dcsimg
May 10, 2019

Vital infrastructure: Threats target financial institutions, fintech, and cryptocurrencies

With news of a malware attack on accounting firm Wolters Kluwer causing a “quiet panic” in the accounting world this week, our assertion that financial institutions—from banks to brokers—are part of the vital infrastructure of society has been solidified. According to its website, Wolters Kluwer provides software and services to all of the top 100 accounting firms in the United … [Read more...]

Filed Under: APTs, banking apps, banking Trojans, banks, bitcoin, Business, cryptocurrencies, cryptocurrency, cryptowallets, emotet, exploit kits, financial institutions, financials, fintech, information stealers, infrastructure, Malware, Security world, vital
April 29, 2019

Wall Street Market reported to have exit scammed

Around April 20, many users reported that Wall Street Market, a broadly known dark net market, had executed an exit scam, and that any pending orders were unlikely to be completed. Scamming with enterprises involving Bitcoin is not unheard of, and dark net markets with centralized escrow are particularly vulnerable. As these markets grow in popularity and amass large amounts of transactions, … [Read more...]

Filed Under: bitcoin, cybercrime, darknet, exit scam, scam, Social engineering
April 16, 2019

Electrum Bitcoin wallets under siege

By Adam Thomas, with additional contributions from Jérôme Segura, Vasilios Hioueras and S!Ri Since at least late December 2018, many users of the popular Electrum Bitcoin wallet have fallen victim to a series of phishing attacks, which we estimate netted crooks well over 771 Bitcoins—an amount equivalent to approximately $4 million USD at current exchange rates. Threat actors were able to … [Read more...]

Filed Under: bitcoin, bitcoins, botnet, cybercrime, ddos, Electrum, exploit kit, Exploits, RIG, RIG EK, Social engineering, vulnerabilities, wallet
February 11, 2019

A week in security (February 4 – 8)

Last week on Malwarebytes Labs, we took a closer look at the technical and reputational challenges for Facebook as it tries to integrate secure messaging across Messenger, WhatsApp, and Instagram. We explored Google’s latest attempts to change how the public sees—literally—web browser URLs, gave some of our best tips on how to safely browse the Internet at work, and detailed a unique spam campaign … [Read more...]

Filed Under: amazon, Apple, AT&T, Australia, bitcoin, bounty hunters, cryptocurrency, cryptography, cybersecurity, Do Not Track, eBooks, facebook, Google, Instagram, internet, Jeff Bezos, John wick, kindle, messenger, safari, secure messaging, Security world, Sprint, T-Mobile, URLs, Week in security, whatsapp, Zcash, zero day
January 11, 2019

Luas data ransom: the hacker who cried wolf?

In a terrible start to the year for Irish tram firm Luas, their site was compromised a week ago and adorned with a stark ransom warning: Click to enlarge You are hacked. Some time ago I wrote that you have serious security holes. You didn’t reply. The next time someone talks to you, press the reply button. You must pay one bitcoin in five days. Otherwise I will publish all data and send emails to … [Read more...]

Filed Under: bitcoin, cybercrime, data breach, hacked, Hacking, haveibeenpwned, luas, ransom, ransomware
December 20, 2018

Christmas tech scams roundup

There’s a fair few Christmas tech scams floating around out there as 2018 winds up, and we thought it’d be a good time to warn you about them. It’s the usual mish-mash of phone antics, social media shenanigans, and click bait. Shall we begin? This scam looks divine BOOM reports on a collection of anti-aging cream websites targeting regions such as the Philippines, Malaysia, Mexico, and Colombia. … [Read more...]

Filed Under: adverts, bitcoin, cybercrime, email, facebook, hitman, phish, privacy, scam, tech scams, tech support scammers, tech support scams
October 25, 2018

Sextortion emails: They’re probably not watching you

Back in July, Krebs on Security reported on a rather novel scam, where the threat actor would use credentials from old data dumps to suggest that they had directly hacked the victim and obtained the victim’s presumably sensitive browser history. Stolen credentials aside, sex-based extortion scams are actually fairly old and not all that sophisticated. A user on the Malwarebytes Forums … [Read more...]

Filed Under: 101, bitcoin, btc, emails, FYI, KrebsOnSecurity, Malwarebytes Forums, phishing, scam, scammers, scams, sextortion, Social engineering
October 2, 2018

Fortnite gamers targeted by data theft malware

The new season of the incredibly popular video game Fortnite is upon us, and so too are the scams. It’s no surprise that con artists would jump on this bandwagon, eager to peddle their fakeouts. Only this time, scammers had something a little more dangerous in mind than your typical low-level surveys and downloads that never actually materialize. Among all the gluttony of scams there hid a … [Read more...]

Filed Under: .EXE, bitcoin, bt-fortnite-cheats(dot)tk, cybercrime, fortnite, fortnite malware, free V-Bucks, games, Gaming, Malware, rat, stealer, steam, Sub2Unlock, Trojan.Malpack, video games, wallet
September 20, 2018

Mass WordPress compromises redirect to tech support scams

Content Management Systems (CMSes) such as WordPress, Drupal, or Joomla are under a constant barrage of fire. Earlier this year, we detailed several waves of attacks against Drupal, also known as Drupalgeddon, pushing browser-based miners and various social engineering threats. During the past few days, our crawlers have been catching a larger-than-usual number of WordPress sites being hijacked. … [Read more...]

Filed Under: bitcoin, Bitcoin Code, browlock, Indicators of compromise, injections, JavaScript, Social engineering, tech support scams, Threat analysis, TSS, wordpress, Zues
February 8, 2018

New Deepfakes forum goes mining with Coinhive

You may or may be familiar with the furore over Deepfakes, a relatively new development in pornography involving a tool called FacesApp, which is capable of producing a real porn clip that replaces the original actors’ heads with those of celebrities—or indeed, anyone at all. Online fakes have been around since the early 2000s or possibly even earlier; alongside those old photos, fakers … [Read more...]

Filed Under: bitcoin, bitcoins, cryptocurrency, cryptomining, cybercrime, deepfakes, mining, privacy, scripts
Next Page »