SecureList

JANUARY 13, 2022

The group seems to work more like a unit within a larger formation of Lazarus attackers, with the ability to tap into its vast resources: be it malware implants, exploits, or infrastructure. Also, we have previously reported on cryptocurrency-focused BlueNoroff attacks.

Cryptocurrency 131

Cryptocurrency Malware Accountability Banking 131

Security Affairs

MARCH 8, 2021

Experts warn of ongoing attacks targeting QNAP network-attached storage (NAS) devices to abuse them in cryptocurrency mining. Researchers at 360Netlab are warning of a cryptocurrency malware campaign targeting unpatched QNAP network-attached storage (NAS) devices. Unity is an XMRig cryptocurrency miner. and Quick.tar.gz.

Cryptocurrency 105

Cryptocurrency Firmware Malware Threat Detection 105

SecureList

JUNE 5, 2023

Satacom downloader, also known as LegionLoader, is a renowned malware family that emerged in 2019. It is known to use the technique of querying DNS servers to obtain the base64-encoded URL in order to receive the next stage of another malware family currently distributed by Satacom.

Cryptocurrency 84

Cryptocurrency DNS Malware Encryption 84

Security Affairs

SEPTEMBER 26, 2020

Singapore-based cryptocurrency exchange KuCoin disclosed a security breach, hackers stole $150 million from its hot wallets. Singapore-based cryptocurrency exchange KuCoin disclosed a major security incident, the hackers breached its hot wallets and stole all the funds, around $150 million. It seems #Kucoin got hacked.

Cryptocurrency 127

Cryptocurrency Hacking Advertising Internet 127

Heimadal Security

NOVEMBER 22, 2022

A Google Chrome browser extension named VenomSoftX is being deployed by Windows malware to steal cryptocurrency and clipboard contents as people browse the web. It also hijacks other internet browsers, including Safari and Firefox. The Chrome extension is a JavaScript-based Trojan. ViperSoftX has been around since 2020.

Cryptocurrency 52

Cryptocurrency Passwords Internet Internet 52

Security Affairs

APRIL 5, 2019

Researchers at AT&T Alien Labs have spotted a malware called Xwo that is actively scanning the Internet for exposed web services and default passwords. Experts at AT&T Alien Labs discovered a new piece of malware called Xwo that is actively scanning the Internet for exposed web services and default passwords.

Internet 89

Internet Internet Passwords Malware 89

Security Affairs

MARCH 15, 2023

CrowdStrike researchers discovered the first-ever cryptocurrency mining campaign aimed at Dero mining since February 2023. It claims to offer improved privacy, anonymity and higher monetary rewards compared to other cryptocurrencies. The attack chain commences with the attacker finding an Internet-facing vulnerable Kubernetes cluster.

Cryptocurrency 70

Cryptocurrency Internet Internet Hacking 70

Security Affairs

MARCH 18, 2021

The FBI’s Internet Crime Complaint Center has released its annual report, the 2020 Internet Crime Report , which includes data from 791,790 complaints of suspected cybercrimes. That identifying information was then used to establish a bank account to receive stolen BEC/EAC funds and then transferred to a cryptocurrency account.”

Internet 106

Internet Internet Scams Identity Theft 106

Security Affairs

DECEMBER 1, 2022

Redigo is a new Go-based malware employed in attacks against Redis servers affected by the CVE-2022-0543 vulnerability. Researchers from security firm AquaSec discovered a new Go-based malware that is used in a campaign targeting Redis servers. ” reads the analysis published by AquaSec. Pierluigi Paganini.

Malware 142

Malware DDOS Architecture Cryptocurrency 142

Security Affairs

JANUARY 9, 2023

The crypto-miner Kinsing was first spotted by security firm Aqua Security in April 2020, at the time the experts spotted threat actors scanning the Internet for Docker servers running API ports exposed without a password. The Kinsing malware abuses the resources of the Docker installations to mine cryptocurrency.

Malware 91

Malware Authentication Cryptocurrency Internet 91

Security Affairs

APRIL 6, 2020

Experts uncovered a hacking campaign that is breaching Docker clusters to deploy a new crypto-mining malware tracked as Kinsing. Cloud security firm Aqua Security uncovered a hacking campaign carried out during the past months, hackers are scanning the Internet for Docker servers running API ports exposed without a password.

Cryptocurrency 99

Cryptocurrency Malware Advertising VPN 99

Security Affairs

SEPTEMBER 17, 2018

Palo Alto Network researchers discovered a new malware, tracked as XBash, that combines features from ransomware, cryptocurrency miners, botnets, and worms. Security researchers at Palo Alto Networks have discovered a new piece of malware, dubbed XBash piece that is targeting both Linux and Microsoft Windows servers.

