Tag: cybercrime
-
Warning: Malicious AI Tools Being Distributed as Chrome Extensions by Threat Actors
Cybercriminals are exploiting the growing popularity of artificial intelligence tools by distributing malicious Chrome browser extensions that masquerade as legitimate AI services. These fake extensions, mimicking popular AI platforms like ChatGPT, Claude, Perplexity, and Meta’s Llama, are designed to hijack user prompts and redirect them to attacker-controlled domains for malicious purposes. Security researchers from Palo…
-
Scattered Spider, ShinyHunters Restructure New Attacks Underway
Resecurity warns the “Trinity of Chaos” (LAPSUS$, ShinyHunters, Scattered Spider) is driving a global cybercrime wave, with major breaches undisclosed. A new Resecurity report has uncovered a rapidly unfolding”, and potentially much larger”, global cybercrime campaign led by the notorious alliance of LAPSUS$, ShinyHunters, and Scattered Spider. Contrary to recent claims of “retirement,” the so-called…
-
Lunar Spider Infected Windows Machine in Single Click and Harvested Login Credentials
A sophisticated cybercriminal group known as Lunar Spider successfully compromised a Windows machine through a single malicious click, establishing a foothold that allowed them to harvest credentials and maintain persistent access for nearly two months. The intrusion, which began in May 2024, demonstrates the evolving threat landscape where initial access can rapidly escalate to full…
-
Interpol operation disrupts romance scam and sextortion networks in Africa
Authorities arrested 260 cybercrime suspects during a two-week operation spanning 14 African countries, Interpol announced Friday. The globally coordinated summertime crackdown dubbed “Operation Contender 3.0” targeted criminal networks that facilitated romance scams and sextortion, officials said. Interpol said total losses attributed to the scam syndicates amounted to about $2.8 million, involving almost 1,500 victims. Authorities…
-
Pan-African Operation Leads to Arrest of 260 Suspected Cybercriminals in Crackdown on Romance Scams and Sextortion
In a blow to cybercrime in Africa, authorities across 14 countries have apprehended 260 suspects involved in large-scale online scams, seizing over 1,200 electronic devices in the process. This pan-African operation, carried out between July 28 and August 11, 2025, specifically targeted transnational cybercriminal networks engaged in romance scams and sextortion, two of the most…
-
Acreed Infostealer Gaining Popularity Among Cybercriminals for C2 via Steam Platform
Acreed, a novel infostealer first observed in February 2025, has rapidly gained traction among threat actors seeking discreet credential and cryptocurrency data harvesting. Leveraging a unique command-and-control (C2) mechanism via the Steam platform’s community profiles, Acreed exhibits advanced OPSEC measures and versatility that distinguish it from established stealers such as Lumma. Acreed noted on Russian…
-
Cybercriminals Target SonicWall Firewalls to Deploy Akira Ransomware via Malicious Login Attempts
Security teams face a rapidly evolving campaign that abuses compromised SonicWall SSL VPN credentials to deliver Akira ransomware in under four hours”, dwell times among the shortest ever recorded for this type of threat. Within minutes of successful authentication”, often originating from hosting-related ASNs”, threat actors initiated port scans, leveraged Impacket SMB tools for discovery,…
-
Cybercriminals Target SonicWall Firewalls to Deploy Akira Ransomware via Malicious Login Attempts
Security teams face a rapidly evolving campaign that abuses compromised SonicWall SSL VPN credentials to deliver Akira ransomware in under four hours”, dwell times among the shortest ever recorded for this type of threat. Within minutes of successful authentication”, often originating from hosting-related ASNs”, threat actors initiated port scans, leveraged Impacket SMB tools for discovery,…
-
Cybercriminals Exploit Facebook and Google Ads as Tools for Stealing Sensitive Data
Cybercriminals expand malvertising campaigns from Facebook to Google Ads and YouTube, hijacking accounts to distribute crypto-stealing malware targeting financial platform users worldwide. A sophisticated malvertising campaign that initially targeted Facebook users with fake TradingView Premium offers has significantly expanded its reach, now infiltrating Google Ads and YouTube to distribute advanced cryptocurrency-stealing malware. Bitdefender researchers, who…
