Cybercrime

February 21, 2025

Security researcher Jeremiah Fowler discovered the DM Clinical Research database containing 1,674,218 records, totaling 2TB, including names, medical information, phone numbers, email addresses, medications, and health conditions – along with other data. Although the name of the dataset indicates the details belong to DM Clinical Research, it’s not clear if this was owned and managed by ...

February 21, 2025

Angry Likho (referred to as Sticky Werewolf by some vendors) is an APT group we’ve been monitoring since 2023. It bears a strong resemblance to Awaken Likho, which we’ve analyzed before, so we classified it within the Likho malicious activity cluster. However, Angry Likho’s attacks tend to be targeted, with a more compact infrastructure, a limited ...

February 21, 2025

Blockchain analytics firm Arkham Intelligence said North Korea’s Lazarus Group was behind Bybit’s $1.46 billion hack. In an earlier post on social media platform X, Arkham offered a bounty of 50,000 ARKM tokens for anyone who could identify the attackers for Friday’s hack. Later, the platform said onchain sleuth ZachXBT submitted “definitive proof” that the attackers ...

February 20, 2025

An infostealer known as ACRStealer is using legitimate platforms like Google Docs and Steam as part of an attack, according to researchers. ACRStealer is often distributed via the tried and tested method of download as cracks and keygens, which are used in software piracy. The infostealer has been around since mid-2024 (as a beta test), but ...

February 19, 2025

The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) are releasing this joint advisory to disseminate known Ghost (Cring)— (“Ghost”)—ransomware IOCs and TTPs identified through FBI investigation as recently as January 2025. Beginning early 2021, Ghost actors began attacking victims whose internet facing ...

February 19, 2025

The latest, major threats to Mac computers can steal passwords and credit card details with delicate precision, targeting victims across the internet based on their device, location, and operating system. These are the dangers of “infostealers,” which have long plagued Windows devices but, in the past two years, have become a serious threat for Mac owners. ...

February 19, 2025

British financial technology firm Finastra has notified customers impacted by a data breach that occurred over three months ago. Between October 31 and November 8, 2024, an unauthorized third party accessed the company’s secure file transfer platform (SFTP), used to share files with customers. Although the breach was detected on November 7, and the company acknowledged ...

February 19, 2025

In 2024, cybercriminals targeted travel enthusiasts using fake hotel and airline booking websites. In one simple scheme, a fraudulent site asked users to enter their login credentials to complete their booking — these credentials ended up in criminal hands. Sometimes, the fake login form appeared under multiple brand names at once (for example, both Booking ...

February 18, 2025

On December 31, cybercriminals launched a mass infection campaign, aiming to exploit reduced vigilance and increased torrent traffic during the holiday season. Kaspersky telemetry detected the attack, which lasted for a month and affected individuals and businesses by distributing the XMRig cryptominer. This previously unidentified actor is targeting users worldwide—including in Russia, Brazil, Germany, Belarus and ...

February 18, 2025

A 39-year-old man has been jailed for sending malicious communications to a government minister, the mayor of London and a senior Met Police officer. Jack Bennett, of Newlands Park, Seaton, Devon, pleaded guilty to four counts of sending malicious emails; one to Safeguarding Minister Jess Phillips, one to Metropolitan police officer Matt Twist, and two counts ...