Security Affairs

MAY 1, 2025

Hive0117 targets Russian firms in multiple sectors with phishing attacks using a modified version of the DarkWatchman malware. A cybercrime group named Hive0117 is behind a fresh phishing campaign that targeted Russian organizations with a new version of the DarkWatchman malware, according to Russian cybersecurity firm F6.

Malware 85

Malware Phishing Telecommunications Antivirus 85

Security Affairs

JUNE 11, 2025

.” As part of Operation Secure, Vietnamese police arrested 18 suspects and seized cash, SIMs, and documents tied to a scheme selling corporate accounts. Meanwhile, Hong Kong Police analyzed over 1,700 intel items from INTERPOL, uncovering 117 command-and-control servers used for phishing, fraud, and social media scams.

Cybercrime 52

Cybercrime Data collection Scams Cyber threats 52

Security Affairs

JANUARY 30, 2025

An international law enforcement operation targeted several major cybercrime websites, including Cracked, Nulled, Sellix, and StarkRDP. An international law enforcement operation led by Europol, code-named Operation Talent, dismantled several major cybercrime sites, including Cracked, Nulled, Sellix, and StarkRDP. and Nulled.to.”

Cybercrime 61

Cybercrime Hacking Cryptocurrency Phishing 61

Krebs on Security

AUGUST 19, 2021

. “According to this actor, he had originally intended to send his targets—all senior-level executives—phishing emails to compromise their accounts, but after that was unsuccessful, he pivoted to this ransomware pretext,” Hassold wrote. billion in 2020. Image: FBI. ” Image: Sophos. – Canada. – Australia.

Ransomware 363

Ransomware Social Engineering Cybercrime Scams 363

Krebs on Security

NOVEMBER 22, 2021

. “According to this actor, he had originally intended to send his targets—all senior-level executives—phishing emails to compromise their accounts, but after that was unsuccessful, he pivoted to this ransomware pretext,” Abnormal’s Crane Hassold wrote. Source: FBI/IC3 2020 Internet Crime Report.

Scams 332

Scams Cybercrime Banking Identity Theft 332

Security Affairs

NOVEMBER 11, 2023

The Royal Malaysian Police announced the seizure of the notorious BulletProftLink phishing-as-a-service (PhaaS) platform. The Royal Malaysian Police announced to have dismantled the notorious BulletProftLink phishing-as-a-service (PhaaS) platform. The operation was first documented on OSINT Fans by Gabor Szathmari in October 2020.

Phishing 143

Phishing Cybercrime Advertising Hacking 143

SecureList

MARCH 24, 2022

What are phishing kits? One of the most common tricks scammers use in phishing attacks is to create a fake official page of a famous brand. Even phishing page domain name can often look like the real web address of a certain brand, as cybercriminals include the name of the company or service they are posing as in the URL.

Phishing 143

Phishing Marketing Banking Technology 143

Krebs on Security

JANUARY 30, 2024

” Group-IB dubbed the gang by a different name — 0ktapus — which was a nod to how the criminal group phished employees for credentials. The missives asked users to click a link and log in at a phishing page that mimicked their employer’s Okta authentication page. On July 28 and again on Aug. According to an Aug.

Social Engineering 359

Social Engineering Mobile Cybercrime Passwords 359

Krebs on Security

MAY 24, 2019

NYSE:FAF ] leaked hundreds of millions of documents related to mortgage deals going back to 2003, until notified this week by KrebsOnSecurity. He said anyone who knew the URL for a valid document at the Web site could view other documents just by modifying a single digit in the link.

Insurance 279

Insurance Banking Identity Theft Scams 279

eSecurity Planet

APRIL 8, 2025

A new and dangerous AI-powered hacking tool is making waves across the cybercrime underworld and experts say it could change the way digital attacks are launched. Xanthorox vision can analyze images and screenshots to extract sensitive data or interpret visual content useful for cracking passwords or reading stolen documents.

Social Engineering 109

Social Engineering Phishing Engineering Cyber threats 109

Security Affairs

MARCH 14, 2023

Microsoft warns of large-scale phishing attacks orchestrated with an open-source adversary-in-the-middle (AiTM) phishing kit available in the cybercrime ecosystem Adversary-in-the-middle (AiTM) phishing kits are becoming an essential technology in the cybercrime ecosystem that is used by multiple threat actors to launch phishing attacks.

Phishing 98

Phishing Cybercrime Authentication Advertising 98

Security Affairs

MAY 5, 2021

A new cybercrime gang, tracked as UNC2529 , has targeted many organizations in the US and other countries using new sophisticated malware. The group targeted the organization with phishing attacks aimed at spreading at least three new sophisticated malware strains. The post UNC2529, a new sophisticated cybercrime gang that targets U.S.