-
New ModStealer Evades Antivirus, Targets macOS Users to Steal Sensitive Data
A sophisticated new malware strain targeting macOS users has emerged, capable of bypassing traditional antivirus solutions while specifically targeting developers and cryptocurrency holders. The cross-platform threat, dubbed ModStealer, represents the latest evolution in macOS-focused cybercrime, highlighting the growing security challenges facing Apple users in 2024. ModStealer was first identified by cybersecurity firm Mosyle and reported through…
-
SVG Files Abused to Deploy PureMiner Malware and Exfiltrate Data
Cybercriminals are exploiting SVG files as an initial attack vector in a multi-stage campaign designed to impersonate Ukrainian government communications. FortiGuard Labs has uncovered a sophisticated phishing campaign targeting Ukrainian government agencies through malicious Scalable Vector Graphics (SVG) files, ultimately deploying both cryptocurrency mining malware and information stealers to compromise victim systems. The attack begins…
-
Wachsende Bedrohungslage durch KI-Cyberkriminalität und neue Ansätze für mehr Resilienz
65 % der befragten IT-Führungskräfte halten ihre Systeme gegenüber KI-basierter Cyberkriminalität für unzureichend geschützt. Eine Lenovo-Studie zeigt eine wachsende Sicherheitslücke angesichts zunehmender KI-gestützter Cyberkriminalität: 65 % der befragten IT-Führungskräfte geben an, dass ihre Abwehrmechanismen veraltet sind und KI-Angriffen nicht standhalten können. Lediglich 31 % fühlen sich in der Lage, sich wirksam zu verteidigen. Diese… First…
-
Wachsende Bedrohungslage durch KI-Cyberkriminalität und neue Ansätze für mehr Resilienz
65 % der befragten IT-Führungskräfte halten ihre Systeme gegenüber KI-basierter Cyberkriminalität für unzureichend geschützt. Eine Lenovo-Studie zeigt eine wachsende Sicherheitslücke angesichts zunehmender KI-gestützter Cyberkriminalität: 65 % der befragten IT-Führungskräfte geben an, dass ihre Abwehrmechanismen veraltet sind und KI-Angriffen nicht standhalten können. Lediglich 31 % fühlen sich in der Lage, sich wirksam zu verteidigen. Diese… First…
-
Wachsende Bedrohungslage durch KI-Cyberkriminalität und neue Ansätze für mehr Resilienz
65 % der befragten IT-Führungskräfte halten ihre Systeme gegenüber KI-basierter Cyberkriminalität für unzureichend geschützt. Eine Lenovo-Studie zeigt eine wachsende Sicherheitslücke angesichts zunehmender KI-gestützter Cyberkriminalität: 65 % der befragten IT-Führungskräfte geben an, dass ihre Abwehrmechanismen veraltet sind und KI-Angriffen nicht standhalten können. Lediglich 31 % fühlen sich in der Lage, sich wirksam zu verteidigen. Diese… First…
-
Cyberattack on Co-op leaves shelves empty, data stolen, and $275M in lost revenue
The cyberattack on UK retailer Co-op in April caused empty shelves, customer data theft, and a $275M revenue loss. In May, the cybercrime group behind the April Co-op cyberattack, who go online with the name DragonForce, told the BBC that they had stolen data from the British retail and provided proof of the data breach.…
-
Africa cybercrime crackdown includes hundreds of arrests, Interpol says
Several African countries targeted transnational criminal networks that used social media and other digital platforms to run romance and sextortion scams, Interpol said. First seen on therecord.media Jump to article: therecord.media/africa-cyber-fraud-crackdown-ghana-senegal-cote-divoire-angola-interpol
-
As fraud surges, UK prepares to replace its broken reporting service
Action Fraud is out, and Report Fraud is in. U.K. authorities say the latest version of a national reporting center for financially motivated cybercrime and other fraud will go live later this year. First seen on therecord.media Jump to article: therecord.media/uk-action-fraud-replacement-report-fraud
-
As fraud surges, UK prepares to replace its broken reporting service
Action Fraud is out, and Report Fraud is in. U.K. authorities say the latest version of a national reporting center for financially motivated cybercrime and other fraud will go live later this year. First seen on therecord.media Jump to article: therecord.media/uk-action-fraud-replacement-report-fraud
-
Malware Gangs Enlist Covert North Korean IT Workers in Corporate Attacks
Malware operators aligned with North Korea have forged a sophisticated partnership with covert IT workers to target corporate organizations worldwide. This collaboration, detailed in a new white paper presented at Virus Bulletin 2025, sheds light on the intertwined operations of the DeceptiveDevelopment cybercrime syndicate and the WageMole activity cluster, revealing a hybrid threat that marries…
