Tag: theft
-
Starkiller Phishing Kit Clones Real Login Pages to Evade MFA Protections
New phishing framework Starkiller is enabling more convincing, scalable credential theft by proxying real login pages and bypassing multi-factor authentication (MFA), significantly raising the bar for defenders. Traditional phishing kits typically serve static HTML clones of popular login portals, which quickly become outdated when brands update their interfaces, creating telltale visual discrepancies. Starkiller takes a…
-
DPRK-Linked Hackers Continue Aggressive Crypto Attacks One Year After Bybit Breach
DPRK-linked operators are maintaining a relentless focus on the crypto sector, with activity accelerating rather than slowing in the year since the record-breaking Bybit breach. On 21 February 2025, threat actors linked to North Korea stole around 1.46 billion dollars in cryptoassets from Dubai-based exchange Bybit, in what remains the largest confirmed crypto theft to date. By…
-
Ukrainian man jailed for identity theft that helped North Koreans get jobs at US companies
A Ukrainian man has been sentenced for helping North Koreans gain fraudulent employment at dozens of U.S. companies and funnel that money back to the regime to fund its nuclear weapons program. First seen on techcrunch.com Jump to article: techcrunch.com/2026/02/20/ukrainian-man-jailed-for-identity-theft-that-helped-north-koreans-get-jobs-at-us-companies/
-
Silicon Valley Engineers Indicted for Alleged Trade Secret Theft From Google and Tech Firms
Federal authorities arrested three Silicon Valley engineers on Thursday, charging them with conspiring to steal trade secrets from Google and other tech giants. The case highlights growing insider threats in the chip design sector, where foreign adversaries could exploit sensitive data on processor security and cryptography. Samaneh Ghandali, 41, her husband Mohammadjavad Khosravi (aka Mohammad…
-
CharlieKirk Grabber Malware Targets Windows Systems to Steal Login Credentials
CharlieKirk Grabber is a Python-based Windows infostealer that focuses on rapid “smash”‘and”‘grab” credential theft and data exfiltration rather than long-term system control or destructive behavior. It targets browser”‘stored passwords, Wi”‘Fi keys, Discord tokens, and gaming sessions, then exfiltrates the collected data via third”‘party file hosting and encrypted Discord or Telegram channels. File Name CharlieKirk.exe File…
-
Ukrainian National Sentenced to 5 Years in North Korea IT Worker Fraud Case
A 29-year-old Ukrainian national has been sentenced to five years in prison in the U.S. for his role in facilitating North Korea’s fraudulent information technology (IT) worker scheme.In November 2025, Oleksandr “Alexander” Didenko pleaded guilty to wire fraud conspiracy and aggravated identity theft for stealing the identities of U.S. citizens and selling them to IT…
-
Man gets five years for aiding North Korean IT employment scam
Ukrainian national Oleksandr Didenko, 29, was sentenced in U.S. District Court to 5 years in prison for an identity theft scheme that enabled North Korean workers to secure … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/20/ukrainian-national-sentenced-id-entity-theft-north-korea-it-workers-identity-theft/
-
Massiv Attack: Android Trojan Targets IPTV Users
New Trojan May Soon Be Offered for Sale to Criminal Underground. Security researchers warn of Massiv, an Android Trojan – disguised as an IPTV app – targeting users who sideload streaming apps. The malware enables screen capture, overlays and credential theft – and may soon be marketed on criminal underground forums as malware as a…
-
CRESCENTHARVEST Campaign Targets Iran Protest Supporters With RAT Malware
Cybersecurity researchers have disclosed details of a new campaign dubbed CRESCENTHARVEST, likely targeting supporters of Iran’s ongoing protests to conduct information theft and long-term espionage.The Acronis Threat Research Unit (TRU) said it observed the activity after January 9, with the attacks designed to deliver a malicious payload that serves as a remote access trojan (RAT)…
-
Norton Healthcare to Pay $11M to Settle BlackCat Lawsuit
Cybercrime Gang Allegedly Stole 4.7 Terabytes of Data, Affecting 2.5M. Norton Healthcare, which operates nine hospitals and other care facilities in Kentucky and Indiana, has agreed to pay $11 million to settle class action litigation stemming from a 2023 data theft attack by ransomware-as-a-service gang Alphv/BlackCat that affected nearly 2.5 million people. First seen on…
-
A Vast Trove of Exposed Social Security Numbers May Put Millions at Risk of Identity Theft
A database left accessible to anyone online contained billions of records, including sensitive personal data that criminals appear to have not yet exploited. First seen on wired.com Jump to article: www.wired.com/story/a-mega-trove-of-exposed-social-security-numbers-underscores-critical-identity-theft-risks/
-
OpenClaw AI Framework v2026.2.17 Adds Anthropic Model Support Amid Credential Theft Bug Concerns
OpenClaw, the open-source autonomous AI assistant that has gained widespread adoption in early 2026, released version v2026.2.17 on February 17, 2026, introducing support for Anthropic’s latest Claude Sonnet 4.6 model. The release comes amid growing security concerns after researchers documented the first in-the-wild credential theft targeting OpenClaw configuration files by infostealer malware. New Anthropic Model…
-
ClawHavoc Infects OpenClaw’s ClawHub with 1,184 Malicious Skills, Exposing Data Theft Risks
A large-scale supply chain poisoning campaign dubbed ClawHavoc has hit OpenClaw’s official skill marketplace, ClawHub, with at least 1,184 malicious “Skills” historically published on the platform. The incident highlights how fast-growing AI agent ecosystems can become high-value malware distribution channels when plugins are easy to publish and users routinely grant agents broad system access. OpenClaw (previously known…
