Krebs on Security

FEBRUARY 28, 2024

Malicious hackers are targeting people in the cryptocurrency space in attacks that start with a link added to the target’s calendar at Calendly , a popular application for scheduling appointments and meetings. The attackers impersonate established cryptocurrency investors and ask to schedule a video conference call.

Malware 332

Malware Cryptocurrency Software Phishing 332

Schneier on Security

APRIL 4, 2023

News : Researchers at Russian cybersecurity firm Kaspersky today revealed that they identified a small number of cryptocurrency-focused firms as at least some of the victims of the 3CX software supply-chain attack that’s unfolded over the past week.

Cryptocurrency 253

Cryptocurrency Hacking Software Cybersecurity 253

Penetration Testing

APRIL 8, 2025

For many developers, SourceForge has long been a cornerstone of open-source collaboration a trusted hub to host and distribute software. But for cybercriminals, it has recently become a platform to stage deception.

Cryptocurrency 81

Cryptocurrency Malware Software Cybersecurity 81

SecureList

MARCH 3, 2025

million attacks involving malware, adware or unwanted mobile software were prevented. million malware, adware or unwanted software attacks targeting mobile devices. Some time later, the user received a phishing link to download malware disguised as a shipment tracking app. A total of 1.1 A total of 1.1

Mobile 116

Mobile Malware Adware Banking 116

Krebs on Security

DECEMBER 4, 2024

Last week, the Russian government reportedly arrested Matveev and charged him with creating malware used to extort companies. Russia’s interior ministry last week issued a statement saying a 32-year-old hacker had been charged with violating domestic laws against the creation and use of malicious software. Matveev, a.k.a.

Cybercrime 250

Cybercrime Ransomware Cryptocurrency Government 250

Security Affairs

DECEMBER 27, 2024

North Korea-linked threat actors are using the OtterCookie backdoor to target software developers with fake job offers. North Korea-linked threat actors were spotted using new malware called OtterCookie as part of the Contagious Interview campaign that targets software developer community with fake job offers.

Malware 89

Malware Cryptocurrency Software Hacking 89

Schneier on Security

SEPTEMBER 12, 2022

It’s pretty nasty : The malware was dubbed “ Shikitega ” for its extensive use of the popular Shikata Ga Nai polymorphic encoder, which allows the malware to “mutate” its code to avoid detection. Bottom line: Shikitega is a nasty piece of code. Another article. Slashdot thread.

Malware 322

Malware Backups IoT Software 322

The Hacker News

APRIL 8, 2025

Threat actors have been observed distributing malicious payloads such as cryptocurrency miner and clipper malware via SourceForge, a popular software hosting service, under the guise of cracked versions of legitimate applications like Microsoft Office.

Cryptocurrency 115

Cryptocurrency Software Malware 115

Malwarebytes

MARCH 18, 2025

We were alerted to Mac and Windows stealers currently distributed via Reddit posts targeting users engaging in cryptocurrency trading. One of the common lures is a cracked software version of the popular trading platform TradingView. Upon checking that website, we can see that it leaks its PHP version (7.3.33).

Cryptocurrency 124

Cryptocurrency Malware Scams Antivirus 124

Security Affairs

APRIL 6, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape CISA Releases Malware Analysis Report on RESURGE Malware Associated with Ivanti Connect Secure Unboxing Anubis: Exploring the Stealthy Tactics of FIN7’s Latest Backdoor Advancements in delivery: Scripting with (..)

Malware 78

Malware Cryptocurrency Hacking Accountability 78

Security Affairs

APRIL 2, 2025

The malware was discovered on counterfeit Android devices mimicking popular smartphone models. “The malware has broad functionality and gives attackers almost unlimited control over the gadget” The malware, embedded in the system framework, provides attackers full control over the device. 231 banking malware.

Malware 123

Malware Cryptocurrency Mobile Firmware 123

SecureList

APRIL 23, 2025

We have been tracking the latest attack campaign by the Lazarus group since last November, as it targeted organizations in South Korea with a sophisticated combination of a watering hole strategy and vulnerability exploitation within South Korean software. We found that the malware was running in the memory of a legitimate SyncHost.

Malware 144

Malware Software Encryption Internet 144

The Hacker News

OCTOBER 3, 2024

Linux servers are the target of an ongoing campaign that delivers a stealthy malware dubbed perfctl with the primary aim of running a cryptocurrency miner and proxyjacking software.

