Tag: cybercrime
-
Clop claims it hacked ‘the NHS.’ Which bit? Your guess is as good as theirs
Cybercrime crew has ravaged multiple private organizations using Oracle EBS zero-day for months First seen on theregister.com Jump to article: www.theregister.com/2025/11/14/nhs_clop/
-
Malvertising-Netzwerk namens Payroll Pirates entdeckt
Ein Forschungsteam von Check Point Software Technologies hat ein weit verzweigtes Cybercrime-Netzwerk aufgedeckt, das legitime Online-Werbeplattformen gezielt missbraucht. Die Gruppe, die unter dem Namen ‘Payroll Pirates” bekannt ist, hat sich seit Mitte 2023 darauf spezialisiert, Gehalts- und Finanzsysteme zu manipulieren. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/malvertising-netzwerk-payroll-pirates
-
Checkout.com Suffers Data Breach as ShinyHunters Attack Cloud Storage
Payment processor Checkout.com recently experienced a data breach after being targeted by the cybercrime group “ShinyHunters.” The attackers accessed old data stored in a third-party cloud system. Luckily, Checkout.com’s live payment processing environment was not affected, and no merchant funds or card numbers were accessed. The company revealed that the breach happened last week when…
-
Malvertising-Netzwerk namens Payroll Pirates entdeckt
Ein Forschungsteam von Check Point Software Technologies hat ein weit verzweigtes Cybercrime-Netzwerk aufgedeckt, das legitime Online-Werbeplattformen gezielt missbraucht. Die Gruppe, die unter dem Namen ‘Payroll Pirates” bekannt ist, hat sich seit Mitte 2023 darauf spezialisiert, Gehalts- und Finanzsysteme zu manipulieren. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/malvertising-netzwerk-payroll-pirates
-
Crypto Exchanges Hacked Again for Over $100 Million
Tags: crypto, cybercrime, cybersecurity, data, exploit, finance, linkedin, service, software, theft, vulnerabilityCybercriminals continue to target the cryptocurrency industry, this time with an exploit that affected the Balancer decentralized finance platform, with total losses exceeding $100 million and involving several exchanges that use the software across multiple chains. Some of the money was recovered, but over $90 million has been converted to Ethereum by the criminals, likely…
-
UK NHS Named in Clop Gang’s Exploits of Oracle Zero-Days
British Health System Investigates Claim Amid Wave of Enterprise Data Thefts. Ransomware gang Clop has claimed the United Kingdom’s National Health Service among its latest victims. The NHS confirmed that it is listed on a cybercriminal group’s dark website, but did not comment on Clop’s claims. The hack attack appears tied to Oracle E-Business Suite…
-
Ransomed CTO falls on sword, refuses to pay extortion demand
Checkout.com will instead donate the amount to fund cybercrime research First seen on theregister.com Jump to article: www.theregister.com/2025/11/13/ransomed_cto_refuses_extortion_demand/
-
Police take down three cybercrime operations in latest round of ‘whackmole’
Authorities from nine countries took down three cybercrime operations, including the Rhadamantys infostealer, which allegedly had access to the crypto wallets of more than 100,000 victims. First seen on techcrunch.com Jump to article: techcrunch.com/2025/11/13/police-take-down-three-cybercrime-operations-in-latest-round-of-whack-a-mole/
-
A new round of Europol’s Operation Endgame dismantled Rhadamanthys, Venom RAT, and Elysium botnet
Europol’s Operation Endgame dismantles Rhadamanthys, Venom RAT, and Elysium botnet in a global crackdown on cybercriminal infrastructures. Europol and Eurojust have launched a new phase of Operation Endgame, carried out between November 10 and 13, 2025, dismantling major malware families including Rhadamanthys Stealer, Venom RAT, and the Elysium botnet as part of a global effort…
-
Phishing Emails Alert: How Spam Filters Can Steal Your Email Logins in an Instant
Cybercriminals have launched a sophisticated phishing campaign that exploits trust in internal security systems by spoofing email delivery notifications to appear as legitimate spam-filter alerts within organizations. These deceptive emails are designed to steal login credentials that could compromise email accounts, cloud storage, and other sensitive systems. “‹ The attack begins with an email claiming…
-
Operation Endgame schaltet Schadsoftware ab
