SecurityWeek
400,000 Linux Servers Hit by Ebury Botnet
The Ebury Linux botnet has ensnared over 400,000 Linux systems in 15 years, with roughly 100,000 still infected.
The Record
Sonne Finance developers offer bounty to hacker behind $20 million crypto theft
Sonne Finance, which allows people to lend and borrow funds without the need for intermediaries, said it would commit to not pursuing the heist any further if the perpetrator accepted an undisclosed bounty and returned the stolen cryptocurrency.
Infosecurity News
Ebury Botnet Operators Diversify with Financial and Crypto Theft
The 15-year-old Ebury botnet is more active than ever, as ESET found 400,000 Linux servers compromised for cryptocurrency theft and financial gain
Bleeping Computer
Ebury botnet malware infected 400,000 Linux servers since 2009
A malware botnet known as 'Ebury' has infected almost 400,000 Linux servers since 2009, with roughly 100,000 still compromised as of late 2023.
Ars Technica
The hunt for rare bitcoin is nearing an end...
Rare bitcoin fragments are worth many times their face value....
.webp)
Cyber Security News
400k Linux Servers Hacked to Mine Cryptocurrency
The botnet, operated by the threat group behind the Ebury malware, has been active since at least 2009 but has evolved over the past decade.
Bleeping Computer
Botnet sent millions of emails in LockBit Black ransomware campaign
Since April, millions of phishing emails have been sent through the Phorpiex botnet to conduct a large-scale LockBit Black ransomware campaign.
Infosecurity News
Black Basta Ransomware Victim Count Tops 500
Affiliates of prolific Black Basta ransomware group have breached over 500 global organizations
Security Affairs
As of May 2024, Black Basta ransomware affiliates hacked over 500 organizations worldwide
Black Basta ransomware affiliates have breached over 500 organizations between April 2022 and May 2024, FBI and CISA reported.
SecurityWeek
Shields Up: How to Minimize Ransomware Exposure
Organizations must look beyond preventive measures when it comes to dealing with today’s ransomware threats and invest in ransomware response.
Infosecurity News
Six Austrians Arrested in Multi-Million Euro Crypto Scheme
Europol and Eurojust targeted the orchestrators of a cryptocurrency scam launched in December 2017
Infosecurity News
BTC-e $9bn Crypto-Money Launderer Pleads Guilty
Russian national Alexander Vinnik has pleaded guilty to his role in a multibillion-dollar money laundering conspiracy
The Hacker News
Russian Operator of BTC-e Crypto Exchange Pleads Guilty to Money Laundering
Russian operator of BTC-e crypto exchange pleads guilty to money laundering charges spanning 2011-2017.
Security Affairs
Alexander Vinnik, the operator of BTC-e exchange, pleaded guilty to money laundering
Alexander Vinnik, a Russian operator of virtual currency exchange BTC-e pleaded guilty to participating in a money laundering scheme.
SecurityWeek
Ukrainian REvil Ransomware Affiliate Gets 13 Years in US Prison
Yaroslav Vasinskyi was sentenced to 13 years and seven months in prison for his alleged role in the REvil ransomware operation.
Security Affairs
Ukrainian REvil gang member sentenced to 13 years in prison
A Ukrainian national, a member of the REvil group, has been sentenced to more than 13 years in prison for his role in extortion activities.
Bleeping Computer
REvil hacker behind Kaseya ransomware attack gets 13 years in prison
Yaroslav Vasinskyi, a Ukrainian national, was sentenced to 13 years and seven months in prison and ordered to pay $16 million in restitution for his involvement in the REvil ransomware operation.
The Hacker News
Ukrainian REvil Hacker Sentenced to 13 Years and Ordered to Pay $16 Million
A Ukrainian hacker part of the notorious REvil gang has been sentenced to over 13 years for orchestrating 2,500+ attacks demanding $700M in crypto ran
CyberSecurity Dive
Congress grills UnitedHealth CEO over Change cyberattack
Legislators slammed Andrew Witty over the company’s lack of cybersecurity practices and the impact of the breach, which may have compromised the data of a third of Americans.
CSO
UnitedHealth hack may impact a third of US citizens: CEO testimony
Despite paying a $22 million ransom in Bitcoin to regain access to encrypted files, the company cannot...
