dcsimg
August 12, 2019

A week in security (August 5 – 11)

Last week on Malwarebytes Labs, we explained how brain-machine interface (BMI) technology could usher in a world of Internet of Thoughts, why having backdoors is problematic, and how we can improve the security of our smart homes. To cap off Hacker Summer Camp week, the Labs team released a special ransomware edition of its quarterly cybercrime tactics and techniques report, which you can … [Read more...]

Filed Under: a week in security, APT28, awis, backdoors, bitcoin, bmi, brain-machine interface, chrome incognito, CTNT report, dslr flaw, facebook, Fancy Bear, IBM X-Force Incident Response and Intelligence Services, IRIS, Mark Zuckerberg, messenger kids, phishing, protonmail, ransomware, robocall, robocall scam, sextortion, smart homes, steam, Strontium, weekly blog roundup
July 8, 2019

A week in security (July 1 – 7)

Last week on Malwarebytes Labs, we explained what to do when you find stalkerware, how cooperating apps and automatic permissions are setting you up for failure, and why you should steer clear of Bitcoin Cash generators. Other cybersecurity news: A former Chief Information Officer (CIO) of Equifax has been issued a prison sentence for insider trading on the firm’s disastrous data … [Read more...]

Filed Under: a week in security, bitcoin, bitcoin generators, cash generators, china, Equifax, germany, godlua, ironpython, OpenPGP, permissions, ryuk, smart home, stalkerware
July 3, 2019

Steer clear of Bitcoin Cash generators

Here’s an interesting evolution on a well-worn scam, taking one profit generating fakeout and turning it into something else entirely. For years, gamers have been stuck navigating the treacherous waters of fake video game giveaways. With so many actual genuine gaming giveaways around, you’re never quite sure if a site offering free Xbox points, or Steam credits, or downloadable content, is going … [Read more...]

Filed Under: bitcoin, bitcoin cash, crypto, cryptocurrency, cryptocurrency scams, gaming scams, generator, scams, video games
May 10, 2019

Vital infrastructure: Threats target financial institutions, fintech, and cryptocurrencies

With news of a malware attack on accounting firm Wolters Kluwer causing a “quiet panic” in the accounting world this week, our assertion that financial institutions—from banks to brokers—are part of the vital infrastructure of society has been solidified. According to its website, Wolters Kluwer provides software and services to all of the top 100 accounting firms in the United … [Read more...]

Filed Under: APTs, banking apps, banking Trojans, banks, bitcoin, Business, cryptocurrencies, cryptocurrency, cryptowallets, emotet, exploit kits, financial institutions, financials, fintech, information stealers, infrastructure, Malware, Security world, vital
April 29, 2019

Wall Street Market reported to have exit scammed

Around April 20, many users reported that Wall Street Market, a broadly known dark net market, had executed an exit scam, and that any pending orders were unlikely to be completed. Scamming with enterprises involving Bitcoin is not unheard of, and dark net markets with centralized escrow are particularly vulnerable. As these markets grow in popularity and amass large amounts of transactions, … [Read more...]

Filed Under: bitcoin, cybercrime, darknet, exit scam, scam, Social engineering
April 16, 2019

Electrum Bitcoin wallets under siege

By Adam Thomas, with additional contributions from Jérôme Segura, Vasilios Hioueras and S!Ri Since at least late December 2018, many users of the popular Electrum Bitcoin wallet have fallen victim to a series of phishing attacks, which we estimate netted crooks well over 771 Bitcoins—an amount equivalent to approximately $4 million USD at current exchange rates. Threat actors were able to … [Read more...]

Filed Under: bitcoin, bitcoins, botnet, cybercrime, ddos, Electrum, exploit kit, Exploits, RIG, RIG EK, Social engineering, vulnerabilities, wallet
February 11, 2019

A week in security (February 4 – 8)

Last week on Malwarebytes Labs, we took a closer look at the technical and reputational challenges for Facebook as it tries to integrate secure messaging across Messenger, WhatsApp, and Instagram. We explored Google’s latest attempts to change how the public sees—literally—web browser URLs, gave some of our best tips on how to safely browse the Internet at work, and detailed a unique spam campaign … [Read more...]

Filed Under: amazon, Apple, AT&T, Australia, bitcoin, bounty hunters, cryptocurrency, cryptography, cybersecurity, Do Not Track, eBooks, facebook, Google, Instagram, internet, Jeff Bezos, John wick, kindle, messenger, safari, secure messaging, Security world, Sprint, T-Mobile, URLs, Week in security, whatsapp, Zcash, zero day
January 11, 2019

Luas data ransom: the hacker who cried wolf?

In a terrible start to the year for Irish tram firm Luas, their site was compromised a week ago and adorned with a stark ransom warning: Click to enlarge You are hacked. Some time ago I wrote that you have serious security holes. You didn’t reply. The next time someone talks to you, press the reply button. You must pay one bitcoin in five days. Otherwise I will publish all data and send emails to … [Read more...]

Filed Under: bitcoin, cybercrime, data breach, hacked, Hacking, haveibeenpwned, luas, ransom, ransomware
December 20, 2018

Christmas tech scams roundup

There’s a fair few Christmas tech scams floating around out there as 2018 winds up, and we thought it’d be a good time to warn you about them. It’s the usual mish-mash of phone antics, social media shenanigans, and click bait. Shall we begin? This scam looks divine BOOM reports on a collection of anti-aging cream websites targeting regions such as the Philippines, Malaysia, Mexico, and Colombia. … [Read more...]

Filed Under: adverts, bitcoin, cybercrime, email, facebook, hitman, phish, privacy, scam, tech scams, tech support scammers, tech support scams
October 25, 2018

Sextortion emails: They’re probably not watching you

Back in July, Krebs on Security reported on a rather novel scam, where the threat actor would use credentials from old data dumps to suggest that they had directly hacked the victim and obtained the victim’s presumably sensitive browser history. Stolen credentials aside, sex-based extortion scams are actually fairly old and not all that sophisticated. A user on the Malwarebytes Forums … [Read more...]

Filed Under: 101, bitcoin, btc, emails, FYI, KrebsOnSecurity, Malwarebytes Forums, phishing, scam, scammers, scams, sextortion, Social engineering
Next Page »