Cyber Crime

Pierluigi Paganini June 19, 2017
Pinkslipbot banking Trojan exploiting infected machines as control servers

Pinkslipbot banking Trojan is a banking Trojan that uses a complicated multistage proxy for HTTPS-based control server communication. Security researchers at McAfee Labs have spotted a new strain of the Pinkslipbot banking malware (also known as QakBot/QBot) that leverages UPnP to open ports, allowing incoming connections from anyone on the Internet to communicate with the infected […]

Pierluigi Paganini June 19, 2017
Rufus malware used to empty ATMs running outdated OS in India

Indian authorities are facing with the Rufus malware, a malicious code used to clean out ATMs running outdated Windows XP software across states. Many security firms and law enforcement agencies are warning of malware-based attacks against ATM. Recently 27 people have been arrested by the Europol for jackpotting attacks on ATM across many countries in Europe. […]

Pierluigi Paganini June 17, 2017
Buckle Inc. confirmed credit card breach at its stores

An official statement issued by the Buckle Inc. retail confirmed that a point-of-sale malware was discovered on cash registers at its stores. A few hours ago, the popular investigator and cyber security expert Brian Krebs contacted the Buckle Inc. company after sources in the financial sector reported him about a possible card breach at the retailer. […]

Pierluigi Paganini June 16, 2017
New Code-injecting SOREBRECT Fileless Ransomware detected in the wild

The number of fileless malware continues to increase, recently security researchers spotted a new Fileless Ransomware dubbed Sorebrect. Sorebrect is able to inject malicious code into a legitimate system process (svchost.exe) on a targeted system and it terminates its binary to evade detection. It also make hard forensics analysis by deleting the affected system’s event logs using […]

Pierluigi Paganini June 16, 2017
False Flag Attack on Multi Stage Delivery of Malware to Italian Organisations

Researchers at the security firm Yoroi have discovered a False Flag Attack on Multi-Stage Delivery of Malware to Italian Organisations. Everything started from a well edited Italian language email (given to me from a colleague of mine, thank you Luca!) reaching out many Italian companies. The Italian language email had a weird attachment: ordine_065.js (it […]

Pierluigi Paganini June 15, 2017
Thailand: police raided massive click farms with more 500k SIM cards

Thailand: Police raided massive click farms, the agents have seized nearly half a million SIM cards and hundreds of iPhones used to promote products online. Police and army troops in Thailand has raided a massive click-fraud farm, the agents have seized nearly half a million SIM cards and hundreds of iPhones used to promote products online. The authorities have raided to rented houses […]

Pierluigi Paganini June 15, 2017
CashCrate Cash-for-Surveys Site breached, 6 Million accounts stolen

According to the data breach notification site LeakBase hackers have stolen 6 million accounts for the CashCrate Cash-for-Surveys Site. Another day another data breach, this time hackers have stolen 6 million accounts for CashCrate, a site where users can be paid to complete online surveys. The news was reported by Motherboard who obtained the database and confirmed that records […]

Pierluigi Paganini June 15, 2017
Victims of Jaff Ransomware now can decrypt their locked files for free thanks to Kaspersky

Victims of the Jaff ransomware can use an updated version of the Kaspersky Labs’s RakhniDecryptor tool to decrypt their encrypted files. Security researchers at Kaspersky Lab have discovered a weakness in the Jaff ransomware that allowed the researchers creating of decryption keys to unlock files encrypted by the malware. Once the victims were infected by the Jaff […]

Pierluigi Paganini June 15, 2017
European police target anti-malware detection services and their customers

An international operation conducted by the European police targeted customers of counter antivirus and crypter services: 6 arrested and tens of interviewed The Germany’s Kriminalinspektion Mayen along with the Europol’s European Cybercrime Centre (EC3) have arrested six individuals and interviewed dozens of suspects as part of an international law enforcement operation targeting the users of two […]

Pierluigi Paganini June 14, 2017
MACSPY – Remote Access Trojan as a service on Dark web

Reporters for the online service “Bleeping Computer” have uncovered a new threat to Apple being offered on the dark web, it is the MACSPY RAT. Reporters for the online service “Bleeping Computer” have uncovered a new threat to Apple being offered on the dark web. Thru their efforts the researchers for AlienVault were able to […]