SecurityWeek
Change Healthcare Cyberattack Was Due to a Lack of Multifactor Authentication, UnitedHealth CEO says
The Change Healthcare cyberattack started when hackers entered a server that lacked a basic form of security: multi-factor authentication.
The Record
Ukrainian sentenced to almost 14 years for infecting thousands with REvil ransomware
Yaroslav Vasinskyi also was ordered to pay more than $16 million in restitution for his role in the REvil operation.
The Hacker News
Bitcoin Forensic Analysis Uncovers Money Laundering Clusters and Criminal Proceeds...
How does blockchain pseudonymity enable financial crime detection? By combining it with knowledge of licit and illicit crypto services, machine learni
Security Affairs
Finnish Hacker sentenced to more than six years in prison
Finnish hacker was sentenced to more than six years in prison for hacking into an online psychotherapy clinic and attempted extortion.
Cyber Security News
Gemini 1.5 Pro - Powered With Automated Malware Analysis To Detect Zero-Day
Google has introduced Gemini 1.5 Pro for malware analysis, an advanced AI tool capable of processing up to 1 million tokens.
The Record
Hacker who blackmailed psychotherapy patients sentenced to six years in prison
Aleksanteri Kivimäki, formerly known by the first name Julius and the hacker handle Zeekill, was convicted on all charges relating to the hack of Helsinki-based Vastaamo.
The Record
Standard Chartered CEO on why cybersecurity has become a 'disproportionately huge topic' at board meetings
The CEO of one of the largest banks in the world discusses cryptocurrency and artificial intelligence, as well as how he's been able to influence cybersecurity culture.
Security Affairs
Cryptocurrencies and cybercrime: A critical intermingling
As cryptocurrencies have grown in popularity, there has also been growing concern about cybercrime involvement in this sector
Infosecurity News
US Takes Down Illegal Cryptocurrency Mixing Service Samourai Wallet
The two founders of Samourai Wallet have been charged with money laundering and unlicensed money-transmitting offenses
.webp)
Cyber Security News
Founders of Cryptocurrency Mixing Service Arrested for Money Laundering Offenses
Rodriguez and Hill, founders of the cryptocurrency service Samourai, arrested for operating an unlicensed money-transmitting business.
Cyber Security News
Hackers Employ Black Hat SEO Techniques To Deliver Malware
Black hat SEO methods are used by hackers to manipulate search engine rankings and make malicious or fraudulent websites more visible.
The Hacker News
DOJ Arrests Founders of Crypto Mixer Samourai for $2 Billion in Illegal Transactions
The U.S. DOJ has made a significant move by arresting the founders of Samourai, a crypto mixer, for laundering over $100M
DarkReading
Patch Now: CrushFTP Zero-Day Cloud Exploit Targets US Orgs
An exploit for the vulnerability allows attackers to escape a virtual file system sandbox to download system files and potentially achieve RCE.
The Record
Feds accuse founders of cryptocurrency mixer of ‘large-scale money laundering’
Samourai Wallet's domain and servers were also seized, and a seizure warrant for its mobile application was served on the Google Play Store.
Bleeping Computer
Malware dev lures child exploiters into honeytrap to extort them
You rarely root for a cybercriminal, but a new malware campaign targeting child exploiters doesn't make you feel bad for the victims.
SecurityWeek
Akira Ransomware Made Over $42 Million in One Year: Agencies
Akira ransomware has hit over 250 organizations worldwide and received over $42 million in ransom payments.
Infosecurity News
Akira Ransomware Group Rakes in $42m, 250 Organizations Impacted
A joint advisory from Europol and US and Dutch government agencies estimated that Akira made around $42m in ransomware proceeds from March 2023 to January 2024
CSO
Consolidation blamed for Change Healthcare ransomware attack
United HealthGroup said it has already taken $872 million in dealing with the attack and the disruption it caused.
The Record
Akira ransomware gang made $42 million from 250 attacks since March 2023: FBI
The group’s large number of attacks shortly after emerging has led experts to believe it is made up of experienced ransomware actors.
Trend Micro
The Fall of LabHost: Law Enforcement Shuts Down Phishing Service Provider
On April 18, 2024, the UK’s Metropolitan Police Service and others conducted an operation that succeeded in taking down the Phishing-as-a-Service provider LabHost.