Ermittler aus Deutschland sind gemeinsam mit internationalen Partnern erneut erfolgreich gegen Cyberkriminalität vorgegangen. BundeskriminalamtDank globaler Zusammenarbeit ist Ermittlern ein Schlag gegen die Verbreitung von Schadsoftware gelungen. Man habe “einen der gefährlichsten Stealer und einen der meistgenutzten Trojaner weltweit unschädlich gemacht”, teilten die Zentralstelle zur Bekämpfung der Internetkriminalität und das Bundeskriminalamt (BKA) mit. Solche Systeme nisten sich…
-
Operation Endgame: Police reveal takedowns of three key cybercrime tools
The Rhadamanthys infostealer, the VenomRAT remote access trojan and the Elysium botnet were targeted in the latest phase of the international police action known as Operation Endgame. First seen on therecord.media Jump to article: therecord.media/operation-endgame-cybercrime-takedowns-rhadamanthys-venomrat-elysium
-
Legitime Werbeplattformen als Einfallstore für Cyberangriffe
Check Point Software Technologies hat mithilfe seines External-Risk-Management-Teams ein weit verzweigtes Cybercrime-Netzwerk aufgedeckt. Dieses verwandelt legitime Werbeplattformen in Einfallstore für Cyber-Angriffe. Der unter dem Codenamen bekannte Zusammenschluss zielt seit Mitte 2023 auf Gehaltsabrechnungs- und Finanzsysteme ab, um Zugangsdaten zu stehlen und Gehaltszahlungen umzuleiten. Dabei ist dies nicht nur ein Zusammenschluss unabhängiger Täter, sondern […] First…
-
Operation Endgame: Authorities Takedown 1,025 Servers Linked to Rhadamanthys, VenomRAT, and Elysium
Between November 10 and 14, 2025, law enforcement agencies executed one of the most significant coordinated operations against cybercriminals in recent history. Operation Endgame, coordinated from Europol’s headquarters in The Hague, successfully dismantled three major threats to global cybersecurity: the infamous Rhadamanthys infostealer, the VenomRAT remote access trojan, and the Elysium botnet. This remarkable international…
-
Operation Endgame: Authorities Takedown 1,025 Servers Linked to Rhadamanthys, VenomRAT, and Elysium
Between November 10 and 14, 2025, law enforcement agencies executed one of the most significant coordinated operations against cybercriminals in recent history. Operation Endgame, coordinated from Europol’s headquarters in The Hague, successfully dismantled three major threats to global cybersecurity: the infamous Rhadamanthys infostealer, the VenomRAT remote access trojan, and the Elysium botnet. This remarkable international…
-
Beware of Fake Bitcoin Tools Concealing DarkComet RAT Malware
A newly discovered malware campaign is leveraging one of cybercriminals’ most effective lures cryptocurrency to distribute DarkComet RAT. This notorious remote access trojan continues to plague users despite being discontinued by its creator years ago. Security researchers have identified a suspicious executable masquerading as a Bitcoin wallet application, which, when executed, silently deploys the full…
-
Google asks US court to shut down Lighthouse phishing-as-a-service operation
Tags: control, crime, cyber, cybercrime, cybersecurity, email, google, government, incident response, law, malicious, network, phishing, risk, sans, scam, service, smishing, technology, threatWill have ‘minimal impact’: Ed Dubrovsky, chief operating officer of incident response firm Cypher, is skeptical of the effectiveness of court action. Phishing-as-a-service operations don’t have to be on American soil, he explained, so court orders and legislation will likely have minimal impact on smishing or phishing attacks.”However,” he added, “I can understand that even…
-
Google sues cybercriminal group Smishing Triad
Google sues China-based group using “Lighthouse” phishing kit in large-scale smishing attacks to steal victims’ financial data. Google filed a lawsuit against a cybercriminal group largely based in China that is behind a massive text message phishing operation, or “smishing.” The organization uses a phishing-as-a-service kit named “Lighthouse” to steal sensitive financial information by sending…
-
Google sues to dismantle Chinese phishing platform behind US toll scams
Google has filed a lawsuit to dismantle the “Lighthouse” phishing-as-a-service platform used by cybercriminals worldwide to steal credit card information through SMS phishing attacks impersonating the U.S. Postal Service and E-ZPass toll systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/google-sues-to-dismantle-chinese-phishing-platform-behind-us-toll-scams/
-
Öffentliche Verwaltung im Visier von Cyberspionen
