Tag: cybercrime

Germany doxxes Conti ransomware and TrickBot ring leader

May 30, 2025 6:55 PM

Tags: cybercrime, germany, office, ransomware, russia

The Federal Criminal Police Office of Germany (Bundeskriminalamt or BKA) claims that Stern, the leader of the Trickbot and Conti cybercrime gangs, is a 36-year-old Russian named Vitaly Nikolaevich Kovalev. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/germany-doxxes-conti-ransomware-and-trickbot-ring-leader/
Cops in Germany Claim They’ve ID’d the Mysterious Trickbot Ransomware Kingpin

May 30, 2025 3:55 PM

Tags: cybercrime, germany, group, law, ransomware

The elusive boss of the Trickbot and Conti cybercriminal groups has been known only as “Stern.” Now, German law enforcement has published his alleged identity”, and it’s a familiar face. First seen on wired.com Jump to article: www.wired.com/story/stern-trickbot-identified-germany-bka/
Hackers Use AI-Generated Videos on TikTok to Spread Info-Stealing Malware

May 30, 2025 1:55 PM

Tags: ai, cyber, cybercrime, data, exploit, hacker, malicious, malware, powershell, software, threat

TrendMicro has uncovered a sophisticated campaign where threat actors are exploiting TikTok to distribute information-stealing malware. By leveraging AI-generated videos posing as tutorials for unlocking pirated software, cybercriminals trick unsuspecting viewers into executing malicious PowerShell commands. These commands download dangerous malware strains such as Vidar and StealC, designed to harvest sensitive data from infected systems.…
Chinese Phishing Service Haozi Resurfaces, Fueling Criminal Profits

May 30, 2025 12:55 PM

Tags: china, cybercrime, phishing, service, skills

A Chinese-language PhaaS platform Haozi is making cybercrime easy with no tech skills needed. Discover how this plug-and-play service facilitated over $280,000 in illicit transactions. First seen on hackread.com Jump to article: hackread.com/chinese-phishing-service-haozi-criminal-profits/
Treasury sanctions crypto scam facilitator that allegedly stole $200M from US victims

May 29, 2025 9:55 PM

Tags: crypto, cybercrime, scam

The Philippines-based company Funnull operated a large cybercrime platform encompassing more than 332,000 domains, the FBI said. First seen on cyberscoop.com Jump to article: cyberscoop.com/funnull-cryptocurrency-scam-sanctions/
Cybercriminals Target AI Users with Malware-Loaded Installers Posing as Popular Tools

May 29, 2025 6:55 PM

Tags: ai, chatgpt, cisco, cybercrime, intelligence, malware, openai, powershell, ransomware, threat, tool

Fake installers for popular artificial intelligence (AI) tools like OpenAI ChatGPT and InVideo AI are being used as lures to propagate various threats, such as the CyberLock and Lucky_Gh0$t ransomware families, and a new malware dubbed Numero.”CyberLock ransomware, developed using PowerShell, primarily focuses on encrypting specific files on the victim’s system,” Cisco Talos researcher Chetan…
Cybercriminals exploit AI hype to spread ransomware, malware

May 29, 2025 4:55 PM

Tags: ai, cybercrime, exploit, malicious, malware, ransomware, threat, tool

Threat actors linked to lesser-known ransomware and malware projects now use AI tools as lures to infect unsuspecting victims with malicious payloads. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cybercriminals-exploit-ai-hype-to-spread-ransomware-malware/
Cybercriminals camouflaging threats as AI tool installers

May 29, 2025 12:55 PM

Tags: ai, cisco, cybercrime, malware, ransomware, threat, tool

Cisco Talos has uncovered new threats, including ransomware like CyberLock and Lucky_Gh0$t, and a destructive malware called Numero, all disguised as legitimate AI tool installers to target victims. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/fake-ai-tool-installers/
6 rising malware trends every security pro should know

May 29, 2025 8:55 AM

Tags: adobe, ai, antivirus, apple, attack, awareness, backdoor, business, captcha, cloud, corporate, cybercrime, data, defense, detection, encryption, endpoint, exploit, extortion, framework, group, hacking, incident response, infrastructure, intelligence, Internet, law, leak, macOS, malicious, malware, network, password, phishing, powershell, programming, pypi, ransom, ransomware, service, social-engineering, software, supply-chain, tactics, theft, threat, tool, update, vulnerability, worm

Malicious packages targeting developer environments: Threat actors are systematically compromising the software supply chain by embedding malicious code within legitimate development tools, libraries, and frameworks that organizations use to build applications.”These supply chain attacks exploit the trust between developers and package repositories,” Immersive’s McCarthy tells CSO. “Malicious packages often mimic legitimate ones while running harmful…
Separating hype from reality: How cybercriminals are actually using AI

May 28, 2025 10:55 PM

Tags: ai, attack, automation, cyber, cyberattack, cybercrime, cybersecurity, data, defense, exploit, framework, group, incident response, malicious, mitre, strategy, technology, threat, vulnerability, zero-day

