Malware and Marketing - Cyber Security Informer

Pakistan Arrests 21 in ‘Heartsender’ Malware Service

Krebs on Security

MAY 28, 2025

Authorities in Pakistan have arrested 21 individuals accused of operating “ Heartsender ,” a once popular spam and malware dissemination service that operated for more than a decade. Some of the core developers and sellers of Heartsender posing at a work outing in 2021.

Malware

Malware Cybercrime Antivirus Scams

Actions Target Russian Govt. Botnet, Hydra Dark Market

Krebs on Security

APRIL 7, 2022

The DOJ said it did not seek to disinfect compromised devices; instead, it obtained court orders to remove the Cyclops Blink malware from its “command and control” servers — the hidden machines that allowed the attackers to orchestrate the activities of the botnet. energy facilities. ” HYDRA. . ” HYDRA. .

Marketing

Marketing Energy and Utilities Malware Ransomware

This Service Helps Malware Authors Fix Flaws in their Code

Krebs on Security

MAY 18, 2020

Almost daily now there is news about flaws in commercial software that lead to computers getting hacked and seeded with malware. Here’s a look at one long-lived malware vulnerability testing service that is used and run by some of the Dark Web’s top cybercriminals. RedBear’s profile on the Russian-language xss[.]is

Malware

Malware Cybercrime Ransomware Marketing

SK Telecom revealed that malware breach began in 2022

Security Affairs

MAY 20, 2025

It holds about 48% of the market share for mobile services, meaning around 34 million subscribers use its network. In April, SK Telecom reported that threat actors gained access to USIM-related information for customers following a malware attack. million users affected by a malware breach that exposed sensitive data. .

Malware

Malware Mobile Data breaches Wireless

Google Chrome AI extensions deliver info-stealing malware in broad attack

Malwarebytes

JANUARY 9, 2025

Small businesses and boutique organizations should use caution when leaning on browser-friendly artificial intelligence (AI) tools to generate ideas, content, and marketing copy, as a set of Google Chrome extensions were recently compromised to deliver info-stealing malware disguised as legitimate updates.

Malware

Malware Small Business Artificial Intelligence VPN

Dark Web Alert: Genesis Market Returns with Stealthy Browser Extension Attack

Penetration Testing

MAY 22, 2025

The Genesis Market, a notorious dark web marketplace dismantled by law enforcement in early 2023, appears to return. The post Dark Web Alert: Genesis Market Returns with Stealthy Browser Extension Attack appeared first on Daily CyberSecurity.

Marketing

Marketing Cybersecurity Phishing Cybercrime

Seized Genesis Market Data is Now Searchable in Have I Been Pwned, Courtesy of the FBI and "Operation Cookie Monster"

Troy Hunt

APRIL 5, 2023

And in turn, the criminals adapt, which brings us to Genesis Market. The FBI approached me and asked if HIBP could be used as a mechanism to help warn victims of their exposure in the same way as we'd previously done with the Emotet malware a couple of years ago. Until this week, Genesis had been up and running for 4 years.

Marketing

Marketing Passwords Authentication Accountability

SpyLend Android malware found on Google Play enabled financial cyber crime and extortion

Security Affairs

FEBRUARY 24, 2025

CYFIRMA researchers discovered that the SpyLend Android malware was downloaded 100,000 times from the official app store Google Play. CYFIRMA researchers discovered an Android malware, named SpyLend, which was distributed through Google Play as Finance Simplified. ” reads the report published by CYFIRMA.

Malware

Malware Marketing Hacking Mobile

DeepSeek and AI-Generated Malware Pose New Danger for Cybersecurity

SecureWorld News

MARCH 13, 2025

A recent report from Tenable highlights how DeepSeek R1, an open-source AI model, can generate rudimentary malware, including keyloggers and ransomware. While the AI-generated malware required manual debugging to function properly, its mere existence signals an urgent need for security teams to adapt their defenses.

Malware

Malware Cybersecurity Cyber threats Threat Detection

Why Phishers Love New TLDs Like.shop,top and.xyz

Krebs on Security

DECEMBER 3, 2024

A study on phishing data released by Interisle Consulting finds that new gTLDs introduced in the last few years command just 11 percent of the market for new domains, but accounted for roughly 37 percent of cybercrime domains reported between September 2023 and August 2024. Image: Shutterstock.