Tags: access, alphv, bsi, cyberattack, cybercrime, encryption, germany, governance, government, infrastructure, lockbit, microsoft, open-source, phishing, qr, service, vulnerabilityLaut BSI haben es Cyberspione aktuell besonders auf die öffentliche Verwaltung abgesehen.Cyberspione haben es in Deutschland derzeit besonders auf die öffentliche Verwaltung abgesehen. Das geht aus dem aktuellen Lagebericht des Bundesamtes für Sicherheit in der Informationstechnik (BSI) hervor. Eine nennenswerte Anzahl von Geschädigten gab es demnach auch in den Sektoren Verteidigung, Rechtspflege, öffentliche Sicherheit und…
-
Attackers Use Quantum Route Redirect to Launch Instant Phishing on M365
KnowBe4 Threat Labs has uncovered a sophisticated phishing campaign that marks a turning point in cybercriminal capabilities. The threat landscape is shifting dramatically with the emergence of Quantum Route Redirect. This powerful automation tool transforms complex phishing operations into simple, streamlined attacks accessible to even less-skilled threat actors. Discovered in early August, Quantum Route Redirect…
-
New VanHelsing Ransomware-as-a-Service Hits Windows, Linux, BSD, ARM and ESXi
A sophisticated new ransomware operation dubbed VanHelsing has emerged as a rapidly expanding threat in the cybercriminal landscape. First observed on March 7, 2025, this operation functions as a Ransomware-as-a-Service (RaaS) platform, licensing its destructive capabilities to affiliated threat actors and demonstrating alarming speed in scaling attacks across diverse infrastructure platforms. VanHelsing operates under a…
-
Attackers Use Quantum Route Redirect to Launch Instant Phishing on M365
KnowBe4 Threat Labs has uncovered a sophisticated phishing campaign that marks a turning point in cybercriminal capabilities. The threat landscape is shifting dramatically with the emergence of Quantum Route Redirect. This powerful automation tool transforms complex phishing operations into simple, streamlined attacks accessible to even less-skilled threat actors. Discovered in early August, Quantum Route Redirect…
-
New VanHelsing Ransomware-as-a-Service Hits Windows, Linux, BSD, ARM and ESXi
A sophisticated new ransomware operation dubbed VanHelsing has emerged as a rapidly expanding threat in the cybercriminal landscape. First observed on March 7, 2025, this operation functions as a Ransomware-as-a-Service (RaaS) platform, licensing its destructive capabilities to affiliated threat actors and demonstrating alarming speed in scaling attacks across diverse infrastructure platforms. VanHelsing operates under a…
-
Danabot Malware Reemerges with Version 669 After Operation Endgame
The notorious Danabot banking malware has made a comeback with the release of version 669, marking a significant return after nearly six months of silence following the coordinated law enforcement takedown known as Operation Endgame in May 2025. The resurgence signals that cybercriminals behind the malware have successfully regrouped and reestablished their command-and-control (C2) infrastructure…
-
Crypto-less Crypto Investment Scams: A California Case
Tags: access, apt, blockchain, breach, business, china, communications, control, crime, crypto, cybercrime, data, email, finance, group, intelligence, international, jobs, network, office, organized, scam, theft, tool, usaMy readers will know by now that I am addicted to PACER – the Public Access to Court Electronic Records. When I see headlines like this one, I am compelled to dive in and read every publicly released document related to the case. USAO Central California The headline last month was that Shengsheng He, a…
-
Crypto-less Crypto Investment Scams: A California Case
Tags: access, apt, blockchain, breach, business, china, communications, control, crime, crypto, cybercrime, data, email, finance, group, intelligence, international, jobs, network, office, organized, scam, theft, tool, usaMy readers will know by now that I am addicted to PACER – the Public Access to Court Electronic Records. When I see headlines like this one, I am compelled to dive in and read every publicly released document related to the case. USAO Central California The headline last month was that Shengsheng He, a…
-
âš¡ Weekly Recap: Hyper-V Malware, Malicious AI Bots, RDP Exploits, WhatsApp Lockdown and More
Cyber threats didn’t slow down last week”, and attackers are getting smarter. We’re seeing malware hidden in virtual machines, side-channel leaks exposing AI chats, and spyware quietly targeting Android devices in the wild.But that’s just the surface. From sleeper logic bombs to a fresh alliance between major threat groups, this week’s roundup highlights a clear…