Researchers have discovered a new malware family that uses a set of eight exploits to compromise web servers, network drives and removable drives. Dubbed BlackSquid, the malware has been observed dropping XMRig cryptominer programs, but attackers could easily use it to deliver other nasty payloads to infected devices, as well as obtain unauthorized access, escalate…
Cybercriminals are abusing the Yandex.Direct online advertising service in order to serve up malicious ads that target Russian accountants with the goal of infecting them with banking trojans and ransomware. Researchers from ESET have so far linked six malware programs to this campaign, which began in October and continues to this day. During periods of…
Malicious actors have been serving up GandCrab ransomware and a variant of AESDDoS Botnet malware by exploiting a recently patched vulnerability in two “Confluence” team collaboration products from Australia-based Atlassian. GandCrab is a malicious encryption program that first emerged in early 2018, while the AESDDoS variant is a more versatile program capable of remote code…
Researchers have discovered a previously unknown, file-based cryptominer worm that has been heavily targeting enterprises based in Asia. The researchers, from Symantec Corporation’s Security Response Attack Investigation Team, believe this latest threat perpetuates what they describe as a recent trend in cryptojacking: focusing on large business and organizations rather than consumers. Dubbed Beapy, the Python-based…
Two Romanian nationals were convicted in an Ohio federal court on Thursday for their roles in the Bayrob group, an organization that launched a multi-million-dollar cybercriminal operation fueled by its own proprietary malware. Bogdan Nicolescu, 36, and Radu Miclaus, 37, were found guilty on separate 21 counts for developing and spreading the Bayrob trojan, which…
A pair of Israeli financial technology companies were recently the target of a malware campaign featuring an updated version of the rarely seen Cardinal remote access trojan, researchers from Palo Alto Networks’ Unit 42 team are reporting. And in a possibly related incident, one of the two unnamed companies was similarly attacked with EVILNUM, a…
A new Monero cryptomining campaign has been detected in the wild being spread and operating in a manner more consistent with ransomware and other attacks that retain a level of persistence than has been seen before. Check Point researchers said these mining operations have been on-going since mid-January using two specific trojans, Trojan.Win32.Fsysna and an…
Google’s Play Store unknowingly hosted a fake cryptocurrency app that actually modifies users’ crypto wallet addresses once they’re copied to the clipboard, researchers are reporting. This Android-based “clipper” malware, as it’s called, secretly changes the wallet address to one hosted by the attackers, allowing them to steal victims’ digital coin transactions, explains ESET researcher Lukas…
Prosecutors in California have reportedly won what they believe to be the first-ever conviction for the act of SIM hijacking. Joel Ortiz, a 20-year-old college student from Boston, pleaded guilty in a Santa Clara County courtroom last month to stealing over $5 million in cryptocurrency after taking over the phone numbers of roughly 40 individuals…
Cybercriminals are using a new malware targeting Macs and the Chrome browser designed to steal all the information necessary to break into cryptocurrency exchanges and their victim’s digital wallets. This malware, an offshoot of OSX.DarthMiner, has a wide range of abilities, reported Palo Alto’s Unit 42. These skills include the ability to steal browser cookies…
