Tag: cybercrime
-
Police take down three cybercrime operations in latest round of ‘whackmole’
Authorities from nine countries took down three cybercrime operations, including the Rhadamantys infostealer, which allegedly had access to the crypto wallets of more than 100,000 victims. First seen on techcrunch.com Jump to article: techcrunch.com/2025/11/13/police-take-down-three-cybercrime-operations-in-latest-round-of-whack-a-mole/
-
A new round of Europol’s Operation Endgame dismantled Rhadamanthys, Venom RAT, and Elysium botnet
Europol’s Operation Endgame dismantles Rhadamanthys, Venom RAT, and Elysium botnet in a global crackdown on cybercriminal infrastructures. Europol and Eurojust have launched a new phase of Operation Endgame, carried out between November 10 and 13, 2025, dismantling major malware families including Rhadamanthys Stealer, Venom RAT, and the Elysium botnet as part of a global effort…
-
Phishing Emails Alert: How Spam Filters Can Steal Your Email Logins in an Instant
Cybercriminals have launched a sophisticated phishing campaign that exploits trust in internal security systems by spoofing email delivery notifications to appear as legitimate spam-filter alerts within organizations. These deceptive emails are designed to steal login credentials that could compromise email accounts, cloud storage, and other sensitive systems. “‹ The attack begins with an email claiming…
-
Operation Endgame schaltet Schadsoftware ab
Ermittler aus Deutschland sind gemeinsam mit internationalen Partnern erneut erfolgreich gegen Cyberkriminalität vorgegangen. BundeskriminalamtDank globaler Zusammenarbeit ist Ermittlern ein Schlag gegen die Verbreitung von Schadsoftware gelungen. Man habe “einen der gefährlichsten Stealer und einen der meistgenutzten Trojaner weltweit unschädlich gemacht”, teilten die Zentralstelle zur Bekämpfung der Internetkriminalität und das Bundeskriminalamt (BKA) mit. Solche Systeme nisten sich…
-
Operation Endgame: Police reveal takedowns of three key cybercrime tools
The Rhadamanthys infostealer, the VenomRAT remote access trojan and the Elysium botnet were targeted in the latest phase of the international police action known as Operation Endgame. First seen on therecord.media Jump to article: therecord.media/operation-endgame-cybercrime-takedowns-rhadamanthys-venomrat-elysium
-
Legitime Werbeplattformen als Einfallstore für Cyberangriffe
Check Point Software Technologies hat mithilfe seines External-Risk-Management-Teams ein weit verzweigtes Cybercrime-Netzwerk aufgedeckt. Dieses verwandelt legitime Werbeplattformen in Einfallstore für Cyber-Angriffe. Der unter dem Codenamen bekannte Zusammenschluss zielt seit Mitte 2023 auf Gehaltsabrechnungs- und Finanzsysteme ab, um Zugangsdaten zu stehlen und Gehaltszahlungen umzuleiten. Dabei ist dies nicht nur ein Zusammenschluss unabhängiger Täter, sondern […] First…
-
Operation Endgame: Authorities Takedown 1,025 Servers Linked to Rhadamanthys, VenomRAT, and Elysium
Between November 10 and 14, 2025, law enforcement agencies executed one of the most significant coordinated operations against cybercriminals in recent history. Operation Endgame, coordinated from Europol’s headquarters in The Hague, successfully dismantled three major threats to global cybersecurity: the infamous Rhadamanthys infostealer, the VenomRAT remote access trojan, and the Elysium botnet. This remarkable international…
-
Operation Endgame: Authorities Takedown 1,025 Servers Linked to Rhadamanthys, VenomRAT, and Elysium
Between November 10 and 14, 2025, law enforcement agencies executed one of the most significant coordinated operations against cybercriminals in recent history. Operation Endgame, coordinated from Europol’s headquarters in The Hague, successfully dismantled three major threats to global cybersecurity: the infamous Rhadamanthys infostealer, the VenomRAT remote access trojan, and the Elysium botnet. This remarkable international…
-
Beware of Fake Bitcoin Tools Concealing DarkComet RAT Malware
A newly discovered malware campaign is leveraging one of cybercriminals’ most effective lures cryptocurrency to distribute DarkComet RAT. This notorious remote access trojan continues to plague users despite being discontinued by its creator years ago. Security researchers have identified a suspicious executable masquerading as a Bitcoin wallet application, which, when executed, silently deploys the full…
-
Google asks US court to shut down Lighthouse phishing-as-a-service operation
