and carrying out attacks against victims worldwide. Two foreign nationals, Ruslan Magomedovich Astamirov and Mikhail Vasiliev, pleaded guilty in Newark federal court for their roles in the LockBit ransomware operation.

Ransomware 144

Ransomware Healthcare Encryption Government 144