Cybercrime | SC Media

Cybercrime

LeBron James among the 1st stars to have their stolen law firm files put up for auction

The Sodinokibi/REvil ransomware gang has apparently made good on its threat to auction off files it lifted from celebrity law firm Grubman Shire Meiselas & Sacks. The group on July 1 reportedly placed legal documents corresponding to Nicki Minaj, Mariah Carey and LeBron James up for bid, with the starting price set at $600,000 per…

NetWalker ransomware group claims attack on Fort Worth transportation agency

Another Texas-based government institution may have fallen victim to ransomware actors. According to a reliable source, the cybercriminals behind the malicious encryptor NetWalker have published online evidence of an attack on Trinity Metro, a transit agency that operates bus and commuter rail transportation services in Fort Worth and its nearby Tarrant County suburbs. Trinity Metro…

Report accuses China of extensive mobile spyware use to track ethnic minority group

A new blog post and research report from the Lookout Threat Intelligence Team has exposed the lengths to which a reputed Chinese government-sponsored APT operation has allegedly gone to track the country’s Uyghur minority population, including the trojanization of mobile apps with surveillanceware. Lookout details four spyware families — SilkBean, DoubleAgent, CarbonSteal and GoldenEagle —…

‘GoldenSpy’ tax software campaign tries to erase evidence of malware

The actors behind a campaign to spread GoldenSpy malware via tax accounting software used by customers of a Chinese bank have recently attempted to distribute an uninstaller that deletes the backdoor in an apparent attempt to cover up their illicit activities. In a previous company blog post and threat report, Trustwave and its SpiderLabs team identified the accounting software…

OSX.EvilQuest ransomware targets Macs; Ransom X blamed for TxDOT attack

The crowded ransomware market is now home to three newly discovered players that recently gained the attention of security researchers and malware analysts — including one that targets Mac users and another blamed for a recent attack on the Texas Department of Transportation. Dubbed OSX.EvilQuest, the Mac ransomware was observed being distributed on a Russian…

Tax software used by Chinese bank clients installs GoldenSpy backdoor

A tax software program installed by business clients of an unidentified Chinese bank was trojanized with malware that installs a backdoor granting attackers SYSTEM-level privileges, researchers warn. In a company blog post and more detailed threat report, Trustwave and its SpiderLabs team identified the accounting software as Intelligent Tax, which was reportedly developed by the…

Mobile ransomware disguised as upcoming Canadian Covid-19 contact tracing app

Capitalizing on a Canadian government announcement pertaining to the development of a nationwide, voluntary Covid-19 contact tracing app, malicious actors this month created a fake version of such an app that in reality infects Android users with mobile ransomware. According to a new blog post from ESET, the ransomware, dubbed CryCryptor, was found being distributed…

Ex-CIA exec: Covid-19 has created ideal ‘crisis’ conditions for malicious hackers

Companies trying to stave off business disruption caused by the global Covid-19 pandemic may be ripe for compromise as they introduce new risks in the scramble to maintain business continuity, warned a retired senior CIA executive in a keynote presentation Wednesday at the InfoSec World 2020 digital conference. In essence, the coronavirus has created ideal…

Evil Corp debuts WastedLocker ransomware and new TTPs, researchers say

Researchers have discovered a new ransomware, WastedLocker, that they are attributing with “high confidence” to the Evil Corp cybercriminal gang, two members of which the U.S. Justice Department charged last December with federal hacking and bank fraud crimes. Evil Corp is historically associated with the banking credentials-stealing Zeus trojan and Bugat (aka Dridex) malware, as well as Locky and…

Next post in Security News