Tags: control, crime, cyber, cybercrime, cybersecurity, email, google, government, incident response, law, malicious, network, phishing, risk, sans, scam, service, smishing, technology, threatWill have ‘minimal impact’: Ed Dubrovsky, chief operating officer of incident response firm Cypher, is skeptical of the effectiveness of court action. Phishing-as-a-service operations don’t have to be on American soil, he explained, so court orders and legislation will likely have minimal impact on smishing or phishing attacks.”However,” he added, “I can understand that even…
-
Google sues cybercriminal group Smishing Triad
Google sues China-based group using “Lighthouse” phishing kit in large-scale smishing attacks to steal victims’ financial data. Google filed a lawsuit against a cybercriminal group largely based in China that is behind a massive text message phishing operation, or “smishing.” The organization uses a phishing-as-a-service kit named “Lighthouse” to steal sensitive financial information by sending…
-
Google sues to dismantle Chinese phishing platform behind US toll scams
Google has filed a lawsuit to dismantle the “Lighthouse” phishing-as-a-service platform used by cybercriminals worldwide to steal credit card information through SMS phishing attacks impersonating the U.S. Postal Service and E-ZPass toll systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/google-sues-to-dismantle-chinese-phishing-platform-behind-us-toll-scams/
-
Öffentliche Verwaltung im Visier von Cyberspionen
Tags: access, alphv, bsi, cyberattack, cybercrime, encryption, germany, governance, government, infrastructure, lockbit, microsoft, open-source, phishing, qr, service, vulnerabilityLaut BSI haben es Cyberspione aktuell besonders auf die öffentliche Verwaltung abgesehen.Cyberspione haben es in Deutschland derzeit besonders auf die öffentliche Verwaltung abgesehen. Das geht aus dem aktuellen Lagebericht des Bundesamtes für Sicherheit in der Informationstechnik (BSI) hervor. Eine nennenswerte Anzahl von Geschädigten gab es demnach auch in den Sektoren Verteidigung, Rechtspflege, öffentliche Sicherheit und…
-
Attackers Use Quantum Route Redirect to Launch Instant Phishing on M365
KnowBe4 Threat Labs has uncovered a sophisticated phishing campaign that marks a turning point in cybercriminal capabilities. The threat landscape is shifting dramatically with the emergence of Quantum Route Redirect. This powerful automation tool transforms complex phishing operations into simple, streamlined attacks accessible to even less-skilled threat actors. Discovered in early August, Quantum Route Redirect…
-
New VanHelsing Ransomware-as-a-Service Hits Windows, Linux, BSD, ARM and ESXi
A sophisticated new ransomware operation dubbed VanHelsing has emerged as a rapidly expanding threat in the cybercriminal landscape. First observed on March 7, 2025, this operation functions as a Ransomware-as-a-Service (RaaS) platform, licensing its destructive capabilities to affiliated threat actors and demonstrating alarming speed in scaling attacks across diverse infrastructure platforms. VanHelsing operates under a…
-
Attackers Use Quantum Route Redirect to Launch Instant Phishing on M365
KnowBe4 Threat Labs has uncovered a sophisticated phishing campaign that marks a turning point in cybercriminal capabilities. The threat landscape is shifting dramatically with the emergence of Quantum Route Redirect. This powerful automation tool transforms complex phishing operations into simple, streamlined attacks accessible to even less-skilled threat actors. Discovered in early August, Quantum Route Redirect…
-
New VanHelsing Ransomware-as-a-Service Hits Windows, Linux, BSD, ARM and ESXi
A sophisticated new ransomware operation dubbed VanHelsing has emerged as a rapidly expanding threat in the cybercriminal landscape. First observed on March 7, 2025, this operation functions as a Ransomware-as-a-Service (RaaS) platform, licensing its destructive capabilities to affiliated threat actors and demonstrating alarming speed in scaling attacks across diverse infrastructure platforms. VanHelsing operates under a…
-
Danabot Malware Reemerges with Version 669 After Operation Endgame
The notorious Danabot banking malware has made a comeback with the release of version 669, marking a significant return after nearly six months of silence following the coordinated law enforcement takedown known as Operation Endgame in May 2025. The resurgence signals that cybercriminals behind the malware have successfully regrouped and reestablished their command-and-control (C2) infrastructure…
