Security Affairs

SEPTEMBER 2, 2022

Researchers attribute the Raspberry Robin malware to the Russian cybercrime group known as Evil Corp group. IBM Security X-Force researchers discovered similarities between a component used in the Raspberry Robin malware and a Dridex malware loader, which was part of the malicious operations of the cybercrime gang Evil Corp.

Cybercrime 105

Cybercrime Malware Backups Manufacturing 105

Krebs on Security

JUNE 21, 2023

If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or “crypt” your malware so that it appears benign to antivirus and security products. This story explores the history and identity behind Cryptor[.]biz WHO RUNS CRYPTOR[.]BIZ?

Malware 213

Malware Antivirus Cybercrime Hacking 213

Krebs on Security

OCTOBER 31, 2022

A 26-year-old Ukrainian man is awaiting extradition from The Netherlands to the United States on charges that he acted as a core developer for Raccoon , a popular “malware-as-a-service” offering that helped paying customers steal passwords and financial data from millions of cybercrime victims.

Malware 284

Malware Identity Theft Cybercrime Accountability 284

Security Affairs

NOVEMBER 23, 2023

Threat actors spread Atomic Stealer (AMOS) macOS information stealer via a bogus web browser update as part of the ClearFake campaign. Atomic Stealer (AMOS) macOS information stealer is now being delivered via a fake browser update chain tracked as ClearFake, Malwarebytes researchers warn.

Social Engineering 113

Social Engineering Passwords Malware Engineering 113

Bleeping Computer

JUNE 18, 2023

A new information-stealing malware named 'Mystic Stealer,' has been promoted on hacking forums and darknet markets since April 2023, quickly gaining traction in the cybercrime community. [.]

Malware 116

Malware Cybercrime Marketing Hacking 116

Krebs on Security

JUNE 15, 2021

Department of Justice (DOJ) last week announced the arrest of a 55-year-old Latvian woman who’s alleged to have worked as a programmer for Trickbot , a malware-as-a-service platform responsible for infecting millions of computers and seeding many of those systems with ransomware. Alla Witte’s personal website — allawitte[.]nl

Cybercrime 305

Cybercrime Ransomware Passwords Banking 305

Krebs on Security

JULY 25, 2023

Now new findings reveal that AVrecon is the malware engine behind a 12-year-old service called SocksEscort , which rents hacked residential and small business devices to cybercriminals looking to hide their true location online. ” According to Kilmer, AVrecon is the malware that gives SocksEscort its proxies.

Malware 197

Malware VPN Internet Internet 197

SecureWorld News

JULY 27, 2023

A new study from Uptycs has uncovered an increase in the distribution of information stealing malware. The 17-page report has a wealth of information, including the impact of stealers, the lifecycle of a stealer, the workflow of a stealer, and statistics around the stealers trending in 2023.

Malware 63

Malware Social Engineering Passwords Spyware 63

Security Affairs

APRIL 27, 2024

ThreatFabric researchers identified a new Android malware called Brokewell, which implements a wide range of device takeover capabilities. ThreatFabric researchers uncovered a new mobile malware named Brokewell, which is equipped with sophisticated device takeover features. ” reads the report published by ThreatFabric.

Malware 105

Malware Spyware Authentication Mobile 105

Security Affairs

NOVEMBER 22, 2022

Researchers warn of threat actors employing a new Go-based malware dubbed Aurora Stealer in attacks in the wild. Aurora Stealer is an info-stealing malware that was first advertised on Russian-speaking underground forums in April 2022. Aurora was offered as Malware-as-a-Service (MaaS) by a threat actor known as Cheshire.

Cybercrime 93

Cybercrime Malware Cryptocurrency Advertising 93

Krebs on Security

MAY 28, 2020

The United Kingdom’s anti-cybercrime agency is running online ads aimed at young people who search the Web for services that enable computer crimes, specifically trojan horse programs and DDoS-for-hire services. law enforcement agents in connection with various cybercrime investigations. FLATTENING THE CURVE.

Cybercrime 236

Cybercrime DDOS Advertising Hacking 236

SecureWorld News

AUGUST 16, 2023

Having your personal information involved in some type of cybersecurity incident or data breach is never fun. But how would you feel if those same hackers that exposed your information suddenly had theirs exposed? Hudson Rock's research delved deep into the underbelly of the cyber world, focusing on the top 100 cybercrime forums.

Cybercrime 66

Cybercrime Passwords Data collection Data breaches 66

Krebs on Security

MARCH 12, 2020

Recently, however, cybercrooks have started disseminating real-time, accurate information about global infection rates tied to the Coronavirus/COVID-19 pandemic in a bid to infect computers with malicious software. As long as this pandemic remains front-page news, malware purveyors will continue to use it as lures to snare the unwary.