The Record
'Crude' ransomware tools proliferating on the dark web for cheap, researchers find
Analysts at Sophos X-Ops are comparing the low-budget cybercrime tools to “junk guns” — cheap, imported weapons that flooded the U.S. in the 1960s and 1970s.
Cyber Security News
Developer Of Hive RAT Arrested By Authorities for Stealing Login Credentials
A San Fernando Valley man has been taken into custody by federal authorities on criminal charges related to a purported scheme to sell and
Security Affairs
US and Australian police arrested Firebird RAT author and operator
A joint investigation conducted by U.S. and Australian authorities led to the arrest of two key figures behind the Firebird RAT operation.
Bleeping Computer
Firebird RAT creator and seller arrested in the U.S. and Australia
A joint police operation between the Australian Federal Police (AFP) and the FBI has led to the arrest and charging of two individuals who are believed to be behind the development and distribution of the "Firebird" remote access trojan (RAT), later rebranded as "Hive."
The Record
Another insider in OneCoin cryptocurrency scam gets prison sentence
Bulgarian national Irina Dilkinska assisted in day-to-day operations of OneCoin, a multi-level marketing (MLM) network that duped victims out of at least $4 billion, according to the U.S. government.
SecurityWeek
Boat Dealer MarineMax Confirms Data Breach
MarineMax confirms suffering a data breach as a result of a ransomware attack, with the attackers claiming to have obtained 180,000 files.
DarkReading
CISO Corner: Cyber-Pro Swindle; New Faces of Risk; Cyber Boosts Valuation
Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: Australia gets its cyber-groove back, and 2023's zero-day field day.
Ars Technica
Ubuntu will manually review Snap Store after crypto wallet scams
Former Canonical employee calls out the "Safe" label applied to Snap apps.
DarkReading
'Tycoon' Malware Kit Bypasses Microsoft, Google MFA
Threat actors are widely adopting the fast-growing, low-cost phishing-as-a-service (PhaaS) platform, which is sold via Telegram.
The Record
Detained execs, a bold escape, and tax evasion charges: Nigeria takes aim at Binance
A standoff between the world's biggest cryptocurrency platform and the Nigerian government has disrupted lives and raised new questions for foreign operations there.
Infosecurity News
New Tycoon 2FA Phishing Kit Raises Cybersecurity Concerns
Discovered by Sekoia in 2023, the kit is associated with Adversary-in-The-Middle (AiTM) attacks
Bleeping Computer
New MFA-bypassing phishing kit targets Microsoft 365, Gmail accounts
Cybercriminals have been increasingly using a new phishing-as-a-service (PhaaS) platform named 'Tycoon 2FA' to target Microsoft 365 and Gmail accounts and bypass two-factor authentication (2FA) protection.
SecurityWeek
Ransomware Group Takes Credit for Attack on Boat Dealer MarineMax
...group has taken credit for the cyberattack on MarineMax and is offering to sell stolen data for 15 bitcoin...
The Record
UN probing 58 alleged crypto heists by North Korea worth $3 billion
U.N. experts reported on the activity of North Korean cyberthreat actors, including those known to researchers as Kimsuky, the Lazarus Group, Andariel and BlueNoroff.
SecurityWeek
Lost Crypto Wallet? New Firm Promises Ethical, Transparent and Inexpensive Recovery
Praefortis is a new company pushing ethical and transparent recovery of lost or forgotten crypto wallet passwords.
Bleeping Computer
FTC warns scammers are impersonating its employees to steal money
The U.S. Federal Trade Commission (FTC) warned today that scammers are impersonating its employees to steal thousands of dollars from Americans.
The Hacker News
E-Root Marketplace Admin Sentenced to 42 Months for Selling 350K Stolen Credentials
Moldovan national gets 3+ years in US prison for running E-Root Marketplace, a massive platform selling stolen login details.
Infosecurity News
Moldovan Behind E-Root Marketplace Gets US Federal Prison Term
Sandu Boris Diaconu was involved in conspiracy to commit access device and computer fraud
SecurityWeek
Moldovan Operator of Credential Marketplace Sentenced to US Prison
Sandu Diaconu has been sentenced to 42 months in prison for operating a marketplace for compromised credentials.
The Record
Nigerian court orders Binance to release user data, as company execs continue to be held without charge
A federal high court in Abuja has ordered the world’s largest cryptocurrency exchange Binance to provide Nigeria’s Economic and Financial Crimes Commision (EFCC) with information on all the Nigerians who are using its trading platform.
