SecureList

NOVEMBER 17, 2021

Last year, we foresaw the APT and cybercrime worlds becoming more porous on an operational level. When we wrote this prediction, we were mainly thinking about a continuation of all the malicious activities targeting VPN appliances. Let’s start by looking at the predictions we made for 2021.

Mobile 139

Mobile Surveillance Ransomware Government 139

Identity IQ

FEBRUARY 8, 2024

But the dark web is also associated with illegal activities including the trafficking of drugs, weapons, and illegal pornography, hacking and cybercrime, terrorism, and the sale of stolen data or personal information. Surveillance and monitoring initiatives that enable authorities to track and identify individuals on the dark web.

Identity Theft 98

Identity Theft Cryptocurrency Government Engineering 98

Security Boulevard

JANUARY 28, 2022

Basic OTR Protocol Overview in the context of the global growing cybercrime trend. It should be worth pointing out over 98% of Russian and Eastern European cybercrime-friendly propositions actively rely on the use of public and private proprietary Jabber-based servers and active OTR (Off-the-Record) type of communications.

Encryption 103

Encryption Cybercrime Social Engineering Mobile 103

Krebs on Security

MARCH 29, 2022

In a blog post about their recent hack, Microsoft said LAPSUS$ succeeded against its targets through a combination of low-tech attacks, mostly involving old-fashioned social engineering — such as bribing employees at or contractors for the target organization. ” The price: $100 to $250 per request.

Accountability 275

Accountability Government Hacking Social Engineering 275

SecureList

OCTOBER 17, 2023

This strategic shift signals its intent to intensify its surveillance capabilities and expand its range of targets. These variants go beyond Ligolo’s standard functionality and attempt to emulate VPN solutions from Cisco and Palo Alto. We have also seen a campaign from a newly discovered threat actor, BadRory.

Government 118

Government Malware VPN Manufacturing 118

SecureList

APRIL 27, 2021

The attackers used vulnerabilities in an SSL-VPN product to deploy a multi-layered loader we dubbed Ecipekac (aka DESLoader, SigLoader and HEAVYHAND). The group’s operations were exposed in 2018, showing that it was conducting surveillance attacks against individuals in the Middle East. Final thoughts.

Malware 143

Malware Spyware Government Social Engineering 143

SecureList

OCTOBER 26, 2021

On June 3, Check Point published a report about an ongoing surveillance operation targeting a Southeast Asian government, and attributed the malicious activities to a Chinese-speaking threat actor named SharpPanda. The samples we analyzed mimicked various applications such as private messaging, VPN, and media services. Final thoughts.

Malware 144

Malware Government Surveillance Spyware 144