Malware 364

Malware Passwords Cybercrime Software 364

Security Affairs

OCTOBER 22, 2023

Researchers linked Vietnamese threat actors to the string of DarkGate malware attacks on entities in the U.K., WithSecure researchers linked the recent attacks using the DarkGate malware to a Vietnamese cybercrime group previously known for the usage of Ducktail stealer. ” reads the report published by WithSecure.

Malware 106

Malware Cybercrime Hacking Information Security 106

Malwarebytes

SEPTEMBER 15, 2023

The report follows the Internet Organized Crime Assessment (IOCTA), Europol’s assessment of the cybercrime landscape and how it has changed over the last 24 months. These groups work closely with other malware-as-a-service groups to compromise high-revenue targets and post huge ransom demands, running into millions of Euros.

Cybercrime 104

Cybercrime Ransomware DDOS Backups 104

Krebs on Security

MAY 18, 2020

Almost daily now there is news about flaws in commercial software that lead to computers getting hacked and seeded with malware. Here’s a look at one long-lived malware vulnerability testing service that is used and run by some of the Dark Web’s top cybercriminals. is cybercrime forum.

Malware 308

Malware Cybercrime Ransomware Marketing 308

Krebs on Security

SEPTEMBER 13, 2023

In December 2022, KrebsOnSecurity broke the news that a cybercriminal using the handle “ USDoD ” had infiltrated the FBI ‘s vetted information sharing network InfraGard , and was selling the contact information for all 80,000 members. But on Sept. defense contractors. But on Sept. defense contractors.

Cybercrime 278

Cybercrime Passwords Authentication Malware 278

CyberSecurity Insiders

JUNE 26, 2023

AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. In recent months, a cybercrime group known as Blacktail has begun to make headlines as they continue to target organizations around the globe. The content of this post is solely the responsibility of the author.

Cybercrime 100

Cybercrime Social Engineering Ransomware Phishing 100

SecureList

JUNE 28, 2023

Introduction Andariel, a part of the notorious Lazarus group, is known for its use of the DTrack malware and Maui ransomware in mid-2022. Their campaign introduced several new malware families, such as YamaBot and MagicRat, but also updated versions of NukeSped and, of course, DTrack.

Malware 133

Malware Cybercrime Phishing Ransomware 133

SecureWorld News

MARCH 29, 2024

Malvertising acts as a vessel for malware propagation. Scammers and malware operators are increasingly adept at mimicking popular brands in their ad snippets, which makes it problematic for the average user to tell the wheat from the chaff. A stepping stone to impactful cybercrime This tactic has tangible real-world implications.

Cybercrime 80

Cybercrime Advertising Engineering Antivirus 80

CyberSecurity Insiders

JANUARY 3, 2023

The use of “wiper” malware will proliferate, erasing data from government and critical infrastructure systems as well as mobile phones. Originally intended to help companies erase data from company devices – a security technology – wiper software has morphed into wiper malware.

Technology 135

Technology Cybercrime Artificial Intelligence Government 135

Security Affairs

APRIL 12, 2024

TA547 group is targeting dozens of German organizations with an information stealer called Rhadamanthys, Proofpoint warns. Proofpoint researchers observed a threat actor, tracked as TA547, targeting German organizations with an email campaign delivering the Rhadamanthys malware.

Malware 101

Malware Social Engineering Retail Engineering 101

Security Affairs

AUGUST 20, 2022

TA558 cybercrime group is behind a malware campaign targeting hospitality, hotel, and travel organizations in Latin America. Researchers from Proofpoint are monitoring a malware campaign conducted by a cybercrime group, tracked as TA558, that is targeting hospitality, hotel, and travel organizations in Latin America.

Cybercrime 91

Cybercrime Malware Phishing Internet 91

Krebs on Security

AUGUST 2, 2022

Compounding the problem, several remaining malware-based proxy services have chosen to block new registrations to avoid swamping their networks with a sudden influx of customers. com , a malware-based proxy network that has been in existence since at least 2010. Last week, a seven-year-old proxy service called 911[.]re

Malware 249

Malware Cybercrime Internet Internet 249

Security Affairs

APRIL 24, 2024

A malware campaign has been exploiting the updating mechanism of the eScan antivirus to distribute backdoors and cryptocurrency miners. Avast researchers discovered and analyzed a malware campaign that exploited the update mechanism of the eScan antivirus to distribute backdoors and crypto miners. ” concludes the report.