The Record
New Zealand media company: Hackers directly targeting individuals after alleged data breach
MediaWorks says it is investigating after a hacker claimed to have stolen the data of just over 2.4 million people and began targeting individuals for extortion payments.
Security Affairs
Moldovan citizen sentenced in connection with the E-Root marketplace case
US DoJ sentenced a Moldovan national (31) to 42 months in federal prison for operating the E-Root cybercrime marketplace.
Bleeping Computer
Admin of major stolen account marketplace gets 42 months in prison
Moldovan national Sandu Boris Diaconu has been sentenced to 42 months in prison for operating E-Root, a major online marketplace that sold access to hacked computers worldwide.
Bleeping Computer
Former telecom manager admits to doing SIM swaps for $1,000
A former manager at a telecommunications company in New Jersey pleaded guilty to conspiracy charges for accepting money to perform unauthorized SIM swaps that enabled an accomplice to hack customer accounts.
The Record
Moldovan national sentenced in E-Root cybercrime marketplace case
Sandu Boris Diaconu, 31, was an administrator for the E-Root Marketplace, which authorities took down in 2020.
Ars Technica
Member of LockBit ransomware group sentenced to 4 years in prison
33-year-old Canadian-Russian national pleaded guilty last month.
The Hacker News
LockBit Ransomware Hacker Ordered to Pay $860,000 After Guilty Plea in Canada
Mikhail Vasiliev, a 34-year-old Russian-Canadian, sentenced to nearly 4 years in jail for his role in the LockBit ransomware operation.
SecurityWeek
Healthcare's Ransomware Epidemic: Why Cyberattacks Hit the Medical Sector With Alarming Frequency
Cybersecurity firm Claroty discusses the reasons the healthcare industry has long been a primary target for ransomware attacks.
Bleeping Computer
Bitcoin Fog mixer operator convicted for laundering $400 million...
Russian-Swedish national Roman Sterlingov was convicted by a federal jury in Washington, D.C., for operating Bitcoin...
The Record
Russian-Swedish national behind $400 million crypto mixer convicted of money laundering
U.S. federal court for operating a notorious cryptocurrency mixer that moved about $400 million in bitcoin...
The Hacker News
New Banking Trojan CHAVECLOAK Targets Brazilian Users via Phishing Tactics
Hackers are getting creative with CHAVECLOAK. This malware can block screens, log keystrokes, and even show fake pop-up windows to steal banking login
Ars Technica
After collecting $22 million, AlphV ransomware group stages FBI takedown
Affiliate claims payment came from AlphV victim, and AlphV took the money and ran.
Bleeping Computer
BlackCat ransomware turns off servers amid claim they stole $22 million ransom
The ALPHV/BlackCat ransomware gang has shut down its servers amid claims that they scammed the affiliate responsible for the attack on Optum, the operator of the Change Healthcare platform, of $22 million.
The Record
Industry in need of ‘immediate relief’ following cyberattack on Change Healthcare, hospital group says
The American Hospital Association is accusing the parent company of Change Healthcare — which for two weeks has dealt with a cybersecurity incident that has caused disruptions at pharmacies nationwide — of failing to adequately address the issues healthcare providers face getting reimbursed for services as a result of the attack.
Bleeping Computer
The Week in Ransomware - March 1st 2024 - Healthcare under siege
Ransomware attacks on healthcare over the last few months have been relentless, with numerous ransomware operations targeting hospitals and medical services, causing disruption to patient care and access to prescription drugs in the USA.
Ars Technica
Hugging Face, the GitHub of AI, hosted code that backdoored user devices
Malicious submissions have been a fact of life for code repositories. AI is no different.
Security Affairs
LockBit is back and threatens to target more government organizations - Security Affairs
The LockBit gang is back and set up a new infrastructure after the recent attempt by law enforcement to disrupt their operation.
Security Affairs
Security Affairs newsletter Round 460 by Pierluigi Paganini
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
Bleeping Computer
LockBit ransomware gang has over $110 million in unspent bitcoin...
The LockBit ransomware gang received more than $125 million in ransom payments over the past 18 months, according to the analysis of hundreds of cryptocurrency wallets associated with the operation.
