Tag: cybercrime
-
KI Kriminalität: Wenn der Betrug auf Autopilot läuft
Künstliche Intelligenz ermöglicht eine neue Form der Cyberkriminalität, die auf Autopilot läuft. Die Täter brauchen kein Fachwissen mehr. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/online-betrug/ki-kriminalitaet-wenn-der-betrug-auf-autopilot-laeuft-323097.html
-
The Human Perimeter: How the COM Became a Cybercrime Powerhouse
The COM’s rise highlights how attackers increasingly exploit identity and trust to drive modern cybercrime. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/the-human-perimeter-how-the-com-became-a-cybercrime-powerhouse/
-
The Human Perimeter: How the COM Became a Cybercrime Powerhouse
The COM’s rise highlights how attackers increasingly exploit identity and trust to drive modern cybercrime. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/the-human-perimeter-how-the-com-became-a-cybercrime-powerhouse/
-
North Korean Hackers Breach 136 U.S. Companies, Earning $2.2 Million
The U.S. Justice Department has announced a significant crackdown on North Korean cybercrime operations, securing five guilty pleas and initiating civil forfeiture actions totaling over $15 million against schemes orchestrated by the Democratic People’s Republic of Korea (DPRK). The elaborate fraud network impacted more than 136 American companies, generating $2.2 million for the North Korean…
-
Document Tech Firm Hit as New Cyber Gang Expands Reach
Kazu Demands $200K Ransom, Begins Leaking 1.2M Stolen Patient Records. Kazu, a relative newcomer among cybercrime gangs, is threatening to post 353 gigabytes of data allegedly stolen in recent weeks from Doctor Alliance, a Texas-based company that provides document and billing management technology and services to physician practices. The attack appears to be the gang’s…
-
Western governments disrupt trifecta of cybercrime tools
Authorities seized more than 1,000 servers and 20 domains in the operation. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/operation-endgame-third-phase-infostealer-rat-botnet/805549/
-
CISA flags imminent threat as Akira ransomware starts hitting Nutanix AHV
Advisory updated as leading cybercrime crew opens up its target pool First seen on theregister.com Jump to article: www.theregister.com/2025/11/14/cisa_akira_ransomware/
-
Cybercriminals Use Fake Invoices to Deploy XWorm and Steal Login Credentials
Cybercriminals are deploying sophisticated phishing campaigns that weaponize seemingly legitimate invoice emails to distribute Backdoor.XWorm is a dangerous remote-access trojan (RAT) capable of stealing sensitive credentials, recording keystrokes, and installing ransomware. Security researchers have uncovered an active malware distribution operation using Visual Basic Script attachments disguised as routine business correspondence, representing a dangerous evolution of social…
-
Cybercriminals Use Fake Invoices to Deploy XWorm and Steal Login Credentials
Cybercriminals are deploying sophisticated phishing campaigns that weaponize seemingly legitimate invoice emails to distribute Backdoor.XWorm is a dangerous remote-access trojan (RAT) capable of stealing sensitive credentials, recording keystrokes, and installing ransomware. Security researchers have uncovered an active malware distribution operation using Visual Basic Script attachments disguised as routine business correspondence, representing a dangerous evolution of social…
-
Cybercriminals Use Fake Invoices to Deploy XWorm and Steal Login Credentials
Cybercriminals are deploying sophisticated phishing campaigns that weaponize seemingly legitimate invoice emails to distribute Backdoor.XWorm is a dangerous remote-access trojan (RAT) capable of stealing sensitive credentials, recording keystrokes, and installing ransomware. Security researchers have uncovered an active malware distribution operation using Visual Basic Script attachments disguised as routine business correspondence, representing a dangerous evolution of social…
-
Für Cybercrime-Forschung: Dienstleister spendet von Hackern gefordertes Lösegeld
Ein Cyberangriff hat den Zahlungsdienstleister Checkout.com getroffen. Dieser zahlt das Lösegeld – allerdings nicht an die Angreifer. First seen on golem.de Jump to article: www.golem.de/news/fuer-cybercrime-forschung-dienstleister-spendet-von-hackern-gefordertes-loesegeld-2511-202195.html