Cryptocurrency 89

Cryptocurrency Malware Ransomware Cybercrime 89

SecureList

MAY 6, 2024

A significant share of scam, phishing and malware attacks is about money. Methodology In this report, we present an analysis of financial cyberthreats in 2023, focusing on banking Trojans and phishing pages that target online banking, shopping accounts, cryptocurrency wallets and other financial assets. million in 2022. of attacks.

Phishing 101

Phishing Banking Mobile Scams 101

Malwarebytes

FEBRUARY 17, 2023

The tag-team campaign serves up ransomware known as Mortal Kombat, which borrows the name made famous by the video game, and Laplas Clipper malware, a clipboard stealer. The email is cryptocurrency themed, and claims that a payment of yours has “timed out” and will need resending. Detect intrusions.

Ransomware 73

Ransomware Malware Cryptocurrency Encryption 73

eSecurity Planet

JANUARY 26, 2023

Security researchers are warning that Google Ads are being actively leveraged to distribute malware to unsuspecting victims searching for software downloads. On January 20, CronUp researcher Germán Fernández warned that the DEV-0569 ransomware group is using Google Ads to distribute Gozi/Ursnif malware, RedLine stealer, and Royal ransomware.

Malware 121

Malware Ransomware Software Cryptocurrency 121

Security Affairs

MAY 3, 2024

“Apart from the EdgeRouter devices, we also found compromised Raspberry Pi and other internet-facing devices in the botnet. . “We attribute the NTLMv2 hash relay attacks and the proxying of credential phishing to Pawn Storm, while the pharmaceutical spam looks to be related to the infamous Canadian Pharmacy gang.”

Phishing 94

Phishing Cryptocurrency Internet Internet 94

The Hacker News

MAY 18, 2022

Microsoft is warning of an emerging threat targeting internet-connected cryptocurrency wallets, signaling a departure in the use of digital coins in cyberattacks.

Cryptocurrency 97

Cryptocurrency Malware Internet Internet 97

Security Affairs

DECEMBER 20, 2023

The Federal Criminal Police Office in Germany (BKA) and the internet-crime combating unit of Frankfurt (ZIT), along with law enforcement agencies from multiple countries (United States, Switzerland, Moldova, and Ukraine), conducted an operation that resulted in the seizure of the dark web marketplace Kingdom Market.

Marketing 105

Marketing Cryptocurrency Accountability Banking 105

Krebs on Security

AUGUST 29, 2023

government today announced a coordinated crackdown against QakBot , a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. Qakbot/Qbot was once again the top malware loader observed in the wild in the first six months of 2023. Emerging in 2007 as a banking trojan, QakBot (a.k.a.

Hacking 255

Hacking Malware Ransomware Government 255

Security Boulevard

AUGUST 4, 2022

Exploit Tools and Targets: Malicious Use of Internet Information Services (IIS) Extension. Microsoft published a report on July 26th alerting defenders to the malicious use of Internet Information Services (IIS) extensions. based hospitals. 2 , 3 ) In late July, the U.S. 5 ) More recently, the U.S.

Internet 59

Internet Internet Cryptocurrency Cybercrime 59

Security Affairs

AUGUST 8, 2019

Avast spotted a new strain of Clipsa malware that is used to mine and steal cryptocurrencies along with carrying out brute-force attacks on WordPress sites. Clipsa is a malware that is well known to cyber security community is able to steal cryptocurrency via clipoard hijacking and mine cryptocurrency after installing a miner. .

Malware 87

Malware Cryptocurrency Passwords Internet 87

Security Affairs

FEBRUARY 24, 2020

Raccoon Malware is a recently discovered infostealer that can extract sensitive data from about 60 applications on a targeted system. Racoon malware , Legion, Mohazo, and Racealer, is an infostealer that recently appeared in the threat landscape that is advertised in hacking forums. ” reads the report published by CyberArk.

Cybercrime 88

Cybercrime Malware Cryptocurrency Advertising 88

Security Affairs

FEBRUARY 19, 2024

The Raccoon stealer was first spotted in April 2019, it was designed to steal victims’ credit card data, email credentials, cryptocurrency wallets, and other sensitive data. The malware is now promoted on English-speaking hacking forums, it works on both 32-bit and 64-bit operating systems. in the stolen data.

Identity Theft 92

Identity Theft Cryptocurrency Cybercrime Hacking 92

Security Affairs

FEBRUARY 2, 2021

ESET experts uncovered a previously undocumented piece of malware that had been observed targeting high-performance computing clusters (HPC). ESET analyzed a new piece of malware, dubbed Kobalos, that was employed in attacks against high-performance computing clusters (HPC). ” reads the analysis published by ESET.