Cryptocurrency 135

Cryptocurrency Malware Software 135

Security Affairs

APRIL 20, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malicious NPM Packages Targeting PayPal Users New Malware Variant Identified: ResolverRAT Enters the Maze Nice chatting with you: what connects cheap Android smartphones, WhatsApp and cryptocurrency theft?

Malware 80

Malware Cryptocurrency Engineering Encryption 80

Krebs on Security

FEBRUARY 17, 2021

Secret Service and Department of Homeland Security told reporters on Wednesday the trio’s activities involved extortion, phishing, direct attacks on financial institutions and ATM networks, as well as malicious applications that masqueraded as software tools to help people manage their cryptocurrency holdings. Image: CISA.

Cryptocurrency 343

Cryptocurrency Financial Services Banking Government 343

Security Affairs

JANUARY 10, 2025

Check Point researchers discovered a new version of the Banshee macOS infostealer which is distributed through phishing websites and fake GitHub repositories, often masqueraded as popular software. In August 2024, Russian crooks advertised a macOS malware called BANSHEE Stealer that can target both x86_64 and ARM64 architectures.

Malware 122

Malware Advertising Antivirus Cybercrime 122

Malwarebytes

FEBRUARY 19, 2025

These findings come from the 2025 State of Malware report. The threat of info stealers Info stealers are a type of malware that do exactly as they saythey steal information from peoples devices. But the variety of information that these pieces of malware can steal makes them particularly dangerous. They are wildly adaptable.

Malware 134

Malware Software Passwords Cryptocurrency 134

Security Affairs

NOVEMBER 15, 2024

The Glove Stealer malware exploits a new technique to bypass Chrome’s App-Bound encryption and steal browser cookies. Glove Stealer is a.NET-based information stealer that targets browser extensions and locally installed software to steal sensitive data. Gen Digital observed phishing campaigns distributing the Glove Stealer.

Encryption 118

Encryption Password Management Cryptocurrency Social Engineering 118

The Hacker News

MARCH 13, 2025

Users searching for pirated software are the target of a new malware campaign that delivers a previously undocumented clipper malware called MassJacker, according to findings from CyberArk.

Cryptocurrency 106

Cryptocurrency Malware Software 106

Krebs on Security

AUGUST 25, 2021

After several years of working with investigators, Schober says he’s confident he has located two young men in the United Kingdom responsible for using a clever piece of digital clipboard-stealing malware that let them siphon his crypto holdings. universities). When Schober went to move approximately 16.4

Cryptocurrency 362

Cryptocurrency Malware Mobile Accountability 362

Penetration Testing

JULY 18, 2024

Cyble Research and Intelligence Labs (CRIL) has uncovered a sophisticated cyberattack campaign targeting cryptocurrency users.

Cryptocurrency 104

Cryptocurrency Malware Phishing Software 104

Krebs on Security

APRIL 20, 2023

We learned some remarkable new details this week about the recent supply-chain attack on VoIP software provider 3CX. Researchers at ESET say this job offer from a phony HSBC recruiter on LinkedIn was North Korean malware masquerading as a PDF file. Image: Mandiant.

Malware 329

Malware Software Technology Accountability 329

CyberSecurity Insiders

NOVEMBER 26, 2021

Google, the business subsidiary of tech giant Alphabet Inc, has released a report saying that the compromised cloud accounts were leading hackers to mine cryptocurrency that could prove as a double threat to customers. The post Compromised cloud accounts leading to Cryptocurrency mining appeared first on Cybersecurity Insiders.

Cryptocurrency 131

Cryptocurrency Accountability Passwords Software 131

Security Affairs

DECEMBER 22, 2024

Panev and other developers were tasked to create and maintain the malware and infrastructure, while affiliates executed attacks and extorted ransoms, splitting the proceeds. Panev received over $230,000 in laundered cryptocurrency from Khoroshev between 2022 and 2024. ” reads the press release published by DoJ.

Ransomware 121

Ransomware Small Business Antivirus Malware 121

SecureList

OCTOBER 29, 2024

Attackers are increasingly distributing malware through a rather unusual method: a fake CAPTCHA as the initial infection vector. Most redirects lead to websites promoting security software, ad blockers, and the like – standard practice for adware. As with the previous stage, the victim doesn’t always encounter malware.

