Tag: russia
-
Russian nationals charged with operating crypto mixers that masked cybercrime funds
The DOJ said the men behind Blender.io and Sinbad.io “made it easier for state-sponsored hacking groups” to profit off their crimes. First seen on cyberscoop.com Jump to article: cyberscoop.com/russians-crypto-mixers-doj-charges/
-
US government charges operators of crypto mixing service used by North Korea and ransomware gangs
Three Russian citizens were charged with money laundering for their role in operating Blender.io and Sinbad.io crypto mixing services. First seen on techcrunch.com Jump to article: techcrunch.com/2025/01/10/us-government-charges-operators-of-crypto-mixing-service-used-by-north-korea-and-ransomware-gangs/
-
Banshee macOS stealer supports new evasion mechanisms
Experts found a new version of the Banshee macOS information stealer which was enhanced with new evasion mechanisms. Check Point researchers discovered a new version of the Banshee macOS infostealer which is distributed through phishing websites and fake GitHub repositories, often masqueraded as popular software. In August 2024, Russian crooks advertised a macOS malware called…
-
Russia Carves Out Commercial Surveillance Success Globally
Growing sales of the System for Operative Investigative Activities (SORM), a Russian wiretapping platform, in Central Asia and Latin American suggests increasing risks for Western businesses. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/russia-commercial-surveillance-success-globally
-
DoJ Indicts Three Russians for Operating Crypto Mixers Used in Cybercrime Laundering
The U.S. Department of Justice (DoJ) on Friday indicted three Russian nationals for their alleged involvement in operating the cryptocurrency mixing services Blender.io and Sinbad.io.Roman Vitalyevich Ostapenko and Alexander Evgenievich Oleynik were arrested on December 1, 2024, in coordination with the Netherlands’ Financial Intelligence and Investigative Service, Finland’s National Bureau of First seen on thehackernews.com…
-
Bots identified pushing anti-NATO messages in Croatian presidential runoff
Researchers say pro-Russian, anti-EU and anti-NATO bot networks are trying to influence conversations on various social media platforms and news sites ahead of a runoff election in Croatia.]]> First seen on therecord.media Jump to article: therecord.media/bots-pushing-anti-nato-messages-croatian-election
-
Banshee macOS Malware Expands Targeting
The latest version of the Banshee macOS information stealer no longer checks if the infected systems have the Russian language installed. The post Banshee macOS Malware Expands Targeting appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/banshee-macos-malware-expands-target-list/
-
Malware targets Mac users by using Apple’s security tool
A variant of the Banshee macOS infostealer was seen duping detection systems with new string encryption copied from Apple’s in-house algorithm.A Check Point research, which caught the variant after two months of successful evasion, said threat actors distributed Banshee using phishing websites and fake GitHub repositories, often impersonating popular software like Google Chrome, Telegram, and…
-
Breach Roundup: Finland Detains Tanker Tied to Cable Sabotage
Also, Alleged Gravy Analytics Breach Exposes Location Data. This week, a Russian tanker linked to cable sabotage detained in Finland, a claimed Gravy Analytics breach exposed location data, a Mirai-based botnet exploited zero-day flaws, Dell updated framework flaws and a court sentenced a Florida woman for laundering millions in romance scams. First seen on govinfosecurity.com…
-
Network-ruining cyberattack disclosed by Russian ISP after Ukrainian hacker claims
First seen on scworld.com Jump to article: www.scworld.com/brief/network-ruining-cyberattack-disclosed-by-russian-isp-after-ukrainian-hacker-claims
-
New Mirai botnet targets industrial routers
Tags: access, attack, botnet, cctv, china, credentials, cve, cybercrime, data, ddos, exploit, germany, network, password, remote-code-execution, router, russia, update, vulnerability, zero-dayAccording to security analysis, the Gayfemboy botnet, based on the notorious Mirai malware, is currently spreading around the world. Researchers from Chainxin X Lab found that cybercriminals have been using the botnet since November 2024 to attack previously unknown vulnerabilities. The botnet’s preferred targets include Four-Faith and Neterbit routers or smart home devices.Experts from VulnCheck reported at the end of…
-
Banshee Stealer variant targets Russian-speaking macOS users
The Banshee Stealer is a stealthy threat to the rising number of macOS users around the world, including those in Russian-speaking countries, according to Check Point … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/01/09/banshee-stealer-variant-targets-russian-speaking-macos-users/
-
Hackers claim to breach Russian state agency managing property, land records
A group of hackers with unknown ties has claimed responsibility for breaching a Russian government agency, Rosreestr, which is responsible for managing property and land records.]]> First seen on therecord.media Jump to article: therecord.media/hackers-claim-to-breach-russian-state-agency-land-records
-
Ukrainian Cyber Alliance destroyed the connectivity of Russian ISP Nodex
A group of hacktivists, known as the Ukrainian Cyber Alliance, breached Russian ISP Nodex, stole sensitive documents, and wiped systems. Ukrainian Cyber Alliance hacked Russian ISP Nodex, stole sensitive data, and wiped systems, highlighting their cyberattack capabilities. The Ukrainian Cyber Alliance has been active since 2016, the Pro-Ukraine group has targeted Russian entities since the…
-
Major Russian Internet outage attributed to telecom network issues
First seen on scworld.com Jump to article: www.scworld.com/brief/major-russian-internet-outage-attributed-to-telecom-network-issues
-
