Cybercrime


NEWS 
  • New KillDisk Variant Hits Financial Organizations in Latin America

    January 15, 2018

    We came across a new variant of the disk-wiping KillDisk targeting financial organizations in Latin America. Trend Micro detects it as TROJ_KILLDISK.IUB. Trend Micro™ Deep Discovery™ proactively blocks any intrusions or attacks associated with this threat. Initial analysis (which is still ongoing) reveals that it may be a component of another payload, or part of a bigger ...

  • Bad Rabbit Ransomware Spreads via Network, Hits Ukraine and Russia

    December 24, 2017

    An ongoing ransomware campaign is hitting Eastern European countries with what seems to be a variant of the Petya ransomware dubbed Bad Rabbit (which we detect as RANSOM_BADRABBIT.A). Trend Micro XGen™ security products with machine learning enabled can proactively detect this ransomware as TROJ.Win32.TRX.XXPE002FF019 without the need for a pattern update. The attack comes a few months after the previous ...

  • MoneyTaker Cybercriminal Group Steals $10 Million from Financial Institutions

    December 12, 2017

    Security researchers shed light on the Russian-speaking cybercriminal group MoneyTaker, which was reported to have perpetrated cyberattacks against financial organizations in the U.S. and Russia. The group reportedly stole as much as $10 million from at least 20 card payment and inter-bank transfer systems. What is MoneyTaker? MoneyTaker is a cybercriminal group named after the custom malware they use ...

  • Collection of 1.4 Billion Plain-Text Leaked Passwords Found Circulating Online

    December 11, 2017

    Hackers always first go for the weakest link to quickly gain access to your online accounts. Online users habit of reusing the same password across multiple services gives hackers opportunity to use the credentials gathered from a data breach to break into their other online accounts. Researchers from security firm 4iQ have now discovered a new collective database on ...

  • ‘Significant amount’ of sensitive security data stolen in Perth Airport hacking

    December 10, 2017

    A skilled hacker in Vietnam stole sensitive security details and building plans from Perth Airport after breaking into its computer systems. The West Australian can reveal Vietnamese man Le Duc Hoang Hai used the credentials of a third-party contractor to get access to the airport’s computer systems in March last year. Prime Minister Malcolm Turnbull’s cybersecurity adviser Alastair ...

  • Pre-Installed Keylogger Found On Over 460 HP Laptop Models

    December 8, 2017

    HP has an awful history of ‘accidentally’ leaving keyloggers onto its customers’ laptops. At least two times this year, HP laptops were caught with pre-installed keylogger or spyware applications. I was following a tweet made by a security researcher claiming to have found a built-in keylogger in several HP laptops, and now he went public with his findings. A security researcher who goes ...

  • Banking Apps Found Vulnerable to MITM Attacks

    December 7, 2017

    Leading US and UK-based banks have patched a flaw found in their Android and iOS mobile apps that allowed adversaries to conduct man-in-the-middle attacks to steal customer credentials and view and manipulate network traffic. According to researchers at the School of Computer Science at the University of Birmingham that found the flaw, the vulnerability impacted nine apps belonging ...

  • International team takes down virus-spewing Andromeda botnet

    December 5, 2017

    Police and private companies have taken down a massive botnet used to move malware onto compromised PCs. The Andromeda botnet, also known as Gamarue, is thought to have spanned over two million PCs and distributed over 80 types of malware onto infected PCs. It was shut down on November 29 in a combined operation by Europol, ...

  • Ursnif Trojan Adopts New Code Injection Technique

    December 4, 2017

    Hackers are testing a new variation of the Ursnif Trojan aimed at Australian bank customers that utilizes novel code injection techniques. Since the summer of 2017, IBM X-Force researchers report that Ursnif (or Gozi) samples have been tested in wild by a new malware developer. The samples are a noteworthy upgrade from previous versions. “This finding is ...

  • PayPal Subsidiary Data Breach Hits Up to 1.6 Million Customers

    December 3, 2017

    Global e-commerce business PayPal has disclosed a data breach that may have compromised personally identifiable information for roughly 1.6 million customers at a payment processing company PayPal acquired earlier this year. PayPal Holdings Inc. said Friday that a review of its recently acquired company TIO Networks showed evidence of unauthorized access to the company’s network, including some confidential ...