Adware 131

Adware Malware Cryptocurrency Password Management 131

Security Affairs

APRIL 17, 2025

to deliver info-stealing malware via fake crypto trading sites like Binance and TradingView. increasingly used in malware campaigns since October 2024, including an ongoing crypto-themed malvertising attack as of April 2025. to deploy malware, shifting from traditional scripts like Python or PHP. Microsoft has observed Node.js

Social Engineering 117

Social Engineering Malware Cryptocurrency Engineering 117

The Hacker News

JUNE 19, 2024

A threat actor who goes by alias markopolo has been identified as behind a large-scale cross-platform scam that targets digital currency users on social media with information stealer malware and carries out cryptocurrency theft.

Scams 136

Scams Software Cryptocurrency Media 136

The Hacker News

FEBRUARY 23, 2023

Trojanized versions of legitimate applications are being used to deploy evasive cryptocurrency mining malware on macOS systems. Jamf Threat Labs, which made the discovery, said the XMRig coin miner was executed as Final Cut Pro, a video editing software from Apple, which contained an unauthorized modification. to download

Cryptocurrency 107

Cryptocurrency Malware Internet Internet 107

Krebs on Security

SEPTEMBER 17, 2020

The government alleges the men used malware-laced phishing emails and “supply chain” attacks to steal data from companies and their customers. ” Once inside of a target organization, the hackers stole source code, software code signing certificates, customer account data and other information they could use or resell.

Antivirus 363

Antivirus Hacking Software Government 363

SecureList

JANUARY 13, 2022

The group seems to work more like a unit within a larger formation of Lazarus attackers, with the ability to tap into its vast resources: be it malware implants, exploits, or infrastructure. Also, we have previously reported on cryptocurrency-focused BlueNoroff attacks. Malware infection.

Cryptocurrency 145

Cryptocurrency Malware Accountability Banking 145

Krebs on Security

SEPTEMBER 5, 2023

Since then, a steady trickle of six-figure cryptocurrency heists targeting security-conscious people throughout the tech industry has led some security experts to conclude that crooks likely have succeeded at cracking open some of the stolen LastPass vaults. “The victim profile remains the most striking thing,” Monahan wrote.

Cryptocurrency 361

Cryptocurrency Passwords Encryption Accountability 361

Security Affairs

APRIL 3, 2021

Code repository hosting service GitHub launched an investigation in a series of attacks aimed at abusing its infrastructure to illicitly mine cryptocurrency. Such kind of attacks was reported at least since the end of 2020, when some software developers reported the malicious activity on their repositories. Pierluigi Paganini.

Cryptocurrency 144

Cryptocurrency Accountability Software Engineering 144

Security Affairs

MAY 4, 2025

When the malware was successful, the ransomware then created a ransom note on the victims system that directed the victim to send $10,000 worth of Bitcoin to a cryptocurrency address controlled by a co-conspirator and to send proof of this payment to a Black Kingdom email address.”

Ransomware 115

Ransomware Encryption VPN Malware 115

Security Affairs

JULY 22, 2024

Huntress researchers observed the JavaScript downloader malware SocGholish (aka FakeUpdates ) that is being used to deliver remote access trojan AsyncRAT and the legitimate open-source project BOINC (Berkeley Open Infrastructure Network Computing Client). ” reads the report published by Huntress.

Malware 141

Malware Cryptocurrency Hacking Software 141

Schneier on Security

NOVEMBER 28, 2022

In one, the researcher explained they had installed antivirus software and performed a disk cleanup to “remove multiple viruses on the device.” All were free of malware and other defects and in perfect working condition with one exception: the audio driver was disabled. The laptops were freshly imaged Windows 10 laptops.

Antivirus 362

Antivirus Cryptocurrency Accountability Malware 362

Security Affairs

AUGUST 23, 2024

Cado Security researchers have discovered a malware-as-a-service (MaaS) targeting macOS users dubbed Cthulhu Stealer. Cthulhu Stealer targets macOS users via an Apple disk image (DMG) that disguises itself as legitimate software. The malware also gathers system info, including IP address and hardware/software information.

Malware 131

Malware Passwords Cryptocurrency Software 131

Security Affairs

OCTOBER 4, 2024

perfctl malware targets misconfigured Linux servers to deploy cryptocurrency miners and proxyjacking software in an ongoing campaign. Aqua Nautilus researchers shed light on a Linux malware, dubbed perfctl malware, that over the past 3-4 years targeted misconfigured Linux servers. ” reads the report.

Malware 136

Malware Cryptocurrency Encryption Software 136