The evolution of AI: Preparing defenders for tomorrow’s threats: As security professionals chart their defensive strategies, we must consider how AI will reshape cybercrime in the coming years. We also need to anticipate the fundamental pivots attackers will make, and what this evolution means for our entire industry. AI will inevitably impact vulnerability discovery, enable…
Ex-White House adviser warns on cybercrime surge

May 28, 2025 10:55 PM

Tags: cybercrime

First seen on scworld.com Jump to article: www.scworld.com/brief/ex-white-house-adviser-warns-on-cybercrime-surge
Cybercriminals Are Turning Ordinary Citizens Into Money Mules in a New ‘RentBank-Account’ Scam

May 28, 2025 7:55 PM

Tags: cyber, cybercrime, exploit, finance, fraud, scam, vulnerability

Cybercriminals are exploiting vulnerable individuals by transforming them into unwitting money mules through a sophisticated fraud known as the ‘rent-a-bank-account’ scam. This scam involves fraudsters enticing people, often those in financial distress, with promises of quick cash in exchange for temporarily “lending” their bank accounts for transactions. Luring Victims with Promises of Easy Money A…
Dark Partners cybercrime gang fuels large-scale crypto heists

May 28, 2025 6:54 PM

Tags: ai, attack, crypto, cybercrime, network, software, theft, threat, vpn

A sprawling network of fake AI, VPN, and crypto software download sites is being used by the “Dark Partner” threat actors to conduct a crypto theft attacks worldwide. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/dark-partners-cybercrime-gang-fuels-large-scale-crypto-heists/
The latest in phishing scams: stealing your information through fake online forms

May 28, 2025 3:55 PM

Tags: attack, cybercrime, exploit, phishing, scam, tactics, technology, threat
How ‘Browserthe-Middle’ Attacks Steal Sessions in Seconds

May 28, 2025 12:55 PM

Tags: attack, computer, control, cybercrime, data, password, service

Would you expect an end user to log on to a cybercriminal’s computer, open their browser, and type in their usernames and passwords? Hopefully not! But that’s essentially what happens if they fall victim to a Browser-in-the-Middle (BitM) attack.Like Man-in-the-Middle (MitM) attacks, BiTM sees criminals look to control the data flow between the victim’s computer…
‘Secure email’: A losing battle CISOs must give up

May 28, 2025 10:55 AM

Tags: access, attack, authentication, business, cisco, ciso, communications, compliance, corporate, credentials, cyber, cybercrime, data, dkim, dmarc, dns, email, encryption, finance, google, Internet, mail, mfa, microsoft, mobile, password, phishing, risk, service, threat, tool, windows

End-to-end encryption remains elusive: Email continues to be the dominant electronic communication tool today because it is well understood, relatively easy to use, and relatively inexpensive. By and large, businesses have approved email for sending confidential information, and we often convince ourselves that it is secure, can be secured with third-party tools, or it’s “good…
Operation Endgame gelingt Schlag gegen Cyberkriminalität

May 28, 2025 8:54 AM

Tags: cybercrime, malware

Internationalen Strafverfolgungsbehörden ist es bei der gemeinsamen Operation Endgame gelungen, die DanaBot-Malware zu neutralisieren und 16 Hintermänner festzunehmen. First seen on 8com.de Jump to article: www.8com.de/cyber-security-blog/operation-endgame-gelingt-schlag-gegen-cyberkriminalitat
Indian Police Arrest Cybercrime Gang Copycats of Myanmar Biz Model

May 28, 2025 5:54 AM

Tags: cybercrime, india, law

The region offers attractive conditions: a large pool of tech workers, economic disparity, and weak enforcement of cybercrime laws, all of which attract businesses legitimate and shady. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/indian-police-arrest-cybercrime-gang-copycats-myanmar-biz-model
Cybercriminals Clone Antivirus Site to Spread Venom RAT and Steal Crypto Wallets

May 27, 2025 10:54 PM

Tags: access, antivirus, credentials, crypto, cybercrime, cybersecurity, finance, malicious, rat, software

Cybersecurity researchers have disclosed a new malicious campaign that uses a fake website advertising antivirus software from Bitdefender to dupe victims into downloading a remote access trojan called Venom RAT.The campaign indicates a “clear intent to target individuals for financial gain by compromising their credentials, crypto wallets, and potentially selling access to their systems,” the…
Danabot Takedown Deals Blow to Russian Cybercrime

May 27, 2025 7:54 PM

Tags: botnet, cybercrime, infrastructure, russia

A multiyear investigation by a public-private partnership has resulted in the seizure of the botnet’s US-based infrastructure and indictments for its key players, significantly disrupting a vast cybercriminal enterprise. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/danabot-takedown-russian-cybercrime
US authorities charge 16 in operation to disrupt DanaBot malware

May 27, 2025 5:54 PM

Tags: computer, cybercrime, group, malicious, malware, russia

Authorities said malware linked to Russia-based cybercrime group infected more than 300,000 computers around the world with the malicious code. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/us-authorities-disrupt-danabot-malware/748991/
Adidas Customer Information Compromised Through Third-Party Vendor