-
Crypto-less Crypto Investment Scams: A California Case
Tags: access, apt, blockchain, breach, business, china, communications, control, crime, crypto, cybercrime, data, email, finance, group, intelligence, international, jobs, network, office, organized, scam, theft, tool, usaMy readers will know by now that I am addicted to PACER – the Public Access to Court Electronic Records. When I see headlines like this one, I am compelled to dive in and read every publicly released document related to the case. USAO Central California The headline last month was that Shengsheng He, a…
-
Crypto-less Crypto Investment Scams: A California Case
Tags: access, apt, blockchain, breach, business, china, communications, control, crime, crypto, cybercrime, data, email, finance, group, intelligence, international, jobs, network, office, organized, scam, theft, tool, usaMy readers will know by now that I am addicted to PACER – the Public Access to Court Electronic Records. When I see headlines like this one, I am compelled to dive in and read every publicly released document related to the case. USAO Central California The headline last month was that Shengsheng He, a…
-
âš¡ Weekly Recap: Hyper-V Malware, Malicious AI Bots, RDP Exploits, WhatsApp Lockdown and More
Cyber threats didn’t slow down last week”, and attackers are getting smarter. We’re seeing malware hidden in virtual machines, side-channel leaks exposing AI chats, and spyware quietly targeting Android devices in the wild.But that’s just the surface. From sleeper logic bombs to a fresh alliance between major threat groups, this week’s roundup highlights a clear…
-
âš¡ Weekly Recap: Hyper-V Malware, Malicious AI Bots, RDP Exploits, WhatsApp Lockdown and More
Cyber threats didn’t slow down last week”, and attackers are getting smarter. We’re seeing malware hidden in virtual machines, side-channel leaks exposing AI chats, and spyware quietly targeting Android devices in the wild.But that’s just the surface. From sleeper logic bombs to a fresh alliance between major threat groups, this week’s roundup highlights a clear…
-
âš¡ Weekly Recap: Hyper-V Malware, Malicious AI Bots, RDP Exploits, WhatsApp Lockdown and More
Cyber threats didn’t slow down last week”, and attackers are getting smarter. We’re seeing malware hidden in virtual machines, side-channel leaks exposing AI chats, and spyware quietly targeting Android devices in the wild.But that’s just the surface. From sleeper logic bombs to a fresh alliance between major threat groups, this week’s roundup highlights a clear…
-
The Professionalised World of Cybercrime and the New Arms Race
Cybercrime is now a global, professionalised industry. Learn how AI, ransomware, and organised groups are reshaping cybersecurity and business defence. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/the-professionalised-world-of-cybercrime-and-the-new-arms-race/
-
The Professionalised World of Cybercrime and the New Arms Race
Cybercrime is now a global, professionalised industry. Learn how AI, ransomware, and organised groups are reshaping cybersecurity and business defence. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/the-professionalised-world-of-cybercrime-and-the-new-arms-race/
-
Hack halts Dutch broadcaster, forcing radio hosts back to LPs
A Dutch TV and radio broadcaster has found itself at the mercy of cybercriminals after suffering a cyber attack, and leaving it scrambling to find ways to play music to its listeners. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/hack-halts-dutch-broadcaster-forcing-radio-hosts-back-to-lps
-
Allianz UK joins growing list of Clop’s Oracle E-Business Suite victims
Insurance giant’s UK arm says cybercriminals misattributed the real victim First seen on theregister.com Jump to article: www.theregister.com/2025/11/10/allianz_uk_joins_growing_list/
-
APT Groups Target Construction Firms to Steal RDP, SSH, and Citrix Credentials
Tags: apt, china, citrix, credentials, cyber, cybercrime, group, iran, korea, network, north-korea, organized, ransomware, russia, threatThe construction industry has emerged as a primary target for sophisticated cyber adversaries in 2025, with threat actors including state-sponsored APT groups, ransomware operators, and organized cybercriminal networks actively targeting organizations across the building and construction sector. Nation-state actors from China, Russia, Iran, and North Korea are leveraging the industry’s rapid digital transformation and security…