-
ClickFix Exploits Homebrew Workflow to Deploy Cuckoo Stealer for macOS Credential Theft
ClickFix is being weaponized against macOS developers by turning a trusted Homebrew workflow into a stealthy delivery channel for a new infostealer dubbed Cuckoo Stealer. The campaign shows how attackers can skip exploit chains entirely and instead rely on users to run the payload for them.”‹ The attack starts with typosquatted domains that closely mimic…
-
Malware Campaign Targets Crypto Users with Fake MetaMask Wallet and Remote Access Backdoor
An aggressive malware campaign targeting IT professionals in cryptocurrency, Web3, and AI to steal sensitive data and live crypto funds from victim wallets. The attackers pose as recruiters and use trojanized coding tasks to deliver two core malware families, BeaverTail and InvisibleFerret, which have been steadily upgraded with new data theft and wallet-targeting features. The…
-
Kettering Health Notifying Patients of Interlock Breach
Cybercrime Group First Listed Ohio Health System as a Data Theft Victim Last June. Ohio-based Kettering Health is notifying current and former patients and affiliates that their personal, health and financial information was potentially compromised in a May 2025 ransomware attack and data theft incident claimed by cybercriminal gang Interlock. First seen on govinfosecurity.com Jump…
-
Malicious Chrome Extension Exposes Facebook Business Manager Accounts to 2FA and Analytics Theft
A malicious Google Chrome extension, CL Suite by @CLMasters, which masquerades as a productivity tool for Meta Business Suite while silently stealing sensitive authentication data. Although the extension markets itself as a solution to >>remove verification popups<>generate 2FA codes,<< its actual function is to exfiltrate Two-Factor Authentication (2FA) seeds, one-time codes, and detailed business […] The…
-
Threat Actors Target OpenClaw Configurations to Steal Login Credentials
A new wave of infostealer activity targeting OpenClaw, an emerging AI assistant platform. The discovery marks a major turning point in the behavior of infostealer malware moving beyond browser and cryptocurrency theft to focus on AI configuration environments that hold deep digital identities and sensitive metadata. Hudson Rock detected a live infection where an infostealer successfully…
-
Fake Winter Olympics 2026 Stores Target Fans With Data-Theft Scams
Fake Winter Olympics 2026 stores are using lookalike domains and deep discounts to steal fans’ payment and personal data. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/fake-winter-olympics-2026-stores-target-fans-with-data-theft-scams/
-
Fake Winter Olympics 2026 Stores Target Fans With Data-Theft Scams
Fake Winter Olympics 2026 stores are using lookalike domains and deep discounts to steal fans’ payment and personal data. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/fake-winter-olympics-2026-stores-target-fans-with-data-theft-scams/
-
Fake Winter Olympics 2026 Stores Target Fans With Data-Theft Scams
Fake Winter Olympics 2026 stores are using lookalike domains and deep discounts to steal fans’ payment and personal data. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/fake-winter-olympics-2026-stores-target-fans-with-data-theft-scams/
-
Operation DoppelBrand Weaponizes Trusted Brands For Credential Theft
New phishing campaign dubbed Operation DoppelBrand targeted major financial firms like Wells Fargo First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/operation-doppelbrand-trusted/
-
New ZeroDayRAT Mobile Spyware Enables Real-Time Surveillance and Data Theft
Cybersecurity researchers have disclosed details of a new mobile spyware platform dubbed ZeroDayRAT that’s being advertised on Telegram as a way to grab sensitive data and facilitate real-time surveillance on Android and iOS devices.”The developer runs dedicated channels for sales, customer support, and regular updates, giving buyers a single point of access to a fully…
-
10 years later, Bangladesh Bank cyberheist still offers cyber-resiliency lessons
Tags: access, ai, application-security, attack, automation, backdoor, banking, ceo, cisco, ciso, compliance, control, credentials, crypto, cyber, cybercrime, cybersecurity, data-breach, defense, detection, endpoint, exploit, finance, fintech, firewall, framework, infrastructure, intelligence, international, malware, monitoring, network, north-korea, oracle, password, risk, service, software, theft, threat, tool, vulnerabilitySecurity shortcomings: Adrian Cheek, senior cybercrime researcher at threat exposure management firm Flare, said the Bangladesh Bank heist was possible because of a number of security shortcomings, including a failure to air gap critical infrastructure.”The Bank of Bangladesh had four servers and the same number of desktops connected to SWIFT,” Cheek says. “This infrastructure, however,…
-
ZeroDayRAT Exploit Targets Android iOS, Enabling Real-Time Surveillance and Massive Data Theft
A newly surfaced mobile spyware platform called ZeroDayRAT is rapidly gaining traction across underground Telegram channels. ZeroDayRAT is designed to give attackers complete remote control over both Android and iOS devices, supporting versions from Android 5 through 16 and iOS up to version 26, including the latest iPhone 17 Pro. The panel interface allows the operator to manage multiple infected devices worldwide as…
-
Snail mail letters target Trezor and Ledger users in crypto-theft attacks
Threat actors are sending physical letters pretending to be from Trezor and Ledger, makers of cryptocurrency hardware wallets, to trick users into submitting recovery phrases in crypto theft attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/snail-mail-letters-target-trezor-and-ledger-users-in-crypto-theft-attacks/