#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

crypter | Breaking Cybersecurity News | The Hacker News

Category — crypter
Ukraine Police Arrest Suspect Linked to LockBit and Conti Ransomware Groups

Ukraine Police Arrest Suspect Linked to LockBit and Conti Ransomware Groups

Jun 13, 2024 Cyber Crime / Ransomware
The Cyber Police of Ukraine has announced the arrest of a local man who is suspected to have offered their services to LockBit and Conti ransomware groups. The unnamed 28-year-old native of the Kharkiv region allegedly specialized in the development of crypters to encrypt and obfuscate malicious payloads in order to evade detection by security programs. The product is believed to have been offered to the Conti and LockBit ransomware syndicates that then used the crypter to disguise the file-encrypting malware and launch successful attacks. "And at the end of 2021, members of the [Conti] group infected the computer networks of enterprises in the Netherlands and Belgium with hidden malware," according to a translated version of the statement released by the agency. As part of the investigation, authorities conducted searches in Kyiv and Kharkiv, and seized computer equipment, mobile phones, and notebooks. If found guilty, the defendant is expected to face up to 15 years ...
LummaC2 Malware Deploys New Trigonometry-Based Anti-Sandbox Technique

LummaC2 Malware Deploys New Trigonometry-Based Anti-Sandbox Technique

Nov 20, 2023 Malware / Cyber Attack
The stealer malware known as  LummaC2  (aka Lumma Stealer) now features a new anti-sandbox technique that leverages the mathematical principle of trigonometry to evade detection and exfiltrate valuable information from infected hosts. The method is designed to "delay detonation of the sample until human mouse activity is detected," Outpost24 security researcher Alberto MarĂ­n  said  in a technical report shared with The Hacker News. Written in the C programming language, LummaC2 has been sold in underground forums since December 2022. The malware has since  received   iterative updates  that make it harder to analyze via control flow flattening and even allow it to deliver additional payloads. The current version of LummaC2 (v4.0) also requires its customers to use a  crypter  as an added concealing mechanism, not to mention prevent it from being leaked in its raw form. Another noteworthy update is the reliance on trigonometry to detect ...
Unlocking Google Workspace Security: Are You Doing Enough to Protect Your Data?

Crowdstrike Named A Leader In Endpoint Protection Platforms

Nov 22, 2024Endpoint Security / Threat Detection
CrowdStrike is named a Leader in the 2024 Gartner® Magic Quadrant™ for Endpoint Protection Platforms for the fifth consecutive time, positioned highest on Ability to Execute and furthest to the right on Completeness of Vision.
Cybercriminals Using New ASMCrypt Malware Loader to Fly Under the Radar

Cybercriminals Using New ASMCrypt Malware Loader to Fly Under the Radar

Sep 29, 2023 Malware / Cyber Threat
Threat actors are selling a new crypter and loader called  ASMCrypt , which has been described as an "evolved version" of another loader malware known as DoubleFinger. "The idea behind this type of malware is to load the final payload without the loading process or the payload itself being detected by AV/EDR, etc.," Kaspersky  said  in an analysis published this week. DoubleFinger was  first documented  by the Russian cybersecurity company, detailing infection chains leveraging the malware to propagate a cryptocurrency stealer dubbed GreetingGhoul to victims in Europe, the U.S., and Latin America. ASMCrypt, once purchased and launched by the customers, is designed to establish contact with a backend service over the TOR network using hard-coded credentials, thereby enabling the buyers to build payloads of their choice for use in their campaigns. "The application creates an encrypted blob hidden inside a .PNG file," Kaspersky said. "This image mus...
cyber security

The AppSec & R&D Playbook: How to Align Security and Innovation

websiteBackslashApplication Security
AppSec vs. R&D? Bridge the gap with clear steps to streamline workflows and foster collaboration.
Researchers Detail Evasive DarkTortilla Crypter Used to Deliver Malware

Researchers Detail Evasive DarkTortilla Crypter Used to Deliver Malware

Aug 18, 2022
A .NET-based evasive crypter named  DarkTortilla  has been used by threat actors to distribute a broad array of commodity malware as well as targeted payloads like Cobalt Strike and Metasploit, likely  since 2015 . "It can also deliver 'add-on packages' such as additional malicious payloads, benign decoy documents, and executables," cybersecurity firm Secureworks  said  in a Wednesday report. "It features robust anti-analysis and anti-tamper controls that can make detection, analysis, and eradication challenging." Malware delivered by the crypter includes information steakers and remote access trojans (RATs) such as Agent Tesla, AsyncRat, NanoCore, and RedLine Stealer. "DarkTortilla has versatility that similar malware does not," the researchers noted. Crypters are  software tools  that use a  combination  of encryption, obfuscation, and code manipulation of malware so as to  bypass detection  by security solutions. The delive...
'Paunch', Blackhole exploit kit creator and Gang arrested in Russia

'Paunch', Blackhole exploit kit creator and Gang arrested in Russia

Dec 07, 2013
In October, we had reported that the creator of the infamous Blackhole  exploit kit was  arrested in Russia  and now the Russian Ministry of Internal Affairs has also confirmed that ' Paunch ', the mastermind behind infamous  BlackHole  exploit kit, along with Gang of 12 other criminals were arrested on October 4, 2013 in Russia. Russian security firm Group-IB has disclosed that it has assisted the police in the investigation of Paunch, who was residing in the city of Togliatti . 27-years old ' Paunch ' is the author of the notorious BlackHole and Cool exploit kits that are today popular among cybercriminals and costs $500 to $700 a month in for buyers. Cool and Blackhole exploit kits are the ready-made hacking tools for easily serving malware from compromised sites, in result to install malware on users' computers using exploits of zero-day vulnerabilities in latest web browsers. The general damage caused by the criminal gang is estimated aroun...
Expert Insights / Articles Videos
Cybersecurity Resources