Cybercrime 135

Cybercrime Malware Manufacturing Retail 135

Security Affairs

MARCH 31, 2025

Russia-linked Gamaredon targets Ukraine with a phishing campaign using troop-related lures to deploy the Remcos RAT via PowerShell downloader. Armageddon , Primitive Bear , ACTINIUM , Callisto ) targets Ukraine with a phishing campaign. Talos researchers warn that Russia-linked APT group Gamaredon (a.k.a.

Phishing 112

Phishing Antivirus Encryption Hacking 112

SecureWorld News

JANUARY 30, 2025

In a coordinated international effort, law enforcement agencies from the United States, Europe, and Australia have dismantled Cracked and Nulled, two of the world's largest cybercrime marketplaces. By dismantling these two major forums, law enforcement agencies have disrupted a global supply chain of cybercrime tools.

Cybercrime 112

Cybercrime Identity Theft Hacking Cryptocurrency 112

Krebs on Security

SEPTEMBER 6, 2021

In May 2015, KrebsOnSecurity briefly profiled “ The Manipulaters ,” the name chosen by a prolific cybercrime group based in Pakistan that was very publicly selling spam tools and a range of services for crafting, hosting and deploying malicious email. One of several current Fudtools sites run by The Manipulaters.

Software 320

Software Phishing Cybercrime Accountability 320

Security Affairs

AUGUST 12, 2021

Microsoft warns of a long-running spear-phishing campaign that has targeted Office 365 customers in multiple attacks since July 2020. Microsoft revealed that a year-long spear-phishing campaign has targeted Office 365 customers in multiple attacks starting with July 2020. SecurityAffairs – hacking, cybercrime). com , or api[.]statvoo[.]com

Phishing 128

Phishing Passwords Encryption Cybercrime 128

Malwarebytes

JUNE 8, 2021

Sometimes, it’s used even if an attack being discussed is a basic phish, or maybe some very generic malware. A Latvian woman has been charged for their alleged role in a transnational cybercrime organisation. As touched on above, the group hired experts in a variety of cybercrime fields. What happened this week, you ask?

Cybercrime 133

Cybercrime Malware Banking Phishing 133

Malwarebytes

JULY 19, 2022

A new phishing campaign targeting PayPal users aims to get extensive data from potential victims. The data it’s after includes government documents like passport, as well as selfie photos. PayPal phishing sites are a dime a dozen due to the number of people and companies using it as another form of payment method.

Phishing 127

Phishing Social Engineering Accountability Engineering 127

Schneier on Security

JANUARY 28, 2021

A coordinated effort has captured the command-and-control servers of the Emotet botnet: Emotet establishes a backdoor onto Windows computer systems via automated phishing emails that distribute Word documents compromised with malware.

Malware 255

Malware Phishing Ransomware Cybercrime 255

Security Affairs

APRIL 18, 2024

carmaker with spear-phishing attacks. In late 2023, BlackBerry researchers spotted the threat actor FIN7 targeting a large US automotive manufacturer with a spear-phishing campaign. BlackBerry reported that the financially motivated group FIN7 targeted the IT department of a large U.S. com”, which is a free online scanner.

Phishing 131

Phishing Cybercrime Manufacturing Hacking 131

SecureWorld News

FEBRUARY 18, 2021

In court documents unsealed this week, the United States Department of Justice revealed its hand to show new evidence. The unsealed documents highlight a number of attack targets and motives in an effort to hack, digitally intrude, and defraud. The list goes on. Demers of the DOJ's National Security Division. global targets.

Hacking 109

Hacking Cryptocurrency Computers and Electronics Banking 109

Malwarebytes

MAY 8, 2025

We discovered a new phishing kit targeting payroll and payment platforms that aims to not only steal victims’ credentials but also to commit wire fraud. Clicking on the ad sent employees and employers to a phishing website impersonating Deel. Phishing portal and 2FA The first phishing domain we saw was login-deel[.]app

Phishing 112

Phishing Authentication Engineering Banking 112

Security Affairs

MAY 13, 2024

Experts reported that since April, the Phorpiex botnet sent millions of phishing emails to spread LockBit Black ransomware. Subject lines included “your document” and “photo of you???”. Phishing Reporting : Report phishing emails and other malicious cyber activities to relevant authorities like the FBI’s IC3 and the NJCCIC.

Phishing 132

Phishing Ransomware Security Awareness Authentication 132

Schneier on Security

FEBRUARY 7, 2023

In the past, these families typically relied on phishing and malicious spam that attached Microsoft Word documents with booby-trapped macros. The surge is coming from numerous malware families, including AuroraStealer, IcedID, Meta Stealer, RedLine Stealer, Vidar, Formbook, and XLoader.