-
Malware Gangs Enlist Covert North Korean IT Workers in Corporate Attacks
Malware operators aligned with North Korea have forged a sophisticated partnership with covert IT workers to target corporate organizations worldwide. This collaboration, detailed in a new white paper presented at Virus Bulletin 2025, sheds light on the intertwined operations of the DeceptiveDevelopment cybercrime syndicate and the WageMole activity cluster, revealing a hybrid threat that marries…
-
Interpol Cracks Down on Large-Scale African Scamming Networks
The effort, named Operation Contender 3.0, led to the arrest of 260 suspected cybercriminals First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/interpol-african-scamming-networks/
-
Unveiling LummaStealer’s Technical Details Through ML-Based Detection Approach
In early 2025, LummaStealer was in widespread use by cybercriminals targeting victims throughout the world in multiple industry verticals, including telecom, healthcare, banking, and marketing. A sweeping law enforcement operation in May brought this all to an abrupt halt. After a quiet period, we are now seeing new variants of LummaStealer emerge. In light of…
-
SpyCloud Report: 2/3 Orgs Extremely Concerned About Identity Attacks Yet Major Blind Spots Persist
Tags: access, ai, attack, breach, corporate, credentials, cybercrime, cybersecurity, dark-web, data, data-breach, defense, endpoint, government, identity, intelligence, jobs, malware, monitoring, ransomware, risk, theft, threat57% lack strong capabilities to invalidate exposed sessionsNearly two-thirds lack repeatable remediation workflowsAbout two-thirds do not have formal investigation protocolsLess than 20% can automate identity remediation across systemsOnly 19% of organizations have automated identity remediation processes in place. The rest rely on case-by-case investigation or incomplete playbooks that leave gaps attackers can exploit.”The defense mission…
-
SpyCloud Report: 2/3 Orgs Extremely Concerned About Identity Attacks Yet Major Blind Spots Persist
Tags: access, ai, attack, breach, corporate, credentials, cybercrime, cybersecurity, dark-web, data, data-breach, defense, endpoint, government, identity, intelligence, jobs, malware, monitoring, ransomware, risk, theft, threat57% lack strong capabilities to invalidate exposed sessionsNearly two-thirds lack repeatable remediation workflowsAbout two-thirds do not have formal investigation protocolsLess than 20% can automate identity remediation across systemsOnly 19% of organizations have automated identity remediation processes in place. The rest rely on case-by-case investigation or incomplete playbooks that leave gaps attackers can exploit.”The defense mission…
-
Operation HAECHI VI seized $439M from global cybercrime rings
Interpol announced that Operation HAECHI VI seized $439M from global cybercrime rings, with 40 countries joining the five-month crackdown. Interpol announced that an international law enforcement operation, codenamed Operation HAECHI VI, resulted in the seizure of $439M in cash and crypto from cybercrime rings between April and August 2025. Authorities from 40 countries joint to…
-
Trinity of Chaos: The LAPSUS$, ShinyHunters, and Scattered Spider Alliance Embarks on Global Cybercrime Spree
Tags: cybercrimeFirst seen on resecurity.com Jump to article: www.resecurity.com/blog/article/trinity-of-chaos-the-lapsus-shinyhunters-and-scattered-spider-alliance-embarks-on-global-cybercrime-spree
-
Mit ShadowV2 wird DDoS zu einem Cloud-nativen Abo-Dienst
DDos-Attacken sind mittlerweile als Auftragsmodell verfügbar, wie eine aktuelle Analyse zeigt.Laut einer Darktrace-Analyse nutzt eine ShadowV2-Bot-Kampagne falsch konfigurierte Docker-Container auf AWS und rüstet sie für DDoS-as-a-Service-Angriffe auf.Was ShadowV2 dabei besonders macht, ist die professionelle Ausstattung mit APIs, Dashboards, Betreiber-Logins und sogar animierten Benutzeroberflächen. ‘Dies ist eine weitere Erinnerung daran, dass Cyberkriminalität kein Nebenjob mehr ist,…
-
SpamGPT Amps Up Enterprise Email Security Threats
Researchers warn that SpamGPT, an AI-powered spam and phishing toolkit, lowers the barrier for cybercriminals with scalable, evasive email attacks. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/spamgpt-amps-up-enterprise-email-security-threats/