Antivirus 98

Antivirus Malware DNS Cryptocurrency 98

Krebs on Security

NOVEMBER 16, 2022

A financial cybercrime group calling itself the Disneyland Team has been making liberal use of visually confusing phishing domains that spoof popular bank brands using Punycode , an Internet standard that allows web browsers to render domain names with non-Latin alphabets like Cyrillic. com — which was created to phish U.S.

Malware 265

Malware Banking Phishing DDOS 265

Security Affairs

OCTOBER 9, 2023

A threat actor has leaked the source code for the first version of the HelloKitty ransomware on a Russian-speaking cybercrime forum. The availability of the source in the cybercrime ecosystem can allow threat actors to develop their own version of the Hello Kitty ransomware.

Cybercrime 118

Cybercrime Ransomware DDOS Encryption 118

Security Affairs

APRIL 15, 2022

ZingoStealer is a new information-stealer developed by a threat actor known as Haskers Gang who released it for free after they attempted to sell the source code for $500. The cybercrime gang has been active since at least January 2020. SecurityAffairs – hacking, cybercrime). ” concludes the experts. Pierluigi Paganini.

Cybercrime 85

Cybercrime Malware Cryptocurrency Hacking 85

Krebs on Security

APRIL 18, 2023

For the past seven years, a malware-based proxy service known as “ Faceless ” has sold anonymity to countless cybercriminals. The proxy lookup page inside the malware-based anonymity service Faceless. MrMurza’s Faceless advertised on the Russian-language cybercrime forum ProCrd. Image: spur.us.

Malware 227

Malware Passwords Accountability Advertising 227

CSO Magazine

APRIL 18, 2023

Security researchers warn of a new malware loader that's used as part of the infection chain for the Aurora information stealer. The Aurora infostealer is written in Go and is operated as a malware-as-a-service platform that's advertised on Russian-language cybercrime forums.

Malware 120

Malware Cryptocurrency Cybercrime Advertising 120

Security Affairs

OCTOBER 16, 2023

Researchers uncovered an ongoing campaign abusing popular messaging platforms Skype and Teams to distribute the DarkGate malware. The threat actors abused popular messaging platforms such as Skype and Teams to deliver a script used as a loader for a second-stage payload, which was an AutoIT script containing the DarkGate malware.

Malware 106

Malware Cryptocurrency Accountability Cybercrime 106

The Hacker News

OCTOBER 20, 2023

A new information stealer named ExelaStealer has become the latest entrant to an already crowded landscape filled with various off-the-shelf malware designed to capture sensitive data from compromised Windows systems.

Cybercrime 107

Cybercrime Malware 107

Identity IQ

MAY 15, 2023

Juice Jacking: The Latest Cyber Threat to Your Personal Information and Devices IdentityIQ Juice jacking, a new cybercrime trend, is targeting people who charge their phones or tablets at public charging stations. To execute juice jacking, cybercriminals install malware or other malicious software on a public charging station.

Cyber threats 94

Cyber threats Identity Theft Malware Insurance 94

Security Affairs

NOVEMBER 27, 2021

HAEICHI-II: Interpol arrested 1,003 individuals charged for several cybercrimes, including romance scams, investment frauds, and online money laundering. The INTERPOL published more than 20 notices were published based on information relating to Operation HAECHI-II and identified 10 new fraudulent schemes. Pierluigi Paganini.

Cybercrime 109

Cybercrime Scams Banking Malware 109

Security Affairs

MARCH 6, 2021

A suspicious wave of attacks resulted in the hack of four cybercrime forums Verified, Crdclub, Exploit, and Maza since January. Since January, a series of mysterious cyberattacks that resulted in the hack of popular Russian-language cybercrime forums. No other information looked to be compromised in the attack.”

Cybercrime 145

Cybercrime DDOS Hacking Passwords 145

Security Affairs

APRIL 13, 2024

Researchers warn threat actors are manipulating GitHub search results to target developers with persistent malware. Checkmarx researchers reported that t hreat actors are manipulating GitHub search results to deliver persistent malware to developers systems. Merely checking for known vulnerabilities is insufficient.

Malware 114

Malware Cryptocurrency Encryption Hacking 114

Joseph Steinberg

JUNE 1, 2021

Cybercriminals Are Impersonating Meal-Kit Services In Order To Steal Money And Personal Information. Of course, such websites can also install malware on improperly protected devices used for access. So, if you so subscribe to any meal services, remember to be vigilant – scammers are presently focusing their targets on you.

Artificial Intelligence 290

Artificial Intelligence Scams Retail Phishing 290