-
Analysis of Multi-Stage Phishing Kits Leveraging Telegram for Credential Theft and Evasion Techniques
Tags: automation, credentials, cyber, cybercrime, data, finance, framework, group, phishing, risk, service, theftResearchers at Group-IB have uncovered a sophisticated phishing framework that demonstrates how cybercriminals are industrializing credential theft through automation, evasion techniques, and Telegram-based data exfiltration. The kit targets explicitly Aruba S.p.A., an Italian IT services provider serving over 5.4 million customers, highlighting the significant financial and operational risks posed by modern phishing-as-a-service operations. The analyzed…
-
Clop claims it hacked ‘the NHS.’ Which bit? Your guess is as good as theirs
Cybercrime crew has ravaged multiple private organizations using Oracle EBS zero-day for months First seen on theregister.com Jump to article: www.theregister.com/2025/11/14/nhs_clop/
-
Malvertising-Netzwerk namens Payroll Pirates entdeckt
Ein Forschungsteam von Check Point Software Technologies hat ein weit verzweigtes Cybercrime-Netzwerk aufgedeckt, das legitime Online-Werbeplattformen gezielt missbraucht. Die Gruppe, die unter dem Namen ‘Payroll Pirates” bekannt ist, hat sich seit Mitte 2023 darauf spezialisiert, Gehalts- und Finanzsysteme zu manipulieren. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/malvertising-netzwerk-payroll-pirates
-
Checkout.com Suffers Data Breach as ShinyHunters Attack Cloud Storage
Payment processor Checkout.com recently experienced a data breach after being targeted by the cybercrime group “ShinyHunters.” The attackers accessed old data stored in a third-party cloud system. Luckily, Checkout.com’s live payment processing environment was not affected, and no merchant funds or card numbers were accessed. The company revealed that the breach happened last week when…
-
Malvertising-Netzwerk namens Payroll Pirates entdeckt
Ein Forschungsteam von Check Point Software Technologies hat ein weit verzweigtes Cybercrime-Netzwerk aufgedeckt, das legitime Online-Werbeplattformen gezielt missbraucht. Die Gruppe, die unter dem Namen ‘Payroll Pirates” bekannt ist, hat sich seit Mitte 2023 darauf spezialisiert, Gehalts- und Finanzsysteme zu manipulieren. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/malvertising-netzwerk-payroll-pirates
-
Crypto Exchanges Hacked Again for Over $100 Million
Tags: crypto, cybercrime, cybersecurity, data, exploit, finance, linkedin, service, software, theft, vulnerabilityCybercriminals continue to target the cryptocurrency industry, this time with an exploit that affected the Balancer decentralized finance platform, with total losses exceeding $100 million and involving several exchanges that use the software across multiple chains. Some of the money was recovered, but over $90 million has been converted to Ethereum by the criminals, likely…
-
UK NHS Named in Clop Gang’s Exploits of Oracle Zero-Days
British Health System Investigates Claim Amid Wave of Enterprise Data Thefts. Ransomware gang Clop has claimed the United Kingdom’s National Health Service among its latest victims. The NHS confirmed that it is listed on a cybercriminal group’s dark website, but did not comment on Clop’s claims. The hack attack appears tied to Oracle E-Business Suite…
-
Ransomed CTO falls on sword, refuses to pay extortion demand
Checkout.com will instead donate the amount to fund cybercrime research First seen on theregister.com Jump to article: www.theregister.com/2025/11/13/ransomed_cto_refuses_extortion_demand/
-
Police take down three cybercrime operations in latest round of ‘whackmole’
Authorities from nine countries took down three cybercrime operations, including the Rhadamantys infostealer, which allegedly had access to the crypto wallets of more than 100,000 victims. First seen on techcrunch.com Jump to article: techcrunch.com/2025/11/13/police-take-down-three-cybercrime-operations-in-latest-round-of-whack-a-mole/
-
A new round of Europol’s Operation Endgame dismantled Rhadamanthys, Venom RAT, and Elysium botnet
Europol’s Operation Endgame dismantles Rhadamanthys, Venom RAT, and Elysium botnet in a global crackdown on cybercriminal infrastructures. Europol and Eurojust have launched a new phase of Operation Endgame, carried out between November 10 and 13, 2025, dismantling major malware families including Rhadamanthys Stealer, Venom RAT, and the Elysium botnet as part of a global effort…