Infosecurity News
Operation Cronos: Who Are the LockBit Admins
Law enforcement agencies involved in Operation Cronos have announced they have been in contact with the LockBit kingpin aka LockbitSupp
DarkReading
Zero-Click Apple Shortcuts Vulnerability Allows Silent Data Theft
Vulnerability CVE-2024-23204, affecting Apple's popular Shortcuts app, suggests a critical need for ongoing security awareness in the macOS and iOS ecosystem.
Cyber Security News
How to Analyse Crypto Malware in ANY.RUN Sandbox ?
ANY.RUN, an interactive malware sandbox, has published a comprehensive analysis of the growing threat that crypto-malware poses.
SecurityWeek
Cyber Insights 2024: Ransomware
The ransomware threat will continue to grow and expand. It is the quintessential business plan for cybercriminals.
Infosecurity News
Exclusive: eSentire Confirms Rhysida Ransomware Victims
Since emerging in May 2023, the group claims to have victimized 77 companies and public institutions
The Hacker News
New Report Reveals North Korean Hackers Targeting Defense Firms Worldwide
North Korean Hackers Target Defense Sector! Learn how state-sponsored actors employ sophisticated techniques via LinkedIn job scams.
Bleeping Computer
North Korean hackers now launder stolen crypto via YoMix tumbler
...carried out numerous large-scale cryptocurrency heists over the years, has switched to using YoMix bitcoin...
Infosecurity News
Crypto-Money Laundering Records 30% Annual Decline
Chainalysis data reveals a near-30% fall in the value of digital currency being laundered in 2023
DarkReading
Glupteba Botnet Adds UEFI Bootkit to Cyberattack Toolbox
A malware with every malicious feature in the book is adding new pages, with a fresh ability to invade the lowest levels of a Windows machine.
The Hacker News
Glupteba Botnet Evades Detection with Undocumented UEFI Bootkit
Glupteba botnet has been found to include an undocumented UEFI bootkit feature, enhancing its stealth and persistence capabilities significantly.
SecurityWeek
Ransomware Attack Knocks 100 Romanian Hospitals Offline
Romanian hospitals turn to pen and paper after ransomware attack on centralized healthcare management system.
The Record
Hospitals offline across Romania following ransomware attack on IT platform
Four more Romanian hospitals were confirmed on Tuesday to have been affected by a ransomware attack against an IT platform, bringing the total to 25 facilities whose data has been encrypted. Another 75 hospitals in the country using the platform have been disconnected from the internet as investigators determine if they too are impacted.
Security Affairs
A man faces up to 25 years in prison for his role in operating unlicensed crypto exchange BTC-e
Belarusian/Cypriot national linked with cryptocurrency exchange BTC-e is facing charges that can lead maximum penalty of 25 years in prison
The Hacker News
Belarusian National Linked to BTC-e Faces 25 Years for $4 Billion Crypto Money Laundering
Former operator of defunct crypto exchange BTC-e faces 25 years in prison for alleged $4 billion money laundering scheme.
Security Affairs
Security Affairs newsletter Round 457 by Pierluigi Paganini
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
SecurityWeek
FTC Orders Blackbaud to Address Poor Security Practices
FTC and fundraising software company Blackbaud reach settlement over poor security practices that led to a major data breach.
CyberSecurity Dive
Blackbaud settles FTC data security probe into 2020 ransomware attack
The company is required to delete unnecessary data and inform the agency of future breaches.
Bleeping Computer
FTC orders Blackbaud to boost security after massive data breach
Blackbaud has settled with the Federal Trade Commission after being charged with poor security and reckless data retention practices, leading to a May 2020 ransomware attack and a data breach affecting millions of people.
SecurityWeek
Man Sentenced to Prison for Stealing Millions in Cryptocurrency via SIM Swapping
Daniel James Junk sentenced to six years in prison for stealing millions in cryptocurrency through SIM swapping.
Security Affairs
Police seized 50,000 Bitcoin from operator of the now-defunct piracy site movie2k...
German police seized 50,000 Bitcoin from the former operator of the now-defunct piracy website movie2k.to...
The Record
US announces another arrest in BTC-e cybercrime case
A Belarusian and Cypriot national allegedly connected with the defunct cryptocurrency exchange BTC-e is in U.S. custody and faces charges related to money laundering, federal prosecutors said Thursday.