Cybercrime

Pierluigi Paganini April 19, 2020
Coronavirus-themed attacks April 12 – April 18, 2020

This post includes the details of the Coronavirus-themed attacks launched from April 12 to April 18, 2020. Threat actors exploit the interest in the Coronavirus outbreak while infections increase worldwide, experts are observing new campaigns on a daily bases. Below a list of attacks detected this week. April 14 – Crooks target Healthcare facilities involved […]

Pierluigi Paganini April 15, 2020
Coronavirus-themed attack: Experts uncovered flight refund scam

Experts at email security firm Mimecast has uncovered a flight refund scam that attempts to exploit the ongoing coronavirus outbreak. Researchers at email security firm Mimecast have uncovered a new flight refund scam that attempts to exploit the ongoing Coronavirus outbreak. The campaign is simple as effective, scammers attempt to target individuals that are waiting […]

Pierluigi Paganini April 15, 2020
How much is the phish? Underground market of phishing kits is booming – Group-IB

The report focuses on phishing kits – the driving force of the phishing industry, which is hard to detect but extremely valuable in terms of fight against phishing. Group-IB, a Singapore-based cybersecurity company, has found out that phishing kits are the new bestsellers of the underground market, with the number of phishing kit ads on underground forums and their […]

Pierluigi Paganini April 13, 2020
The Dutch police took down 15 DDoS-for-hire services in a week

Dutch authorities have taken down 15 DDoS-for-hire services in a week, this is another success of law enforcement in the fight against cybercrime. An operation conducted by Dutch authorities last week has shut down 15 DDoS-for-hire services (aka DDoS booters or DDoS stressor), states a press release published by Dutch police. The operation was conducted […]

Pierluigi Paganini April 13, 2020
Sodinokibi Ransomware crew chooses Monero for ransom payments

The crew behind the Sodinokibi Ransomware plans to stop accepting Bitcoin and switched on Monero cryptocurrency to hide the money trail. The gang behind the Sodinokibi Ransomware has started accepting the Monero cryptocurrency instead of Bitcoin to make it harder investigation by law enforcement agencies. The crew is planning to doesn’t allow bitcoin payments in […]

Pierluigi Paganini April 11, 2020
Hackers accessed staff mailboxes at Italian bank Monte dei Paschi

Monte dei Paschi, one of the biggest Italian banks, suffered a cyber attack, hackers accessed the mailboxes of some employees and sent emails to clients. Italian state-owned bank Monte dei Paschi discloses a security breach, hackers have accessed the mailboxes of some employees and sent emails to clients. The news was reported by the Reuters […]

Pierluigi Paganini April 10, 2020
DoppelPaymer crew leaked internal confidential documents belonging to aerospace companies

DoppelPaymer hackers leaked online internal confidential documents belonging to some of the largest aerospace companies in the world. The gang behind the DoppelPaymer ransomware has stolen internal confidential documents belonging to some of the largest aerospace companies in the world from the industrial contractor Visser Precision. Visser Precision is a parts maker for many companies […]

Pierluigi Paganini April 09, 2020
Travelex paid $2.3 Million ransom to restore after a ransomware attack

Travelex reportedly paid a $2.3 million ransom to decrypt its files after being encrypted by the infamous Sodinokibi ransomware. The UK-based currency exchange Travelex currency exchange has been forced offline following a malware attack launched on New Year’s Eve.  The London-based company, which operates more than 1,500 stores globally, suffered the attack on December 31, 2019, […]

Pierluigi Paganini April 09, 2020
Phishers prefer Tesla, top 3 malware strains in Coronavirus phishing campaigns

Group-IB’s CERT-GIB analyzed hundreds of coronavirus-related phishing emails and discovered top malware strains in COVID-19 campaigns Group-IB’s Computer Emergency Response Team (CERT-GIB) analyzed hundreds of coronavirus-related phishing emails between February 13 and April 1, 2020. Spyware turned out to be the most common malware class hiding in fraudulent COVID-19 emails, with AgentTesla topping the list of phishers’ favorite strains. Group-IB researchers also discovered that coronavirus […]

Pierluigi Paganini April 03, 2020
Magecart group 7 use new e-skimmer to steal payment data

RiskIQ researchers spotted a new ongoing Magecart campaign that already compromised at least 19 different e-commerce websites. Researchers from security firm RiskIQ have uncovered a new ongoing Magecart campaign that already compromised at least 19 different e-commerce websites to steal customers’ payment card data. The experts discovered a new software skimmer, dubbed “MakeFrame,” that injects […]