Researchers discover next generation phishing kit

Researchers at Check Point and CyberInt, have discovered a new generation of phishing kit that is readily available on the Dark Web. Created by a cyber-criminal known as ‘[A]pache’, the kit makes it simple for those with very little technical ability to carry out their own cyber-attack. By simply downloading this multi-functioning phishing kit and following […]

Low-Cost Crimeware Kit Gaining Popularity in Underground Markets

When it comes to malware and cybercriminals, sometimes “cheap” and “fast” clearly trumps “tested” and “sophisticated.” That’s the case with Rubella Macro Builder, a recently discovered crimeware kit that, despite being new and relatively unsophisticated, has been gaining popularity among cybercriminals – including members of the suspected Russian gang behind the Panda banking malware. Security […]

MyEtherWallet users robbed after successful DNS hijacking attack

Unknown attackers have managed to steal approximately $150,000 in Ethereum from a number of MyEtherWallet (MEW) users, after having successfully redirected them to a phishing site posing as MyEtherWallet.com. The redirection was seamless, and the only thing that gave some indication that the phishing site is not what it pretended to be was the warning […]

‘Webstresser’ DDoS Attack Site Shut Down in International Operation

The world’s largest online marketplace for selling and lauching distributed denial-of-service (DDoS) attacks was shut down this week as part of Operation Power Off, an international investigation into the so-called Webstresser.org site. The effort was led by the UK National Crime Agency and Dutch National Police, with support from Europol and a dozen global law […]

Mysterious cyber worm targets medical systems, is found on X-ray machines and MRI scanners

A newly discovered cybercriminal group is installing custom malware onto the systems of organisations in healthcare and related sectors in order to conduct corporate espionage. These targeted attacks are carried out against a small number of selected organisations as well as the supply chains which serve them, with the tactics and use of custom malware suggesting […]

Threat Actors Turn to Blockchain Infrastructure to Host & Hide Malicious Activity

In a troubling trend for enterprises and law enforcement, threat actors are ramping up their use of blockchain domains to hide malicious activity and improve their ability to withstand takedown efforts. Security vendor FireEye says it has observed a recent uptick in interest in cryptocurrency infrastructure in the cyber underground over the last year. Many different software […]

Ransomware, stolen data or malware: How do online crooks really make their money?

The cybercriminal economy has hit global revenues of $1.5 trillion a year, according a nine-month long study which shows the vast scale of cybercrime and  how profits are acquired, laundered, spent and reinvested. “The metaphor of “cybercrime as a business” is no longer adequate to capture its complexities.” says the Into the Web of Profit report, commissioned […]

This malware will take screenshots, steal your passwords and files – and drain your cryptocurrency wallet

A new strain of malware allows hackers to take action screenshots and steal passwords, to download files and even steal the contents of cryptocurrency wallets. Named ‘SquirtDanger’ after a dynamic-link library (DLL) file consistently served by its distribution servers, the malware is written in C Sharp and has multiple layers of embedded code. The malware is set […]

Cyber fraudsters now stealing millions in single transactions

Business email compromise (BEC) attacks are continuing to rise in both frequency and severity, with victims now losing millions of dollars in single transactions, according to law enforcement agencies. A BEC attack, also known as a senior executive impersonation attack, is where an organisation’s staff are manipulated into sending money to criminals. Typically, the criminals […]

SamSam explained: Everything you need to know about this opportunistic group of threat actors

The first version of the SamSam (a.k.a. Samas or SamsamCrypt) ransomware was developed and released in late 2015 by a group of threat actors believed to reside in Eastern Europe. The group itself is mostly a mystery, but the code it developed and the resulting pain from its usage isn’t. SamSam is a serious threat […]