December 5, 2024 at 08:29AM A new Android remote access trojan (RAT) named DroidBot targets 77 banks and exchanges, primarily in Europe, with plans to expand to Latin America. It features advanced capabilities like keylogging and overlay attacks, distributed via fake security apps. Offered as malware-as-a-service, affiliates can manage infected devices for various malicious actions. … Read more
December 1, 2024 at 03:28PM Interpol’s Operation HAECHI V, funded by South Korea, led to over 5,500 anti-cybercrime arrests and seized over $400 million in assets from scams targeting various crimes. The operation, involving 40 countries, highlighted ongoing threats like romance scams and stablecoin thefts. Additionally, UK businesses lost £44 billion to cyberattacks in five … Read more
September 17, 2024 at 03:46AM Cryptocurrency exchange Binance warns of a global threat targeting cryptocurrency users with clipper malware to facilitate financial fraud. The malware monitors clipboard activity to steal sensitive data and replace cryptocurrency addresses with the attacker’s. Binance advises caution and taking steps to prevent further fraudulent transactions. Blockchain analytics firm Chainalysis reports … Read more
September 16, 2024 at 09:27AM Cybersecurity researchers warn about North Korean threat actors targeting LinkedIn users with RustDoor malware, posing as cryptocurrency recruiters. The attackers aim at infiltrating financial and cryptocurrency networks through social engineering campaigns, prompting victims to download malicious coding challenges. The RustDoor backdoor persists in macOS and Windows machines, highlighting evolving tactics … Read more
September 6, 2024 at 11:29AM SpyAgent, a new Android malware, uses OCR technology to steal cryptocurrency recovery phrases from mobile screenshots, compromising wallet security. McAfee uncovered the malware in 280 non-Google Play APKs distributing via SMS or malicious social media. It targets South Korea and may expand to the UK, with a possible iOS variant … Read more
September 4, 2024 at 09:48AM The FBI warns that North Korean hackers are aggressively targeting the cryptocurrency industry using sophisticated social engineering techniques. They aim to deploy malware and steal virtual assets. The attackers conduct extensive research on potential victims and engage in prolonged conversations to establish trust before delivering malware. Organizations and individuals in … Read more
September 3, 2024 at 01:47PM The FBI warns of North Korean hackers targeting cryptocurrency companies and employees with sophisticated social engineering attacks to steal crypto assets through deploying malware. Based on the meeting notes, the key takeaway is that the FBI has issued a warning about North Korean hackers employing sophisticated social engineering tactics to … Read more
August 30, 2024 at 04:51PM Microsoft’s threat intelligence team identified a North Korean hacking team exploiting a Chrome vulnerability, marked as actively exploited. The flaw, CVE-2024-7971, was used for targeting the cryptocurrency sector for financial gain. The hacker group, known as ‘Citrine Sleet,’ has been linked to North Korea’s Reconnaissance General Bureau, and was observed … Read more
August 21, 2024 at 07:33AM Cybersecurity researchers recently discovered a new macOS malware, TodoSwift, with similarities to known malicious software linked to North Korean hacking groups. It exhibits behaviors seen in previous DPRK malware, such as RustBucket and KANDYKORN, and is associated with the Lazarus Group’s attempts to target cryptocurrency businesses. TodoSwift is distributed as … Read more
August 16, 2024 at 07:45AM Cybercriminals are promoting Banshee Stealer, a new macOS malware capable of stealing various data from compromised systems. Advertised for $3,000/month, it targets macOS passwords, hardware/software info, keychain passwords, browser data, and cryptocurrency wallets. While it evades detection by checking for analysis signs, its evasion methods are basic, leaving it susceptible … Read more