  • RAT Distributed Via Google Drive Targets East Asia

    November 30, 2017

    Researchers said that they are tracking a new remote access Trojan dubbed UBoatRAT that is targeting individuals or organizations linked to South Korea or the video game industry. While targets aren’t 100 percent clear, researchers at Palo Alto Networks Unit 42 said UBoatRAT threats are evolving and new variants are increasingly growing more sophisticated. They said ...

  • Hackers Now Have Incredibly Sophisticated Ways to Breach Banks’ Defenses

    November 29, 2017

    Global banks need to do more to protect themselves from cyberattacks after a “significant evolution” in the threat level in the last 18 months, according to the SWIFTglobal payments network. Hackers are deploying increasingly sophisticated ways of breaching banks’ cyber defenses to launch finely orchestrated attacks, SWIFT said in a report co-written with defense contractor BAE Systems. ...

  • Hackers are scanning computers worldwide for open Bitcoin and Ethereum wallets…

    November 27, 2017

    Security researcher Didier Stevens setup a trap, or in digital security terms – a “honeypot”.  Think of it as digital sting operation, where someone puts a server online open to attack – but nothing of value is really there, it’s only there to record the attacks as they happen. The logs of these honeypots revealed hackers ...

  • Physical Theft Meets Cybercrime: The Illicit Business of Selling Stolen Apple Devices

    November 15, 2017

    Online scams and physical crimes are known to intersect. In an incident last May, we uncovered a modus operandi and the tools they can use to break open iCloud accounts to unlock stolen iPhones. Further research into their crossover revealed how deep it runs. There’s actually a sizeable global market for stolen mobile phones—and by extension, ...

  • New IcedID Trojan Targets US Banks

    November 13, 2017

    Researchers are warning users about a wave of recent attacks targeting U.S. financial institutions that leverage a new banking Trojan dubbed IcedID. The IcedID Trojan was spotted in September by researchers at IBM’s X-Force Research team. They said the Trojan has several standout techniques and procedures, such as the ability to spread over a network and ...

  • Russian ‘Fancy Bear’ Hackers Using (Unpatched) Microsoft Office DDE Exploit

    November 8, 2017

    Cybercriminals, including state-sponsored hackers, have started actively exploiting a newly discovered Microsoft Office vulnerability that Microsoft does not consider as a security issue and has already denied to patch it. Last month, we reported how hackers could leverage a built-in feature of Microsoft Office feature, called Dynamic Data Exchange (DDE), to perform code execution on the targeted device ...

  • Fast-growing cyber crime threatens financial sector: Europol

    November 8, 2017

    The “remorseless” growth of cyber crime is leading to 4,000 ransom attacks a day and gangs’ technological capability now threatens critical parts of the financial sector, the head of Europol said on Wednesday. Online criminals have become so sophisticated that gangs have created “conglomerations” with company structures that specialize in different criminal activities to carry out ...

  • Hacker Distributes Backdoored IoT Vulnerability Scanning Script to Hack Script Kiddies

    November 8, 2017

    Nothing is free in this world. If you are searching for free hacking tools on the Internet, then beware—most freely available tools, claiming to be the swiss army knife for hackers, are nothing but a scam. For example, Cobian RAT and a Facebook hacking tool that we previously reported on The Hacker News actually could hack, but of the one who ...

  • The nasty future of ransomware: Four ways the nightmare is about to get even worse

    October 31, 2017

    2017 has been the year of ransomware. While the file-encrypting malware has existed in one form or another for almost three decades, over the last few months it’s developed from a cybersecurity concern to a public menace. The term even made it into the dictionary in September. In particular, 2017 had its own summer of ransomware: while incidents ...

  • Ramnit worm: Still turning up in unlikely places

    October 27, 2017

    The Ramnit worm (W32.Ramnit) was an aggressively propagated Windows-based worm that first appeared around 2010. Its creator used an extensive range of propagation techniques to ensure that it spread quickly and widely. Once it infects a computer, it copies itself to all attached and removable drives. Crucially, it also searches for and infects .exe, .dll, ...