Malware 284

Malware Phishing Cybercrime 284

Security Affairs

JUNE 13, 2021

The Anti-Phishing Working Group (APWG) revealed that the number of phishing websites peaked at record levels in the first quarter of 2021. The Anti-Phishing Working Group (APWG) has published its new Phishing Activity Trends Report related to the first quarter of 2021. Reported Phishing Websites for Q1 2021.

Phishing 126

Phishing Advertising Cryptocurrency Encryption 126

Security Affairs

JULY 8, 2022

. “The systematic attacks observed against Ukraine include reported and suspected phishing attacks against Ukrainian state authorities, Ukrainian individuals and organizations, and the general population.” In some of the attacks, threat actors used an Excel document named Nuclear.xls, suggesting an alarming lure.

Cybercrime 115

Cybercrime Malware DDOS Ransomware 115

Security Affairs

APRIL 23, 2022

Ukraine CERT-UA warns of phishing attacks on state organizations of Ukraine using the topic “Azovstal” and Cobalt Strike Beacon. The analysis of encryption techniques employed in the attack allowed the government experts to associate the campaign with the cybercrime group Trickbot. To nominate, please visit:?

Phishing 102

Phishing Cybercrime Ransomware Encryption 102

SecureList

OCTOBER 20, 2021

Having been in the field for so long, we have witnessed some major changes in the cybercrime world’s modus operandi. This report shares our insights into the Russian-speaking cybercrime world and the changes in how it operates that have happened in the past five years.

Cybercrime 145

Cybercrime Banking Malware Ransomware 145

Security Affairs

AUGUST 20, 2022

TA558 cybercrime group is behind a malware campaign targeting hospitality, hotel, and travel organizations in Latin America. Researchers from Proofpoint are monitoring a malware campaign conducted by a cybercrime group, tracked as TA558, that is targeting hospitality, hotel, and travel organizations in Latin America.

Cybercrime 98

Cybercrime Malware Phishing Internet 98

The Last Watchdog

SEPTEMBER 28, 2022

Phishing attacks are nothing new, but scammers are getting savvier with their tactics. Other Iranian-based cyberattacks have included hackers targeting Albanian government systems and spear phishing scams. Here are four new phishing trends keeping businesses on their toes. Spear phishing. Phishing via texting.

Phishing 124

Phishing Scams Cybercrime Passwords 124

SecureList

DECEMBER 6, 2022

There are two main types of online fraud aimed at stealing user data and money: phishing and scams. The history of scams and phishing. The term “phishing” was coined back in 1996, when cybercriminals attacked users of America Online (AOL), the largest internet provider at that time. Phishing site with chat support.

Scams 135

Scams Phishing Social Engineering Banking 135

Security Affairs

DECEMBER 10, 2024

This social engineering scheme has been amplified by targeted phishing, smishing, and vishing activities, with a noticeable increase around the winter holidays. In one documented call reported by Resecurity, the victim was contacted by an individual with an Indian accent and background noise typical of call centers.

Social Engineering 111

Social Engineering Phishing Banking DNS 111

SecureList

JUNE 26, 2023

TOP 10 threats for SMBs, January-May 2022 ( download ) TOP 10 threats for SMBs, January-May 2023 ( download ) Cybercriminals attempt to deliver this and other malware and unwanted software to employees’ devices by using any means necessary, such as vulnerability exploitation, phishing e-mails and fake text messages.

Cybercrime 124

Cybercrime Phishing Banking Malware 124

Krebs on Security

AUGUST 29, 2023

government today announced a coordinated crackdown against QakBot , a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. QakBot is most commonly delivered via email phishing lures disguised as something legitimate and time-sensitive, such as invoices or work orders.

Hacking 316

Hacking Malware Ransomware Government 316

Security Affairs

JUNE 17, 2021

UNC2465 cybercrime group that is affiliated with the Darkside ransomware gang has infected with malware the website of a CCTV camera vendor. In the documented attack, once the backdoor is deployed, UNC2465 interactively established an NGROK tunnel and performed lateral movements in less than 24 hours. Pierluigi Paganini.

Cybercrime 111

Cybercrime Ransomware Software Antivirus 111

Security Affairs

SEPTEMBER 18, 2020

Web-phishing targeting various online services almost doubled during the COVID-19 pandemic , it accounted for 46 percent of the total number of fake web pages. Secure web- phishing. In the first six months of 2020, CERT-GIB blocked a total of 9 304 phishing web resources, which is an increase of 9 percent compared to the previous year.

Phishing 136

Phishing Ransomware Spyware Banking 136

Malwarebytes

JULY 19, 2022

This data includes identification documents, spreadsheets related to Roblox creators, and various email addresses. At time of writing, there’s no specifics with regard to the “identification documents” This could mean driving licence, passport, employee ID scan…we simply don’t know at the moment.

Accountability 98

Accountability Phishing Hacking Ransomware 98