-
Phishing Emails Alert: How Spam Filters Can Steal Your Email Logins in an Instant
Cybercriminals have launched a sophisticated phishing campaign that exploits trust in internal security systems by spoofing email delivery notifications to appear as legitimate spam-filter alerts within organizations. These deceptive emails are designed to steal login credentials that could compromise email accounts, cloud storage, and other sensitive systems. “‹ The attack begins with an email claiming…
-
Legitime Werbeplattformen als Einfallstore für Cyberangriffe
Check Point Software Technologies hat mithilfe seines External-Risk-Management-Teams ein weit verzweigtes Cybercrime-Netzwerk aufgedeckt. Dieses verwandelt legitime Werbeplattformen in Einfallstore für Cyber-Angriffe. Der unter dem Codenamen bekannte Zusammenschluss zielt seit Mitte 2023 auf Gehaltsabrechnungs- und Finanzsysteme ab, um Zugangsdaten zu stehlen und Gehaltszahlungen umzuleiten. Dabei ist dies nicht nur ein Zusammenschluss unabhängiger Täter, sondern […] First…
-
Operation Endgame schaltet Schadsoftware ab
Ermittler aus Deutschland sind gemeinsam mit internationalen Partnern erneut erfolgreich gegen Cyberkriminalität vorgegangen. BundeskriminalamtDank globaler Zusammenarbeit ist Ermittlern ein Schlag gegen die Verbreitung von Schadsoftware gelungen. Man habe “einen der gefährlichsten Stealer und einen der meistgenutzten Trojaner weltweit unschädlich gemacht”, teilten die Zentralstelle zur Bekämpfung der Internetkriminalität und das Bundeskriminalamt (BKA) mit. Solche Systeme nisten sich…
-
Operation Endgame: Police reveal takedowns of three key cybercrime tools
The Rhadamanthys infostealer, the VenomRAT remote access trojan and the Elysium botnet were targeted in the latest phase of the international police action known as Operation Endgame. First seen on therecord.media Jump to article: therecord.media/operation-endgame-cybercrime-takedowns-rhadamanthys-venomrat-elysium
-
Operation Endgame: Authorities Takedown 1,025 Servers Linked to Rhadamanthys, VenomRAT, and Elysium
Between November 10 and 14, 2025, law enforcement agencies executed one of the most significant coordinated operations against cybercriminals in recent history. Operation Endgame, coordinated from Europol’s headquarters in The Hague, successfully dismantled three major threats to global cybersecurity: the infamous Rhadamanthys infostealer, the VenomRAT remote access trojan, and the Elysium botnet. This remarkable international…
-
Operation Endgame: Authorities Takedown 1,025 Servers Linked to Rhadamanthys, VenomRAT, and Elysium
Between November 10 and 14, 2025, law enforcement agencies executed one of the most significant coordinated operations against cybercriminals in recent history. Operation Endgame, coordinated from Europol’s headquarters in The Hague, successfully dismantled three major threats to global cybersecurity: the infamous Rhadamanthys infostealer, the VenomRAT remote access trojan, and the Elysium botnet. This remarkable international…
-
Beware of Fake Bitcoin Tools Concealing DarkComet RAT Malware
A newly discovered malware campaign is leveraging one of cybercriminals’ most effective lures cryptocurrency to distribute DarkComet RAT. This notorious remote access trojan continues to plague users despite being discontinued by its creator years ago. Security researchers have identified a suspicious executable masquerading as a Bitcoin wallet application, which, when executed, silently deploys the full…
-
Google asks US court to shut down Lighthouse phishing-as-a-service operation
Tags: control, crime, cyber, cybercrime, cybersecurity, email, google, government, incident response, law, malicious, network, phishing, risk, sans, scam, service, smishing, technology, threatWill have ‘minimal impact’: Ed Dubrovsky, chief operating officer of incident response firm Cypher, is skeptical of the effectiveness of court action. Phishing-as-a-service operations don’t have to be on American soil, he explained, so court orders and legislation will likely have minimal impact on smishing or phishing attacks.”However,” he added, “I can understand that even…