Cybercrime

September 23, 2020

Malicious spam (malspam) pushing Emotet malware is the most common email-based threat, far surpassing other malware families, with only a few other threats coming close. In recent weeks, we have seen significantly more Emotet malspam using a technique called “thread hijacking” that utilizes legitimate messages stolen from infected computers’ email clients. This malspam spoofs a legitimate ...

September 23, 2020

Security firm Group-IB says it identified a new cybercrime group that, for the past six months, has repeatedly and intentionally targeted Russian businesses with malware and ransomware attacks. Named OldGremlin, Group-IB says the hackers are behind targeted attacks with a new strain ransomware called TinyCryptor (aka decr1pt). “They have been trying to target only Russian companies so ...

September 23, 2020

QNAP NAS devices are being targeted in attacks by the AgeLocker ransomware, which encrypts the device’s data, and in some cases, steal files from the victim. AgeLocker is ransomware that utilizes an encryption algorithm called Age (Actually Good Encryption) designed to replace GPG for encrypting files, backups, and streams. Read more… Source: Bleeping Computer  

September 22, 2020

The US government’s cyber-security agency has issued a security advisory today warning federal agencies and the private sector about “a notable increase in the use of LokiBot malware by malicious cyber actors since July 2020.” The Cybersecurity and Infrastructure Security Agency (CISA) said that its in-house security platform (the EINSTEIN Intrusion Detection System) has detected persistent ...

September 21, 2020

A UK national pleaded guilty today to extorting tens of companies across the world as a member of an infamous hacking group known as The Dark Overlord (TDO). Nathan Francis Wyatt, 39, was sentenced to five years in prison and ordered to pay $1,467,048 in restitution to victims. According to court documents, Wyatt was part of the ...

September 21, 2020

Last year I got a parking ticket for lingering too long in a limited zone. Parking tickets are not sufficient reason to declare war on a city’s thinly veiled vehicular taxation scheme for the absentminded. And yet I wanted to. So instead of dutifully filling out the online payment form, I started searching for ways to ...

September 18, 2020

A spam group has picked up a pretty clever trick that has allowed it to bypass email filters and security systems and land in more inboxes than usual. The trick relies on a quirk in RFC791 — a standard that describes the Internet Protocol (IP). Among the various technical details, RFC791 is also the standard that describes ...

September 17, 2020

A woman seeking emergency treatment for a life-threatening condition died after a ransomware attack crippled a nearby hospital in Duesseldorf, Germany, and forced her to obtain services from a more distant facility, it was widely reported on Thursday. German authorities are investigating the unknown perpetrators on suspicion of negligent manslaughter, the Associated Press, German news outlet ...

September 17, 2020

Five alleged members of the APT41 threat group have been indicted by a federal grand jury, in two separate actions that were unsealed this week. Meanwhile, the Department of Treasury also imposed sanctions on individuals and organizations associated with Iran-linked APT39. APT41 (a.k.a. Barium, Winnti, Wicked Panda or Wicked Spider) is known for nation-state-backed cyber-espionage activity as ...

September 17, 2020

The Maze ransomware operators have adopted a tactic previously used by the Ragnar Locker gang; to encrypt a computer from within a virtual machine. In May, we previously reported that Ragnar Locker was seen encrypting files through VirtualBox Windows XP virtual machines to bypass security software on the host. The virtual machine would mount a host’s drives ...