Malware 94

Malware Internet Internet Cryptocurrency 94

Security Affairs

OCTOBER 31, 2022

In the early afternoon of Friday 12 May 2017, the media broke the news of a global computer security attack carried out through a malicious code capable of encrypting data residing in information systems and demanding a ransom in cryptocurrency to restore them, the Wannacry ransomware. The infection chain. What should we learn from this?

Malware 97

Malware Computers and Electronics Encryption Ransomware 97

CyberSecurity Insiders

OCTOBER 24, 2022

United States Cybersecurity and Infrastructure Security Agency(CISA) has issued an advisory to all hospitals and healthcare providers about a new ransomware dubbed ‘Daixin Team’ doing rounds on the internet.

Ransomware 140

Ransomware Healthcare Cryptocurrency Malware 140

Malwarebytes

MAY 10, 2022

From bogus attack warnings to data theft malware. The list of potential target areas includes: Internet browsers MAIL/FTP/VPN clients Cryptocurrency wallets Password managers Messengers Game programs. Downloading macros from the internet results in an automatic block with regard to being able to run.

Malware 90

Malware Phishing Passwords Password Management 90

Security Affairs

AUGUST 28, 2020

A new variant of the infamous Lemon_Duck cryptomining malware has been updated to targets Linux devices. Security researchers from Sophos have spotted a new variant of the Lemon_Duck cryptomining malware that has been updated to compromise Linux machines via SSH brute force attacks. ” reads the post published by Sophos.

Malware 138

Malware Authentication Passwords Internet 138

Malwarebytes

DECEMBER 21, 2022

The target apps include banking applications, cryptocurrency wallets, and crypto exchanges. How to avoid malware. There are a few basic guidelines that can help you prevent installing malware on your device. This allows the threat actors to harvest login credentials for banking applications and other financial services.

Banking 90

Banking Malware Mobile Financial Services 90

Krebs on Security

MAY 22, 2023

Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms. The messages said recipients had earned an investment credit at a cryptocurrency trading platform called moonxtrade[.]com. “Consider salaries in Russia,” Quotpw said.

Scams 244

Scams DDOS Cryptocurrency Accountability 244

Security Affairs

JANUARY 21, 2021

QNAP is warning customers of a new piece of malware dubbed Dovecat that is targeting NAS devices to mine cryptocurrency. Taiwanese vendor QNAP has published a security advisory to warn customers of a new piece of malware named Dovecat that is targeting NAS devices. Install the latest version of Malware Remover.

Cryptocurrency 113

Cryptocurrency Firmware Malware Passwords 113

Security Affairs

MAY 4, 2020

Hackers are conducting a mass-scanning the Internet for vulnerable Salt installs that could allow them to hack the organizations, the last victim is the Ghost blogging platform. The attackers compromised the blogging platform to deploy a cryptocurrency miner, the intrusion took place on May 3, 2020. Pierluigi Paganini.

Internet 110

Internet Internet Hacking Advertising 110

Anton on Security

JULY 7, 2022

not malware?—?do this is another gem for me as your security posture may still be solely focused on “critical” assets and data loss, and hence miss the theft of cloud services that you pay for] “In 2022, actors have attempted to commit cloud network resources to mine cryptocurrencies that require network bandwidth. ” [A.C.?—?this

Cybersecurity 246

Cybersecurity Cryptocurrency Ransomware Education 246

CyberSecurity Insiders

APRIL 30, 2021

Nitro Ransomware, a new variant of file encrypting malware is shaking up the internet by demanding Discord Nitro Gift Cards from victims instead of cryptocurrency. In this malware attack, hackers indulge in data stealing and encryption as usual. But with Nitro Ransomware the situation seems to be different.

Ransomware 142

Ransomware Encryption Cryptocurrency Internet 142

Security Affairs

MAY 1, 2021

. “To further secure your device, do not expose your NAS to the internet. If you must connect your NAS to the internet, we highly recommend using a trusted VPN or a myQNAPcloud link.” The malware was designed to abuse NAS resources and mine cryptocurrency.

Ransomware 111

Ransomware Cryptocurrency Malware Internet 111

Malwarebytes

MAY 18, 2022

The variant they focused on uses a range of known exploits for vulnerabilities in web apps and databases to install cryptocurrency miners on both Windows and Linux systems. The Sysrv botnet first received attention at the end of 2020 because at the time it was one of the rare malware binaries written in Golang (aka GO). Linux malware.

Cryptocurrency 63

Cryptocurrency IoT Malware DDOS 63

Malwarebytes

SEPTEMBER 6, 2023

If we define ransomware as malware that encrypts files to extort the owner of the system, then the first malware that could be classified as ransomware is the 1989 AIDS Trojan. The use of cryptocurrency allows cybercriminals to transfer their funds to a place where they feel they can safely use it. But where did it start?

Ransomware 106

Ransomware Encryption Cryptocurrency Backups 106