Cyber-Crime News, Articles and Updates

Over half a billion domains infected by RoughTed malvertising campaign

While it peaked in March 2017, the scourge has been rolling out for more than a year with a dark cornucopia encompassing scams and exploit kits that go after a broad range of targets using their operating system, browser and geolocation to inject the appropriate payload, Segura wrote.

Ransom isn't random: How small businesses can fend off targeted attacks

Itay Glick discusses why it is more efficient for hackers to target small businesses and how organisations can protect themselves and avoid becoming a victim.

Researchers spot enhancements on Qakbot malware to infect new systems

Cylance researchers spotted enhancements on the Qakbot malware that let it infect new systems and lock out administrators.

Lazarus code used in WannaCry, but attack may not be state sponsored

Symantec bolstered the amount of evidence it has gathered that ties the code and tools used by the cyber-gang known as Lazarus to the WannaCry/WanaCrypt0r ransomware attacks.

Outlaw marketplace on Dark Web shuttered abruptly

Outlaw, a veteran marketplace on the Dark Web, was shuttered abruptly last week with no plausible explanation, according to Bleeping Computer.

ATMs rigged by Brazilian cyber-crooks to steal payment card chips

In an effort to work around the security measures built into EMV credit cards, a Brazilian criminal gang has created a skimmer-type device that steals the chip right out of the card when it is inserted into a compromised ATM.

Slammer worms its way to top of most wanted malware list

Enterprises are increasingly being hit with exploit kits, especially Rig EK, and the Slammer worm has resurfaced, according to Check Point's latest monthly Global Threat Impact Index.

ATM Black Box attack heists lead to arrest of 27 European cyber-crooks

Efforts of a number of EU Member States and Norway have culminated in arrests of 27 people connected to ATM "Black Box" attacks across Europe.

'MacronGate' reportedly linked to black hat troll

Qurium researchers claim to have traced the falsified emails allegedly stolen from then French President Emmanuel Macron claiming the then candidate had offshore accounts in the Bahamas during his 2017 campaign to the black hat troll weevlos.

New mobile banking malware obfuscates its malicious code parts

Banking malware targeting mobile users requires little tech know-how to develop and operate, so it stands as an insistent battle for security professionals.

UK and US businesses overconfident in preparedness of data breaches

Despite most UK and US businesses reporting cyber-security breaches in the last year, large numbers of them overestimate their readiness to fight breaches.

Iranian 'OilRig' expands attacks, works with Russian hackers-for-hire

Attacks believed to be Iranian in origin were fended off for more than two weeks in April, but security experts examining the code detected snippets of code from an underground Russian marketplace.

Phishing campaign from 'Bank of France' targets French consumers

Cyber-criminals are attempting to steal credentials from French companies and consumers, yet the campaign is falsely attributed to the Bank of France.

WannaCry in the NHS: who takes responsibility?

In the wake of the WannaCry ransomware which took out over 60 NHS trusts, SC ponders on where the blame lays.

Cookie monster: malware steals cookies and hijacks WordPress sessions

Sucuri researchers recently observed a malware attack that injected obfuscated code into a JavaScript file in order to steal web users' cookies and hijack their WordPress sessions.

Cyber-attacks are becoming more 'made to order' for chosen victims

Whilst examining cyber-security attacks and methods from the first part of 2017, researchers at PandaLabs found cyber-attacks are more complex than ever before.

New IoT bot Persirai ensnaring IP cameras

Apparently emanating from Iran, Persirai has been detected by researchers at Trend Micro linking more than 1,000 internet protocol (IP) camera models into a vast Internet of Things (IoT) botnet.

Netrepser malware steals from undisclosed government agencies

A new targeted attack built with readily available software tools has been named Netrepser by researchers at Bitdefender who discovered the attacker.

Pickpockets and hackers, the latest cyber-crime marriage

A Trend Micro researcher may have stumbled across a new alliance in place between petty criminals and their more sophisticated cyber cousins that could prove mutually beneficial.

Trio of downloaders used in recent Blackmoon banking Trojan campaign

Two recent cyber-theft campaigns targeting South Koreans employed a three-stage downloader framework that installed the Blackmoon banking Trojan on geo-targeted machines, according to a report Thursday from Fidelis.

New 'Dok' dropper variant found delivering Mac malware

A Malwarebytes researcher on Monday discovered a new variant of the "Dokument.app" dropper that was recently found delivering OSX/Dok Mac malware capable of intercepting infected machines' HTTPS communications.

Hackers cyber-squat hundreds of UK bank domains to trick web users

DomainTools discovers more than 300 fake websites fooling customers into thinking they're clicking on top UK bank websites.

Election hack? "Could've been China," Trump says

"Could've been China, could've been a lot of different groups," the US president said.

Duo pleads guilty in TalkTalk breach

Two men were convicted in the UK for the 2015 TalkTalk breach after admitting their part in the attack that affected 160,000 customers.

Facebook and Google confirm falling victim to £77m phishing scam

Back in March, a Lithuanian man was arrested for duping two unnamed multinational internet companies via an email phishing attack.

OSX malware uses stolen certs and reads HTTPS traffic

Mac users beware as researchers have found yet another reason to rattle the false sense of security some may have concerning Macs and viruses.

Financial services sector most attacked in 2016

IBM's X-Force Research Team has found that cyber-criminals follow Willie Sutton's old-school, analog advice on why to rob banks because "that is where the money is."

Multiple groups likely collaborating on Shamoon

Multiple hacker groups may be collaborating on behalf of a nation-state actor, according to a new report.

Loads of NoTrove scam ads threaten consumers and digital advertising

A new threat actor identified as NoTrove is delivering millions of scam ads that threaten consumers and further undermine the digital advertising industry.