Ransomware gangs team up to form extortion cartel

Ransomware gangs are teaming up to extort victims through a shared data leak platform, and the exchange of tactics and intelligence. In November 2019, the Maze Ransomware operators transformed ransomware attacks into data breaches after they released unencrypted data of a victim who refused Read More …

SilverTerrier: New COVID-19 Themed Business Email Compromise Schemes

Focusing on one of the most active subsets of the global threat landscape, Palo Alto Networks Unit 42 tracks Nigerian cyber criminals involved in Business Email Compromise (BEC) activities under the name SilverTerrier. Over the past 90 days (Jan. 30 – Read More …

Europol: Hacker Group Selling Databases With Millions Of User Credentials Busted In Poland And Switzerland

Polish and Swiss law enforcement authorities, supported by Europol and Eurojust, dismantled InfinityBlack, a hacking group involved in distributing stolen user credentials, creating and distributing malware and hacking tools, and fraud. On 29 April 2020, the Polish National Police (Policja) Read More …

Spear-phishing campaign compromises executives at 150+ companies

A cybercrime group operating since mid-2019 has breached the email accounts of high-ranking executives at more than 150 companies, cyber-security firm Group-IB reported today. The group, codenamed PerSwaysion, appears to have targeted the financial sector primarily, which accounted for more Read More …

A look at the ATM/PoS malware landscape from 2017-2019

From remote administration and jackpotting, to malware sold on the Darknet, attacks against ATMs have a long and storied history.  And, much like other areas of cybercrime, attackers only refine and grow their skillset for infecting ATM systems from year-to-year. So what Read More …

Studying How Cybercriminals Prey on the COVID-19 Pandemic

With the spread of the coronavirus worldwide, interest is high in related topics. Accordingly, Unit 42 researchers found an immense increase in coronavirus-related Google searches and URLs viewed since the beginning of February. Cybercriminals are looking to profit from such Read More …

German government might have lost tens of millions of euros in COVID-19 phishing attack

The government of North Rhine-Westphalia, a province in western Germany, is believed to have lost tens of millions of euros after it failed to build a secure website for distributing coronavirus emergency aid funding. The funds were lost following a Read More …

Financial Cyberthreats in 2019

Financial cyberthreats are malicious programs that target users of services such as online banking, e-money, and cryptocurrency, or that attempt to gain access to financial organizations and their infrastructure. These threats are usually accompanied by spam and phishing activities, with Read More …