Cybercrime | SC Media

Cybercrime

Bird Miner cryptominer targets Macs, emulates Linux

A new cryptominer, dubbed Bird Miner, has been spotted in the wild targeting Mac devices and running via Linux emulation under the guise of a production software tool. Malwarebytes researchers described Bird Miner as “somewhat stealthy” due to its instructions to bail out at multiple points if Activity Monitor is running and because of its…

Phishing campaign impersonates email alerts from DHS

An ongoing email-based phishing scam is attempting to fool recipients into opening malicious attachments disguised as notifications from the U.S. Department of Homeland Security (DHS), according to the Cybersecurity and Infrastructure Security Agency, in a warning posted on the official US-CERT web site this past Tuesday. “The email campaign uses a spoofed email address to…

Making a racket: LoudMiner malware cryptojacks VMs, comes bundled with pirated VST software

Malicious actors are attempting to infect computers running Tiny Core Linux virtual machines with an XMRig-based cryptominer that’s being bundled with pirated copies of Virtual Studio Technology (VST) software applications. Dubbed LoudMiner, the Monero-mining software first appeared in August 2018, and works by abusing virtualization software – QEMU on macOS machines and VirtualBox on Windows devices.…

Ransomware attack on software company ResiDex may have exposed data on assisted-living residents, workers

Personal information belonging to residents and employees of multiple assisted living facilities were potentially exposed in an April 2019 cyberattack that infected third-party software company Tenx Systems, LLC with ransomware. The Minneapolis-based company, which operates under the name ResiDex Software and provides software to assisted-living homes, group facilities and care-giving organizations for seniors and the…

As GandCrab gang prepares to retire, decryptor for v5.2 of ransomware released

The purportedly final version of GandCrab ransomware can now be neutralized with a new decryption tool, made available to the public. This latest decryptor is effective against versions 1, 4 and 5.x up through 5.2. Version 5.2 is the last iteration created by the prolific ransomware’s developers before they announced on a dark web forum…

twitterbirds

Twitter takes down thousands of state-affiliated malicious accounts

Twitter shutdown nearly 5,000 accounts tied to the Iranian government and is archiving the tweets from the accounts in a public database. The social media platform also took down four Russian accounts linked to the Internet Research Agency (IRA) troll farm, 130 Spanish accounts linked to the Catalan independence movement and 33 Venezuelan accounts also…

AESDDoS botnet malware target Docker containers

A newly discovered botnet malware exploits an API misconfiguration in the open-source version of the DevOps tool, Docker Engine-Community, to infiltrate containers and run a variant of the Linux botnet malware AESDDoS, according to a Trend Micro blog post. “Docker APIs that run on container hosts allow the hosts to receive all container-related commands that…

Evite hit with data breach

Online invitation company Evite announced it was affected by a data breach involving the unauthorized access of customer information. Evite learned of the incident in April 2019 and upon investigation, learned malicious activity started on February 22, 2019 when the unauthorized party acquired an inactive data storage file associated with the firm’s user accounts, according…

Next post in Data Breach