cyber crime – Page 9 – Search.AI.Wiki

Police dismantled bulletproof hosting service provider Lolek Hosted

A joint operation conducted by European and U.S. law enforcement agencies dismantled the bulletproof hosting service provider Lolek Hosted.

Lolek Hosted is a bulletproof hosting service provider used to facilitate the distribution of information-stealing malware, and also to launch DDoS …

Power Generator in South Africa hit with DroxiDat and Cobalt Strike

Threat actors employed a new variant of the SystemBC malware, named DroxiDat, in attacks aimed at African critical infrastructure.

Researchers from Kaspersky’s Global Research and Analysis Team (GReAT) reported that an unknown threat actor used a new variant of the …

Gafgyt botnet is targeting EoL Zyxel routers

Researchers warn that the Gafgyt botnet is actively exploiting a vulnerability impacting the end-of-life Zyxel P660HN-T1A router.

A variant of the Gafgyt botnet is actively attempting to exploit a vulnerability, tracked as CVE-2017-18368 (CVSS v3: 9.8), impacting the end-of-life Zyxel …

Gafgyt botnet is targeting EoL Zyxel routers

Researchers warn that the Gafgyt botnet is actively exploiting a vulnerability impacting the end-of-life Zyxel P660HN-T1A router.

A variant of the Gafgyt botnet is actively attempting to exploit a vulnerability, tracked as CVE-2017-18368 (CVSS v3: 9.8), impacting the end-of-life Zyxel …

Balada Injector still at large – new domains discovered

The Balada Injector is still at large and still evading security software by utilizing new domain names and using new obfuscation.

During a routine web monitoring operation, we discovered an address that led us down a rabbit hole of WordPress-orientated …

EvilProxy used in massive cloud account takeover scheme

Cloud account takeover scheme utilizing EvilProxy hit over 100 top-level executives of global organizations

EvilProxy was observed sending 120,000 phishing emails to over a hundred organizations to steal Microsoft 365 accounts. Proofpoint noticed a worrisome surge of successful cloud account compromises …

EvilProxy used in massive cloud account takeover scheme

Cloud account takeover scheme utilizing EvilProxy hit over 100 top-level executives of global organizations

LockBit threatens to leak medical data of cancer patients stolen from Varian Medical Systems

The LockBit ransomware group threatens to leak medical data of cancer patients stolen from Varian Medical Systems.

The LockBit ransomware group claims to have hacked the healthcare company Varian Medical Systems and threatens to leak the medical data of cancer …

LockBit threatens to leak medical data of cancer patients stolen from Varian Medical Systems

The LockBit ransomware group threatens to leak medical data of cancer patients stolen from Varian Medical Systems.

The LockBit ransomware group claims to have hacked the healthcare company Varian Medical Systems and threatens to leak the medical data of cancer …

A new sophisticated SkidMap variant targets unsecured Redis servers

A new campaign targets Redis servers, this time the malware employed in the attacks is a new variant of the SkidMap malware.

Skidmap is a piece of crypto-miner detected by Trend Micro in September 2019 while it was targeting Linux …

FBI warns of crooks posing as NFT developers in fraudulent schema

The FBI is warning about cyber criminals masquerading as NFT developers to steal cryptocurrency and other digital assets.

The U.S. Federal Bureau of Investigation (FBI) is warning about cyber criminals posing as legitimate NFT developers in fraud schemes designed to …

Married couple pleaded guilty to laundering billions in cryptocurrency stolen from Bitfinex in 2016

A married couple from New York pleaded guilty this week to laundering billions of dollars stolen from Bitfinex in 2016.

The couple pleaded guilty to money laundering charges in connection with the hack of the cryptocurrency stock exchange Bitfinex that …

Attackers use dynamic code loading to bypass Google Play store’s malware detections

Threat actors rely on the ‘versioning’ technique to evade malware detections of malicious code uploaded to the Google Play Store.

Google Cybersecurity Action Team (GCAT) revealed that threat actors are using a technique called versioning to evade malware detection implemented …

NodeStealer 2.0 takes over Facebook Business accounts and targets crypto wallets

Researchers spotted a Python variant of the NodeStealer that was designed to take over Facebook business accounts and cryptocurrency wallets.

Palo Alto Network Unit 42 discovered a previously unreported phishing campaign that distributed a Python variant of the NodeStealer. The malicious code was …

WikiLoader malware-as-a-service targets Italian organizations

Threat actors are targeting Italian organizations with a phishing campaign aimed at delivering a new malware called WikiLoader.

WikiLoader is a new piece of malware that is employed in a phishing campaign that is targeting Italian organizations. Threat actors behind …

WikiLoader malware-as-a-service targets Italian organizations

Threat actors are targeting Italian organizations with a phishing campaign aimed at delivering a new malware called WikiLoader.

WikiLoader is a new piece of malware that is employed in a phishing campaign that is targeting Italian organizations. Threat actors behind …

Experts discovered a previously undocumented initial access vector used by P2PInfect worm

Cado Security observed a new variant of the P2PInfect worm targets Redis servers with a previously undocumented initial access vector.

In July, Palo Alto Networks Unit 42 researchers discovered a new peer-to-peer (P2P) worm called P2PInfect that targets Redis servers …

Now Abyss Locker also targets VMware ESXi servers

A Linux variant of the Abyss Locker designed to target VMware ESXi servers appeared in the threat landscape, experts warn.

The operators behind the Abyss Locker developed a Linux variant that targets VMware ESXi servers expanding their potential targets.

VMware …

Now Abyss Locker also targets VMware ESXi servers

A Linux variant of the Abyss Locker designed to target VMware ESXi servers appeared in the threat landscape, experts warn.

The operators behind the Abyss Locker developed a Linux variant that targets VMware ESXi servers expanding their potential targets.

VMware …

CoinsPaid blames North Korea-linked APT Lazarus for theft of $37M worth of cryptocurrency

Crypto-payments service provider CoinsPaid suffered a cyber attack that resulted in the theft of $37,200,000 worth of cryptocurrency.

CoinsPaid, a crypto-payment service provider, fell victim to a cyber attack, leading to the theft of $37,200,000 worth of cryptocurrency.

The company …