Cybercrime

Cybercrime Phishing Accountability Internet

Russia's COLDRIVER Targets Western Entities with 'LOSTKEYS' Malware

SecureWorld News

MAY 9, 2025

Google's Threat Intelligence Group (GTIG) has identified a new malware strain, dubbed "LOSTKEYS," attributed to the Russian state-sponsored hacking group COLDRIVER. The introduction of LOSTKEYS signifies a strategic shift towards deploying malware for direct data exfiltration.

Malware

Malware Social Engineering Engineering Government

An Interview With the Target & Home Depot Hacker

Krebs on Security

NOVEMBER 14, 2024

Shefel asserts he and his team were responsible for developing the card-stealing malware that Golubov’s hackers installed on Target and Home Depot payment terminals, and that at the time he was technical director of a long-running Russian cybercrime community called Lampeduza. “I’m also godfather of his second son.”

Retail

Retail Advertising Cryptocurrency Marketing

Accused ‘Raccoon’ Malware Developer Fled Ukraine After Russian Invasion

Krebs on Security

OCTOBER 31, 2022

A 26-year-old Ukrainian man is awaiting extradition from The Netherlands to the United States on charges that he acted as a core developer for Raccoon , a popular “malware-as-a-service” offering that helped paying customers steal passwords and financial data from millions of cybercrime victims. According to the U.S.

Malware

Malware Identity Theft Cybercrime Accountability

FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang

Krebs on Security

JANUARY 31, 2025

The FBI and authorities in The Netherlands this week seized dozens of servers and domains for a hugely popular spam and malware dissemination service operating out of Pakistan. The proprietors of the service, who use the collective nickname “ The Manipulaters ,” have been the subject of three stories published here since 2015.

Phishing

Phishing Cybercrime Advertising Malware

Orcus RAT Author Charged in Malware Scheme

Krebs on Security

NOVEMBER 13, 2019

In July 2016, KrebsOnSecurity published a story identifying a Toronto man as the author of the Orcus RAT , a software product that’s been marketed on underground forums and used in countless malware attacks since its creation in 2015. An advertisement for Orcus RAT. Several former customers of his took to Hackforums[.]net

Malware

Malware Advertising Marketing System Administration

Booking.com Phishers May Leave You With Reservations

Krebs on Security

NOVEMBER 1, 2024

According to the market share website statista.com , booking.com is by far the Internet’s busiest travel service, with nearly 550 million visits in September. In November 2023, the security firm SecureWorks detailed how scammers targeted booking.com hospitality partners with data-stealing malware.

Phishing

Phishing Accountability Artificial Intelligence Cybercrime

No SOCKS, No Shoes, No Malware Proxy Services!

Krebs on Security

AUGUST 2, 2022

Compounding the problem, several remaining malware-based proxy services have chosen to block new registrations to avoid swamping their networks with a sudden influx of customers. com , a malware-based proxy network that has been in existence since at least 2010. Last week, a seven-year-old proxy service called 911[.]re

Malware

Malware Cybercrime Internet Internet

Vietnamese Hackers Using New Delphi-Powered Malware to Target Indian Marketers

The Hacker News

NOVEMBER 14, 2023

The Vietnamese threat actors behind the Ducktail stealer malware have been linked to a new campaign that ran between March and early October 2023, targeting marketing professionals in India with an aim to hijack Facebook business accounts. "An

Marketing

Marketing Malware Accountability

New ReaderUpdate malware variants target macOS users

Security Affairs

MARCH 26, 2025

New ReaderUpdate malware variants, now written in Crystal, Nim, Rust, and Go, targets macOS users, SentinelOne warns. SentinelOne researchers warn that multiple versions of the ReaderUpdate malware written in Crystal, Nim, Rust, and Go programming languages, are targeting macOS users. The malware maintains persistence via a.plist file.

Malware

Malware Adware Antivirus Marketing

Giving a Face to the Malware Proxy Service ‘Faceless’

Krebs on Security

APRIL 18, 2023

For the past seven years, a malware-based proxy service known as “ Faceless ” has sold anonymity to countless cybercriminals. The proxy lookup page inside the malware-based anonymity service Faceless. Image: spur.us. as a media sharing device on a local network that was somehow exposed to the Internet.

