Cybercrime | SC Media

Cybercrime

Malware attack rains on Weather Channel’s parade, disrupts live broadcast

By

The Weather Channel is blaming a “malicious software” attack for knocking its live morning broadcast off the air for approximately one hour and 39 minutes today. “We experienced issued with this morning’s live broadcast following a malicious software attack on the network,” reads a tweet issued by the network earlier today. “We were able to…

‘Brazen’ nation-state actors behind ‘Sea Turtle’ DNS hijacking campaign

By

State-sponsored hackers are behind a large-scale DNS hijacking campaign that since January 2017 has been responsible for compromising at least 40 organizations across 13 countries, researchers from Cisco Talos have reported. Primarily targeting the Middle East and North Africa, the attackers are looking to harvest credentials that grant them access to sensitive networks belonging to…

Instagram main

You’re on ‘The Nasty List’ scam looks to steal Instagram credentials

By

A phishing scam is circulating Instagram claiming that users have made “The Nasty List” with the goal of stealing account credentials. The scam is spread via messages sent through hacked accounts claiming the recipients were spotted on the so called NastyList stating something like “OMG your actually on here, @TheNastyList_34, your number is 15! its…

Report: Ecuadorian websites besieged by cyberattacks following Julian Assange’s arrest

By

Since Julian Assange’s arrest and removal from London’s Ecuadorian embassy last week, the websites of Ecuador’s public institutions have been subjected to roughly 40 million cyberattacks, Agence France-Presse reported yesterday. The attacks have primarily originated from the U.S., Brazil, Ecuador itself, and European nations including the Netherlands, Germany, Romania, France, Austria and the UK, said…

Ukraine-Map

Five-year cyber espionage campaign targeting Ukraine potentially linked to Luhansk People’s Republic

By

Researchers believe hackers from the breakaway Luhansk People’s Republic (LPR) may be behind a spear phishing-based malware campaign that’s been actively targeting the Ukrainian government. The researchers, from FireEye, disclosed their assessment following their investigation into a malware-laced email that they were able to tie back to a 2018 phishing campaign designed to to deliver…

Microsoft web mail services breached after support agent’s credentials are compromised

By

Hackers reportedly compromised a Microsoft Corp. support agent’s credentials, allowing them to gain unauthorized access to the company’s various web-based email services, including Outlook, MSN and Hotmail, for at least three months in 2019. This breach exposed not only information pertaining to certain customers’ email accounts, but also in some cases the content of the…

Three apps claiming to improve Instagram exposed as an insta-scam

By

A trio of Android applications that supposedly helped Instagram account owners increase likes and followers, boost security and improve the overall user experience were actually stealing their usernames and passwords, Malwarebytes has reported. The apps, which were designed to target users based in Iran, had been available for download via the Google Play store as…

Two Romanians convicted for roles in Bayrob malware operation

By

Two Romanian nationals were convicted in an Ohio federal court on Thursday for their roles in the Bayrob group, an organization that launched a multi-million-dollar cybercriminal operation fueled by its own proprietary malware. Bogdan Nicolescu, 36, and Radu Miclaus, 37, were found guilty on separate 21 counts for developing and spreading the Bayrob trojan, which…

pokemon

CryptoPokemon ransomware decryptor developed

By

A new ransomware dubbed CryptoPokemon encrypts user files and demands approximately $104 worth of Bitcoin to decrypt the files. CryptoPokemon encrypts files using SHA256 + AES128 and comes with a note containing an email address and website to contact the threat actors  who describe themselves as “valiant support [who] will help you solve this problem.”…

Zeus-in-the-mobile variant uses security firm's name to gain victims' trust

Massive SIM swap fraud leaves traditional 2FA users at risk

By

As two-factor authentication becomes more popular, threat actors have proven once again how this security feature can be exploited if not implemented properly. Kaspersky researchers uncovered large-scale SIM swap fraud operations targeting users in both the Portugese-speaking nations of Brazil and Mozambique were able to use social engineering, bribery,  and simple phishing attacks to ultimately…

Next post in Cybercrime