PhishWP Impersonates Stripe, Spreads Across Russian Crime Forums
First seen on scworld.com Jump to article: www.scworld.com/brief/phishwp-wordpress-plugin-impersonating-stripe-spreads-across-russian-cybercrime-forums
-
Russian ISP confirms Ukrainian hackers “destroyed” its network
Russian internet service provider Nodex confirmed on Tuesday that its network was “destroyed” in a cyberattack claimed by Ukrainian hacktivists part of the Ukrainian Cyber Alliance First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/russian-isp-confirms-ukrainian-hackers-destroyed-its-network/
-
Ukrainian hackers take credit for hacking Russian ISP that wiped out servers and caused internet outages
The Russian ISP blamed the Ukrainian hackers for causing a “complete failure” across its internet infrastructure. First seen on techcrunch.com Jump to article: techcrunch.com/2025/01/08/ukrainian-hackers-take-credit-for-hacking-russian-isp-that-wiped-out-servers-and-caused-internet-outages/
-
Russian internet provider confirms its network was ‘destroyed’ following attack claimed by Ukrainian hackers
In a statement on the Russian social media platform VKontakte, the St. Petersburg-based company said the “planned” attack “destroyed” its infrastructure overnight. Nodex added that it was working to restore systems from backups but could not provide a timeline for when operations would fully resume.]]> First seen on therecord.media Jump to article: therecord.media/russian-internet-provider-says-network-destroyed-cyberattack
-
Mirai Botnet Variant Exploits Four-Faith Router Vulnerability for DDoS Attacks
A Mirai botnet variant has been found exploiting a newly disclosed security flaw impacting Four-Faith industrial routers since early November 2024 with the goal of conducting distributed denial-of-service (DDoS) attacks.The botnet maintains approximately 15,000 daily active IP addresses, with the infections primarily scattered across China, Iran, Russia, Turkey, and the United States. First seen on…
-
Silent Spies: How Russian Surveillance Systems Are Tracking You Worldwide
In an age where digital footprints can be traced with just a few clicks, surveillance technology has become a double-edged sword. While it can enhance security and improve services, it also poses significant privacy concerns. One of the most formidable players in this realm is Russia, whose surveillance technologies are expanding their reach across borders,…
-
PhishWP Plug-in Hijacks WordPress E-Commerce Checkouts
The malware, found on a Russian cybercriminal site, impersonates e-commerce payment-processing services such as Stripe to steal user payment data from legitimate websites. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/phishwp-plugin-hijacks-wordpress-e-commerce-checkouts
-
Finland finds Russian ‘spy’ ship anchor as subsea cable company demands ship’s seizure for compensation
Finnish authorities investigating a series of submarine cable breaks that took place on Christmas Day have located and retrieved an anchor suspected of being dragged along the Baltic Sea floor by the Eagle S, an alleged Russian spy ship.]]> First seen on therecord.media Jump to article: therecord.media/finland-russia-spy-ship-anchor
-
Russian hackers turn trusted online stores into phishing pages
Tags: breach, credentials, credit-card, cybercrime, cybersecurity, data, email, finance, hacker, phishing, risk, russia, service, tactics, theft, threat, wordpressIn a smart campaign, Russian cybercriminals are turning trusted online stores into phishing pages that capture sensitive details through convincing payment interfaces.According to a research by the cybersecurity firm Slashnext, the Russian miscreants have built a WordPress plugin, PhishWP, which creates fake payment pages that look like trusted services, such as Stripe.”WordPress is one of…
-
New PhishWP Plugin on Russian Forum Turns Sites into Phishing Pages
SlashNext has discovered a malicious WordPress plugin, PhishWP, which creates convincing fake payment pages to steal your credit card information, 3DS codes, and personal data. First seen on hackread.com Jump to article: hackread.com/phishwp-plugin-russian-hacker-forum-phishing-sites/
-
WordPress Plugin Exploited to Turn Legitimate Sites Into Phishing Traps
A WordPress plugin known as PhishWP, has been discovered on Russian cybercrime forums and is being exploited by cybercriminals to steal sensitive data from unsuspecting users. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/01/wordpress-plugin-exploited-to-turn-legitimate-sites-into-phishing-traps/
-
FireScam Android Malware Poses as Telegram Premium to Steal Data and Control Devices
An Android information stealing malware named FireScam has been found masquerading as a premium version of the Telegram messaging app to steal data and maintain persistent remote control over compromised devices.”Disguised as a fake ‘Telegram Premium’ app, it is distributed through a GitHub.io-hosted phishing site that impersonates RuStore a popular app store in the Russian…
-
Russian-Speaking Attackers Target Ethereum Devs with Fake Hardhat npm Packages
Cybersecurity researchers have revealed several malicious packages on the npm registry that have been found impersonating the Nomic Foundation’s Hardhat tool in order to steal sensitive data from developer systems.”By exploiting trust in open source plugins, attackers have infiltrated these platforms through malicious npm packages, exfiltrating critical data such as private keys, mnemonics, First seen…
-
Threat Intelligence Hot Shots Part 3: Episodes 4-13 (Compilation)
This is Episode 4 of Threat Intelligence Hot Shots. Sr. Threat Intelligence Analyst, Alex Ryan, and Peter discuss the recent shutdown of breach forums by the FDI, the increasing pace of advanced techniques and target scope of Russian state-sponsored threat actors, and two new vulnerabilities for Dealing routers. They advise limiting access to these devices……