Malware

Malware Passwords Accountability Advertising

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Krebs on Security

JUNE 1, 2023

This post is a deep dive on “ Megatraffer ,” a veteran Russian hacker who has practically cornered the underground market for malware focused code-signing certificates since 2015. More recently, it appears Megatraffer has been working with ransomware groups to help improve the stealth of their malware.

Malware

Malware Cybercrime Software Accountability

Escobar mobile malware targets 190 banking and financial apps, steals 2FA codes

Tech Republic Security

MARCH 17, 2022

A new Android mobile malware dubbed Escobar has hit the cybercrime underground market. The post Escobar mobile malware targets 190 banking and financial apps, steals 2FA codes appeared first on TechRepublic. Read more about it and see how to protect yourself from this threat.

Mobile

Mobile Banking Malware Cybercrime

Empire Market owners charged with operating $430M dark web marketplace

Security Affairs

JUNE 17, 2024

Federal authorities charged two individuals with operating the dark web marketplace Empire Market that facilitated over $430 million in illegal transactions. currency on AlphaBay before starting Empire Market. “They began operating Empire Market on Feb. “They began operating Empire Market on Feb.

Marketing

Marketing Cryptocurrency DDOS Scams

How Phishers Are Slinking Their Links Into LinkedIn

Krebs on Security

FEBRUARY 3, 2022

At issue is a “redirect” feature available to businesses that chose to market through LinkedIn.com. Here’s the very first Slink created: [link] which redirects to the homepage for LinkedIn Marketing Solutions. A recent phishing site that abused LinkedIn’s marketing redirect. Image: Urlscan.io.

Phishing

Phishing Marketing Scams Accountability

Over 225,000 Compromised ChatGPT Credentials Up for Sale on Dark Web Markets

The Hacker News

MARCH 5, 2024

More than 225,000 logs containing compromised OpenAI ChatGPT credentials were made available for sale on underground markets between January and October 2023, new findings from Group-IB show. These credentials were found within information stealer logs associated with LummaC2, Raccoon, and RedLine stealer malware.

Marketing

Marketing Malware

German police seized the dark web marketplace Kingdom Market

Security Affairs

DECEMBER 20, 2023

The German police seized the dark web marketplace Kingdom Market as a result of an international law enforcement operation. The Kingdom Market was established in March 2021, the offer of the dark web marketplace included drugs, malware, stolen data, and forged documents.

Marketing

Marketing Cryptocurrency Accountability Banking

Canada Uses Civil Anti-Spam Law in Bid to Fine Malware Purveyors

Krebs on Security

MAY 30, 2019

Federal Communications Commission (FCC), executed a search warrant in tandem with the Royal Canadian Mounted Police (RCMP) at the home of a Toronto software developer behind the Orcus RAT , a product that’s been marketed on underground forums and used in countless malware attacks since its creation in 2015.

Computers and Electronics

Computers and Electronics Malware Software Telecommunications

Mollitiam Industries is the Newest Cyberweapons Arms Manufacturer

Schneier on Security

JUNE 23, 2021

To evade detection, the malware makes use of the company’s so-called “invisible low stealth technology” and its Android product is advertised as having “low data and battery consumption” to prevent people from suspecting their phone or tablet has been infected.

Manufacturing

Manufacturing Spyware Surveillance Marketing

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Now new findings reveal that AVrecon is the malware engine behind a 12-year-old service called SocksEscort , which rents hacked residential and small business devices to cybercriminals looking to hide their true location online. ” According to Kilmer, AVrecon is the malware that gives SocksEscort its proxies.

Malware

Malware VPN Internet Internet

Security Affairs newsletter Round 494 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

OCTOBER 20, 2024

CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalog North Korea-linked APT37 exploited IE zero-day in a recent attack Omni Family Health data breach impacts 468,344 individuals Iran-linked actors target critical infrastructure organizations macOS HM Surf flaw in TCC allows bypass Safari privacy settings Two Sudanese (..)