May 27, 2025 1:54 PM

Tags: breach, cyber, cybercrime, data, data-breach, password, service

German sportswear giant Adidas has confirmed a data breach after cybercriminals accessed customer data through a third-party customer service provider. The breach, disclosed on May 23, 2025, did not involve sensitive information such as passwords or payment details but did expose the contact information of customers who had previously interacted with Adidas’ help desk. This…
Hackers Reportedly Selling Over 500 Stolen Crypto Databases on Dark-Web Forums

May 26, 2025 8:54 PM

Tags: breach, crypto, cyber, cybercrime, cybersecurity, dark-web, hacker, threat

A hackers has made news by allegedly selling a ZIP archive containing more than 500 compromised databases, which seems to be a serious blow to the cybersecurity of several cryptocurrency companies. This clandestine operation, taking place on dark-web forums, showcases the growing threat landscape within the crypto space where cybercriminals are increasingly targeting valuable digital…
Fake software activation videos on TikTok spread Vidar, StealC

May 26, 2025 11:54 AM

Tags: ai, attack, cybercrime, malware, powershell, software, tool

Crooks use TikTok videos with fake tips to trick users into running commands that install Vidar and StealC malware in ClickFix attacks. Cybercriminals leverage AI-generated TikTok videos in ClickFix attacks to spread Vidar and StealC malware, reports Trend Micro. These videos trick users into running PowerShell commands disguised as software activation steps for tools like…
Cyber threats are changing and here’s what you should watch for

May 26, 2025 6:54 AM

Tags: cyber, cybercrime, intelligence, tactics, threat

In this Help Net Security video, Stefan Tanase, Cyber Intelligence Expert at CSIS, gives an overview of how cybercriminals are changing their tactics, including using … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/05/26/cyber-threats-2025-video/
Security Affairs newsletter Round 525 by Pierluigi Paganini INTERNATIONAL EDITION

May 25, 2025 3:54 PM

Tags: cybercrime, email, group, international, law, network, ransom, WeeklyReview

A new round of the weekly Securitythe weekly Security Affairs newsletterAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Silent Ransom Group targeting law firms, the FBI warns Leader of Qakbot cybercrime network…
Leader of Qakbot cybercrime network indicted in U.S. crackdown

May 24, 2025 1:55 PM

Tags: botnet, computer, cybercrime, network, ransomware, russia

The U.S. indicted Russian Rustam Gallyamov for leading the Qakbot botnet, which infected 700K+ devices and was used in ransomware attacks. The U.S. authorities have indicted Russian national Rustam Gallyamov, the leader of the Qakbot operation, which infected over 700,000 computers and facilitated ransomware attacks. Qakbot, also known as QBot, QuackBot and Pinkslipbot, is an…
NC Pathology Practice Notifying 236,000 of Data Theft Hack

May 24, 2025 12:55 AM

Tags: breach, cybercrime, data, group, hacker, hacking, ransom, ransomware, theft

Did Marlboro-Chesterfield Pathology Pay Cybercrime Gang Safepay a Ransom?. A North Carolina pathology practice is notifying nearly 236,000 patients of a hacking incident discovered in January. Marlboro-Chesterfield Pathology says it took steps to ensure the hackers deleted its stolen data. Newcomer ransomware group Safepay is apparently the culprit in the attack. First seen on govinfosecurity.com…
Cybersecurity Snapshot: AI Data Security Best Practices Released, While New Framework Seeks To Help IT Pros Gain Cyber Skills

May 23, 2025 11:55 PM

Tags: access, advisory, ai, api, attack, authentication, awareness, best-practice, breach, cctv, cisa, cloud, computer, control, credentials, crypto, cyber, cybercrime, cybersecurity, data, detection, email, espionage, exploit, finance, framework, germany, group, Hardware, infrastructure, injection, intelligence, iot, kev, law, linux, malware, metric, mfa, military, mitigation, network, nist, open-source, organized, passkey, password, phishing, risk, russia, skills, software, sql, tactics, technology, tool, training, ukraine, unauthorized, update, vpn, vulnerability, wifi, zero-trust

Check out expert recommendations for protecting your AI system data. Plus, boost your IT department’s cybersecurity skills with a new interactive framework. In addition, learn about a malware campaign targeting critical infrastructure orgs. And get the latest on Russian cyber espionage and on a NIST effort to enhance vulnerability prioritization. Dive into five things that…
ConnectWise ScreenConnect Tops List of Abused RATs in 2025 Attacks

May 23, 2025 10:55 PM

Tags: access, attack, cybercrime, intelligence, malware, rat, tool

Cofense Intelligence’s May 2025 report exposes how cybercriminals are abusing legitimate Remote Access Tools (RATs) like ConnectWise and Splashtop to deliver malware and steal data. Learn about this growing threat. First seen on hackread.com Jump to article: hackread.com/connectwise-screenconnect-tops-abused-rats-2025/