27 Malicious PyPI Packages with Thousands of Downloads Found Targeting IT Experts

November 17, 2023 at 06:00AM An unidentified threat actor has been uploading malware-laden fake Python libraries to the PyPI repository for the past six months. Disguised as legitimate packages, these 27 libraries have attracted thousands of downloads from various countries. The attacker used steganography to hide malicious payloads within innocent-looking image files. The packages included … Read more

U.S. Takes Down IPStorm Botnet, Russian-Moldovan Mastermind Pleads Guilty

November 15, 2023 at 10:48AM The U.S. government has taken down the IPStorm botnet proxy network, as the developer behind it, Sergei Makinin, pleaded guilty. The botnet infected Windows, Mac, Linux, and Android devices globally. Makinin could face up to 30 years in prison and has made at least $550,000 from the scheme. The botnet … Read more

Poloniex crypto-exchange offers 5% cut to thieves if they return that $120M they nicked

November 10, 2023 at 01:53PM Poloniex founder Justin Sun has offered a reward of up to $6.5 million to the hackers who drained $120 million from the cryptocurrency exchange. Sun has given the hackers seven days to return the stolen funds before he engages law enforcement. The attack on Poloniex is the latest in a … Read more

Monero Project admits thieves stole 6-figure sum from a wallet in mystery breach

November 8, 2023 at 06:52AM Monero Project’s community crowdfunding system (CCS) wallet was drained of 2,675.73 XMR, amounting to around $437,000, in September. The project suspects that the breach is related to ongoing wallet-draining attacks since April. The team is investigating the breach and has taken additional security measures to protect other wallets. Atomic Wallet … Read more

BlueNoroff hackers backdoor Macs with new ObjCShellz malware

November 7, 2023 at 03:36PM The BlueNorOff threat group, backed by North Korea, has targeted Apple customers with new macOS malware called ObjCShellz. This malware allows the group to open remote shells on compromised devices. BlueNorOff is known for financially motivated attacks on cryptocurrency exchanges and financial organizations worldwide. The malware communicates with a domain … Read more

StripedFly Malware Operated Unnoticed for 5 Years, Infecting 1 Million Devices

November 4, 2023 at 12:30PM StripedFly, an advanced strain of malware posing as a cryptocurrency miner, has infected over a million devices globally for the past five years. It utilizes an intricate modular framework supporting both Linux and Windows and employs the EternalBlue SMBv1 exploit to infiltrate systems. The malware incorporates a variety of features, … Read more

Dutch hacker jailed for extortion, selling stolen data on RaidForums

November 3, 2023 at 04:13PM A Dutch cybersecurity professional, Pepijn Van der Stap, has been sentenced to four years in prison for hacking and blackmailing multiple companies both in the Netherlands and worldwide. He hacked into victims’ computers, engaged in extortion, and laundered at least 2.5 million euros in cryptocurrency. Van der Stap, along with … Read more

EleKtra-Leak Cryptojacking Attacks Exploit AWS IAM Credentials Exposed on GitHub

October 30, 2023 at 07:24AM The EleKtra-Leak campaign is targeting exposed Amazon Web Service (AWS) identity and access management (IAM) credentials on public GitHub repositories for cryptojacking. The campaign has been active since December 2020 and has employed automated targeting of IAM credentials within four minutes of exposure. The attacker has also been linked to … Read more

Forget the outside hacker, the bigger threat is inside by the coffee machine

October 26, 2023 at 04:25PM This week’s Kettle discusses the issue of insider threats and highlights recent cases involving rogue employees attempting to sell stolen documents and secrets. It also brings attention to the use of security snoops by US Immigration and Customs Enforcement to monitor social media content. The Kettle is hosted by Iain … Read more

Ex-NSA techie pleads guilty to selling state secrets to Russia

October 24, 2023 at 12:52PM A former NSA tech has pleaded guilty to violating the Espionage Act by providing classified information to individuals he believed were Russian spies. Jareh Sebastian Dalke faces a maximum sentence of life in prison, but the government has agreed to seek a sentence of no more than 22 years if … Read more