Data breaches

Data breaches Cybercrime Cyber Insurance Marketing

U.S. Govt. Apps Bundled Russian Code With Ties to Mobile Malware Developer

Krebs on Security

NOVEMBER 28, 2022

But that story omitted an important historical detail about Pushwoosh: In 2013, one of its developers admitted to authoring the Pincer Trojan , malware designed to surreptitiously intercept and forward text messages from Android mobile devices. ” wherein Shmakov acknowledged writing the malware as a freelance project.

Mobile

Mobile Malware Technology Government

SHARED INTEL: From airbags to malware: vehicle cyber safety arises in the age of connected cars

The Last Watchdog

MAY 15, 2023

These include ransomware targeting backend servers, distributed denial of service (DDoS) attacks, destructive malware, and even weaponizing charging stations to deploy malware. He told Last Watchdog that apart from conventional attacks, such as data theft and vehicle theft, much more worrisome types of attacks are emerging.

Malware

Malware Manufacturing IoT Software

FBI Hacker Dropped Stolen Airbus Data on 9/11

Krebs on Security

SEPTEMBER 13, 2023

Info-stealers like RedLine typically are deployed via opportunistic email malware campaigns, and by secretly bundling the trojans with cracked versions of popular software titles made available online. In June 2023, the FBI seized the BreachForums domain name , but the forum has since migrated to a new domain.

Cybercrime

Cybercrime Passwords Authentication Malware

U.S. Indicts North Korean Hackers in Theft of $200 Million

Krebs on Security

FEBRUARY 17, 2021

The accused allegedly developed and marketed a series of cryptocurrency applications that were advertised as tools to help people manage their crypto holdings. In reality, prosecutors say, the programs were malware or downloaded malware after the applications were installed.

Cryptocurrency

Cryptocurrency Financial Services Banking Government

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 11

Security Affairs

SEPTEMBER 15, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware

Malware Spyware Banking Ransomware

Understanding Malware-as-a-Service

SecureList

JUNE 15, 2023

Thus, it was inevitable that malware creators would one day begin not only to distribute malicious programs themselves, but also to sell them to less technically proficient attackers, thereby lowering the threshold for entering the cybercriminal community. A MaaS operator is typically a team consisting of several people with distinct roles.

Malware

Malware Ransomware Cybercrime Hacking

Phishers are Angling for Your Cloud Providers

Krebs on Security

AUGUST 30, 2019

Many companies are now outsourcing their marketing efforts to cloud-based Customer Relationship Management (CRM) providers. On August 21, multiple United Rental customers reported receiving invoice emails with booby-trapped links that led to a malware download for anyone who clicked.

Phishing

Phishing Marketing Accountability DNS

Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work

Krebs on Security

OCTOBER 8, 2020

Each day, millions of malware-laced emails are blasted out containing booby-trapped attachments. From there, the infected system will report home to a malware control server operated by the spammers who sent the missive. ” WHO IS DR. . ” WHO IS DR. SAMUIL?

Cybercrime

Cybercrime Malware VPN Ransomware

Robocall Legal Advocate Leaks Customer Data

Krebs on Security

AUGUST 3, 2020

The Blacklist Alliance provides technologies and services to marketing firms concerned about lawsuits under the Telephone Consumer Protection Act (TCPA), a 1991 law that restricts the making of telemarketing calls through the use of automatic telephone dialing systems and artificial or prerecorded voice messages.

Mobile

Mobile Marketing Consumer Protection Wireless

Android malware, Android malware and more Android malware

SecureList

MARCH 20, 2024

Introduction Malware for mobile devices is something we come across very often. million malware, adware, and riskware attacks on mobile devices. Last month, we wrote a total of four private crimeware reports on Android malware, three of which are summarized below. Their products were primarily intended for the Russian market.

Malware

Malware Mobile Firmware Spyware

Crooks use Google Tag Manager skimmer to steal credit card data from a Magento-based e-stores

Security Affairs

FEBRUARY 11, 2025

Sucuri researchers found threat actors using Google Tag Manager (GTM) to deploy e-skimmer malware on a Magento eCommerce site. Google Tag Manager (GTM) is a free tool that lets website owners manage marketing tags without modifying site code, simplifying analytics and ad tracking. ” Sucuri concludes.

eCommerce

eCommerce Malware Marketing Hacking

DeepSeek: The Silent AI Takeover That Could Cripple Markets and Fuel China’s Cyberwarfare

Security Boulevard

JANUARY 28, 2025

With AI-driven automation at its disposal, China can rapidly scale its cyberattacks, embedding malware, manipulating financial markets, and eroding trust in global AI [] The post DeepSeek: The Silent AI Takeover That Could Cripple Markets and Fuel Chinas Cyberwarfare appeared first on CISO Global.

