Cyber Crime

Pierluigi Paganini March 17, 2020
Ursnif campaign targets Italy with a new infection Chain

Malware researchers from Cybaze-Yoroi ZLab have uncovered a new Ursnif campaign that is targeting Italy with a new infection chain. Introduction Ursnif is one of the most and widespread common threats today delivered through malspam campaigns. It appeared on the threat landscape about 13 years ago and gained its popularity since 2014 when its source […]

Pierluigi Paganini March 17, 2020
The parabola of a prolific cyber-criminal known as Dton

Check Point researchers detailed the activity of a prolific cyber-criminal known as ‘Dton’ that earned at least $100,000 US from his operations. Over the past few months, experts at Check Point have monitored the activity of a prolific cyber-criminal known as ‘Dton’. The man is active at least since 2013 and already earned at least […]

Pierluigi Paganini March 17, 2020
Attackers use a new CoronaVirus Ransomware to cover Kpot Infostealer infections

Coronavirus-themed attacks continue to increase, experts observed new Coronavirus ransomware that acts as a cover for Kpot Infostealer. Last week, security experts from MalwareHunterTeam detected new ransomware dubbed CoronaVirus has been distributed through a malicious web site that was advertising a legitimate system optimization software and utilities from WiseCleaner. In this campaign, crooks are exploiting the interest […]

Pierluigi Paganini March 15, 2020
Coronavirus-themed attacks February 1 – March 15, 2020

In this post, I decided to share the details of the Coronavirus-themed attacks launched from February 1 to March 15, 2020. February 1, 2020 – Crooks start exploiting Coronavirus as bait to spread malware Security researchers warn of campaigns aimed at spreading malware that exploits media attention on the COVID-19 epidemic. February 25, 2020 – South Korea […]

Pierluigi Paganini March 15, 2020
Noooo, now Ancient Tortoise BEC scammers are launching Coronavirus-Themed attacks

A cybercrime gang focused on Business Email Compromise (BEC) has started using coronavirus-themed scam emails in its attacks. While the Coronavirus is spreading worldwide cybercriminals and nation-state actors are launching COVID19-themed attacks on a global scale. Most of the attacks aimed at spreading malware to control victims’ computers and stealing sensitive data, but now a […]

Pierluigi Paganini March 15, 2020
BlackWater, a malware that uses Cloudflare Workers for C2 Communication

Crooks continue to abuse the interest in Coronavirus outbreak, now experts found a new backdoor called BlackWater that pretends to provide information about COVID-19. Experts found a new backdoor malware called BlackWater that pretends to provide information about the COVID-19 outbreak while abusing Cloudflare Workers as an interface to the C2 server. Cloudflare Workers provide a serverless execution […]

Pierluigi Paganini March 13, 2020
European police arrested tens of members of two SIM Hijacking Gangs

European authorities dismantled two cybercrime organizations responsible for stealing millions through SIM hijacking. European authorities managed to dismantle the operations of two cybercrime gangs responsible for stealing millions through SIM hijacking. In SIM hijacking attacks (aka SIM swapping attacks) crooks are able to port the phone number of the victims to a new SIM card […]

Pierluigi Paganini March 12, 2020
Card data stole from the Volusion security breach surfaces on the dark web

Security experts have discovered that card data stolen last year from Volusion-hosted online stores is now available for sale on the dark web. Experts from the threat intel firm Gemini Advisory have discovered that card data stolen last year from Volusion-hosted online stores have surfaced on the dark web. Volusion is a privately-held technology company that […]

Pierluigi Paganini March 12, 2020
Crooks use weaponized coronavirus map to deliver malware

While WHO declares the coronavirus outbreak a pandemic, crooks are attempting to exploit the situation to monetize their efforts. Cybercriminals continue to exploit the fear in the coronavirus outbreak to spread malware and steal sensitive data from victims. Experts from cybersecurity Reason reported cybercrimnals are using new coronavirus-themed attacks to deliver malware. Crooks are targeting […]

Pierluigi Paganini March 10, 2020
Microsoft disrupted US-Based Infrastructure of the Necurs botnet

Microsoft announced that it took over the US-based infrastructure used by the infamous Necurs spam botnet that infected millions of computers. Microsoft announced to have taken over the US-based infrastructure used by the Necurs botnet. The IT giant explained that success is the result of a coordinated legal and technical joint effort to disrupt the Necurs […]