Security News

A new report by Malwarebytes, Digitunity and Cybercrime Support Network, which polled more than 5,000 people across the United States, United Kingdom, and Germany, details how people experience cybercrime worldwide, demonstrating cybercrime does not impact everyone equally. Overall analysis of data suggests disadvantaged groups facing barriers in society, such as those with lower incomes and lower education levels, feel less safe about their online experiences, are more likely to fall victim to an attack, and at times report experiencing a heavier emotional burden when responding to cyberattacks.

International law enforcement has busted up an extensive cybercrime operation run by a gang with ties to the Italian Mafia. The suspects used various lures to convince victims to wire money to bank accounts controlled by the criminal network, according to Europol.

As you can see, the cryptocurrency wallets in question were partially redacted - but as we know, these follow a recognizable pattern and can be uncovered in the public ledger. After determining the full wallet address, we can find this wallet on the blockchain and see what was transferred and when.

This is part one of a two-part series on how hackers stole $2 million in cryptocurrency. There is one strong commonality with all these incidents and attacks: The hackers want the funds in cryptocurrency.

A diverse range of cybercrime offerings caters to anyone with sufficient cryptocurrency: from access brokers who sell pilfered credentials for compromised accounts, to bullet proof hosting providers that can deliver reliable and anonymous infrastructure to conduct offensive criminal cyber operations. The discerning cybercrime operator in 2021 can build customized toolchains out of composable microservices and off-the-shelf solutions, tailoring attacks, and repurposing compromises for a variety of criminal endeavours.

Year-over-year, ransomware spiked more than tenfold in the first half of 2021, researchers report. According to Fortinet's latest semiannual FortiGuard Labs Global Threat Landscape Report, released on Monday, the telecommunications sector was the most heavily targeted, followed by government, managed security service providers, automotive, and manufacturing sectors.

A financially motivated cybercrime gang has breached and backdoored the network of a US financial organization with a new malware known dubbed Sardonic by Bitdefender researchers who first spotted it. Sardonic is a new C++-based backdoor the FIN8 threat actors deployed on targets' systems likely via social engineering or spear-phishing, two of the group's favorite attack methods.

A Nigerian threat actor has been observed attempting to recruit employees by offering them to pay $1 million in bitcoins to deploy Black Kingdom ransomware on companies' networks as part of an insider threat scheme. "The sender tells the employee that if they're able to deploy ransomware on a company computer or Windows server, then they would be paid $1 million in bitcoin, or 40% of the presumed $2.5 million ransom," Abnormal Security said in a report published Thursday.

A Nigerian threat actor has been observed attempting to recruit employees by offering them to pay $1 million in bitcoins to deploy Black Kingdom ransomware on companies' networks as part of an insider threat scheme. "The sender tells the employee that if they're able to deploy ransomware on a company computer or Windows server, then they would be paid $1 million in bitcoin, or 40% of the presumed $2.5 million ransom," Abnormal Security said in a report published Thursday.

ShinyHunters, a notorious cybercriminal underground group that's been on a data breach spree since last year, has been observed searching companies' GitHub repository source code for vulnerabilities that can be abused to stage larger scale attacks, an analysis of the hackers' modus operandi has revealed. "As Pokémon players hunt and collect"shiny" characters in the game, ShinyHunters collects and resells user data.