Marketing

Marketing CISO Surveillance Government

AMOS and Lumma stealers actively spread to Reddit users

Malwarebytes

MARCH 18, 2025

These two malware families have wreaked havoc, pillaging victims’ personal data and enabling their distributors to make substantial gains, mostly by taking over cryptocurrency wallets. Double zipped malware Both Mac and Windows files are double zipped, with the final zip being password protected.

Cryptocurrency

Cryptocurrency Malware Scams Antivirus

TEMU sued for being “dangerous malware” by Arkansas Attorney General

Malwarebytes

JUNE 28, 2024

Temu purports to be an online shopping platform, but it is dangerous malware, surreptitiously granting itself access to virtually all data on a user’s cellphone.” But according to reporting last year from Wired , Temu’s low prices are easy to decipher—Temu itself is losing millions of dollars to break into the US market.

Malware

Malware Manufacturing Spyware Mobile

Pakistan Arrests 21 in ‘Heartsender’ Malware Service

Actions Target Russian Govt. Botnet, Hydra Dark Market

Trending Sources

This Service Helps Malware Authors Fix Flaws in their Code

SK Telecom revealed that malware breach began in 2022

Google Chrome AI extensions deliver info-stealing malware in broad attack

Dark Web Alert: Genesis Market Returns with Stealthy Browser Extension Attack

Seized Genesis Market Data is Now Searchable in Have I Been Pwned, Courtesy of the FBI and "Operation Cookie Monster"

SpyLend Android malware found on Google Play enabled financial cyber crime and extortion

DeepSeek and AI-Generated Malware Pose New Danger for Cybersecurity

Why Phishers Love New TLDs Like.shop,top and.xyz

Russia's COLDRIVER Targets Western Entities with 'LOSTKEYS' Malware

An Interview With the Target & Home Depot Hacker

Accused ‘Raccoon’ Malware Developer Fled Ukraine After Russian Invasion

FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang

Orcus RAT Author Charged in Malware Scheme

Booking.com Phishers May Leave You With Reservations

No SOCKS, No Shoes, No Malware Proxy Services!

Vietnamese Hackers Using New Delphi-Powered Malware to Target Indian Marketers

New ReaderUpdate malware variants target macOS users

Giving a Face to the Malware Proxy Service ‘Faceless’

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Escobar mobile malware targets 190 banking and financial apps, steals 2FA codes

Empire Market owners charged with operating $430M dark web marketplace

How Phishers Are Slinking Their Links Into LinkedIn

Over 225,000 Compromised ChatGPT Credentials Up for Sale on Dark Web Markets

German police seized the dark web marketplace Kingdom Market

Canada Uses Civil Anti-Spam Law in Bid to Fine Malware Purveyors

Mollitiam Industries is the Newest Cyberweapons Arms Manufacturer

Who and What is Behind the Malware Proxy Service SocksEscort?

Security Affairs newsletter Round 494 by Pierluigi Paganini – INTERNATIONAL EDITION

U.S. Govt. Apps Bundled Russian Code With Ties to Mobile Malware Developer

SHARED INTEL: From airbags to malware: vehicle cyber safety arises in the age of connected cars

FBI Hacker Dropped Stolen Airbus Data on 9/11

U.S. Indicts North Korean Hackers in Theft of $200 Million

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 11

Understanding Malware-as-a-Service

Phishers are Angling for Your Cloud Providers

Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work

Robocall Legal Advocate Leaks Customer Data

Android malware, Android malware and more Android malware

Crooks use Google Tag Manager skimmer to steal credit card data from a Magento-based e-stores

DeepSeek: The Silent AI Takeover That Could Cripple Markets and Fuel China’s Cyberwarfare

AMOS and Lumma stealers actively spread to Reddit users

TEMU sued for being “dangerous malware” by Arkansas Attorney General

Stay Connected