БЛОГ

Archive for the ‘cybercrime/malcode’ category: Page 19

Feb 24, 2024

Pharmacies nationwide face delays as health-care tech company reports cyberattack

Posted by in categories: cybercrime/malcode, health

A leading health-care technology company is experiencing a network outage due to a “cyber security issue,” pausing prescription services at pharmacies nationwide.

Feb 20, 2024

Anatsa Android malware downloaded 150,000 times via Google Play

Posted by in categories: cybercrime/malcode, finance, mobile phones

The Anatsa banking trojan has been targeting users in Europe by infecting Android devices through malware droppers hosted on Google Play.

Over the past four months, security researchers noticed five campaigns tailored to deliver the malware to users in the UK, Germany, Spain, Slovakia, Slovenia, and the Czech Republic.

Researchers at fraud detection company ThreatFabric noticed an increase of Anatsa activity since November, with at least 150,000 infections.

Feb 20, 2024

Cactus ransomware claim to steal 1.5TB of Schneider Electric data

Posted by in categories: business, cybercrime/malcode, robotics/AI, sustainability

The Cactus ransomware gang claims they stole 1.5TB of data from Schneider Electric after breaching the company’s network last month.

25MB of allegedly stolen were also leaked on the operation’s dark web leak site today as proof of the threat actor’s claims, together with snapshots showing several American citizens’ passports and non-disclosure agreement document scans.

As BleepingComputer first reported, the ransomware group gained access to the energy management and automation giant’s Sustainability Business division on January 17th.

Feb 19, 2024

FBI, UK Crime Agency Say They Have Disrupted LockBit Cyber Gang

Posted by in categories: cybercrime/malcode, law enforcement

A coalition of international law enforcement agencies, including the FBI and UK National Crime Agency, said they have disrupted LockBit, one of the most prolific hacker groups of all time, including shutting down websites the organization used for ransomware payments.

Feb 17, 2024

China worries less about US cyberattacks, but frets over India

Posted by in categories: cybercrime/malcode, government, military

According to a Chinese security expert, a significant number of attacks actually originate from countries in South Asia.


One India-based group of hackers, known as ‘Bitter’, has used various methods to target government, military and nuclear sectors.

Feb 17, 2024

Microsoft, OpenAI reveal state-sponsored cybercrime tactics using AI

Posted by in categories: cybercrime/malcode, robotics/AI

The fourth group is Curium, an Iranian group that has used LLMs to generate phishing emails and code to evade antivirus detection. Chinese state-affiliated hackers have also used LLMs for research, scripting, translations, and refining their tools.

Fight AI with AI

Microsoft and OpenAI say they have not detected any significant attacks using LLMs yet, but they have been shutting down all accounts and assets associated with these groups. “At the same time, we feel this is important research to publish to expose early-stage, incremental moves that we observe well-known threat actors attempting, and share information on how we are blocking and countering them with the defender community,” says Microsoft.

Feb 16, 2024

Cybergang DarkGate Uses CAPTCHA to Spread Malware

Posted by in categories: cybercrime/malcode, law

This post is also available in: he עברית (Hebrew)

HP Wolf Security’s latest threat insights disclosure put a spotlight on DarkGate – a group of web-based criminals using legal advertising tools to enhance their spam-based malware attacks.

The security report claims DarkGate has been operating as a malware provider since 2018, with an apparent shift in tactics last year of using legitimate advertisement networks “to track victims and evade detection.” The claims are that by using ad services, threat actors can analyze which lures generate clicks and infect the most users – helping them refine campaigns for maximum impact.

Feb 14, 2024

DarkMe Malware Targets Traders Using Microsoft SmartScreen Zero-Day Vulnerability

Posted by in categories: cybercrime/malcode, finance

Hackers are exploiting a ZERO-DAY flaw in Microsoft Defender SmartScreen to deliver DarkMe malware. This sophisticated attack can steal your data and give hackers access to your financial accounts.

Feb 13, 2024

PikaBot Resurfaces with Streamlined Code and Deceptive Tactics

Posted by in category: cybercrime/malcode

The threat actors behind the PikaBot malware have made significant changes to the malware in what has been described as a case of “devolution.”

“Although it appears to be in a new development cycle and testing phase, the developers have reduced the complexity of the code by removing advanced obfuscation techniques and changing the network communications,” Zscaler ThreatLabz researcher Nikolaos Pantazopoulos said.

PikaBot, first documented by the cybersecurity firm in May 2023, is a malware loader and a backdoor that can execute commands and inject payloads from a command-and-control (C2) server as well as allow the attacker to control the infected host.

Feb 11, 2024

Hackers Steal $25 Million by Deepfaking Finance Boss

Posted by in categories: cybercrime/malcode, finance

A multinational company was scammed out of $25.6 million by hackers who fooled employees at the company’s Hong Kong branch into believing their digital recreation of its chief financial officer — as well as several other video conference participants — were real.

The hack, believed to be the first of its kind, highlights just how far deepfake technology has progressed.

As the South China Morning Post reports, scammers are believed to have used publicly available footage to create deepfake representations of the staff. Some of the fake video calls apparently only had a single human on the line, with the rest being deepfakes created by the hackers.

Page 19 of 216First1617181920212223Last