#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Cybersecurity

Crimeware | Breaking Cybersecurity News | The Hacker News

Category — Crimeware
SteelFox and Rhadamanthys Malware Use Copyright Scams, Driver Exploits to Target Victims

SteelFox and Rhadamanthys Malware Use Copyright Scams, Driver Exploits to Target Victims

Nov 07, 2024 Cryptocurrency / Malware
An ongoing phishing campaign is employing copyright infringement-related themes to trick victims into downloading a newer version of the Rhadamanthys information stealer since July 2024. Cybersecurity firm Check Point is tracking the large-scale campaign under the name CopyRh(ight)adamantys . Targeted regions include the United States, Europe, East Asia, and South America. "The campaign impersonates dozens of companies, while each email is sent to a specific targeted entity from a different Gmail account, adapting the impersonated company and the language per targeted entity," the company said in a technical analysis. "Almost 70% of the impersonated companies are from the Entertainment /Media and Technology/Software sectors." The attacks are notable for the deployment of version 0.7 of the Rhadamanthys stealer, which, as detailed by Recorded Future's Insikt Group early last month, incorporates artificial intelligence (AI) for optical character recognition
Beware: New DoubleFinger Loader Targets Cryptocurrency Wallets with Stealer

Beware: New DoubleFinger Loader Targets Cryptocurrency Wallets with Stealer

Jun 13, 2023 Crimeware / Cryptocurrency
A novel multi-stage loader called  DoubleFinger  has been observed delivering a cryptocurrency stealer dubbed GreetingGhoul in what's an advanced attack targeting users in Europe, the U.S., and Latin America. "DoubleFinger is deployed on the target machine, when the victim opens a malicious PIF attachment in an email message, ultimately executing the first of DoubleFinger's loader stages," Kaspersky researcher Sergey Lozhkin  said  in a Monday report. The starting point of the attacks is a modified version of  espexe.exe  – which refers to Microsoft Windows Economical Service Provider application – that's engineered to execute shellcode responsible for retrieving a PNG image file from the image hosting service Imgur. The image employs steganographic trickery to conceal an encrypted payload that triggers a four-stage compromise chain which eventually culminates in the execution of the GreetingGhoul stealer on the infected host. A notable aspect of GreetingGho
cyber security

Online Master's in Applied Intelligence

websiteGeorgetown UniversityCyber Security
More than 90% of respondents expressed concern over their team and tooling's ability to detect identity-based attacks. Learn about critical gaps in security programs and what environments pose the most risk to security teams. Download the Report.
Latvian Woman Charged for Her Role in Creating Trickbot Banking Malware

Latvian Woman Charged for Her Role in Creating Trickbot Banking Malware

Jun 07, 2021
The U.S. Department of Justice (DoJ) on Friday charged a Latvian woman for her alleged role as a programmer in a cybercrime gang that helped develop TrickBot malware. The woman in question, Alla Witte , aka Max, 55, who resided in Paramaribo, Suriname, was arrested in Miami, Florida on February 6. Witte has been charged with 19 counts, including conspiracy to commit computer fraud and aggravated identity theft, wire and bank fraud affecting a financial institution, and money laundering. According to heavily redacted court documents released by the DoJ, Witte and 16 other unnamed cohorts have been accused of running a transnational criminal organization to develop and deploy a digital suite of malware tools with an aim to target businesses and individuals worldwide for theft and ransom. Since its origin as a banking Trojan in late 2015,  TrickBot  has evolved into a " crimeware-as-a-service " capable of pilfering valuable personal and financial information and even droppi
cyber security

Permiso Security's 2024 State of Identity Security Report

websitePermisoThreat Detection / Identity Security
More than 90% of respondents expressed concern over their team and tooling's ability to detect identity-based attacks. Learn about critical gaps in security programs and what environments pose the most risk to security teams. Download the Report.
Cybersecurity
Expert Insights / Articles Videos
Cybersecurity Resources