Cybercrime

Pierluigi Paganini September 22, 2018
Ngrok Mining Botnet

The Ngrok campaign is unique in terms of its overall sophistication for a Docker-based attack vector. Specifically, it demonstrates a novel, dynamic and robust operational security model and the ability to detect and attack newly deployed and misconfigured infrastructure. Additionally, the campaign is sophisticated in seeking to detect, analyse and neutralise other competing crypto-mining malware. […]

Pierluigi Paganini September 21, 2018
Hackers stole $60 Million worth of cryptocurrencies from Japanese Zaif exchange

Cybercriminals have stolen 6.7 billion yen ($60 million) worth of cryptocurrencies from the Japanese digital currency exchange Zaif exchange. According to the Tech Bureau Corp., a Japanese cryptocurrency firm, hackers have compromised its Zaif exchange and have stolen 6.7 billion yen ($60 million) worth of cryptocurrencies, including Bitcoin, Monacoin, and Bitcoin Cash. The stole digital currencies […]

Pierluigi Paganini September 20, 2018
Sustes Malware: CPU for Monero

Sustes Malware doesn’t infect victims by itself, but it is spread via brute-force activities with special focus on IoT and Linux servers. Today I’d like to share a simple analysis based on a fascinating threat that I like to call Sustes (you will see name genesis in a bit). Everybody knows Monero cryptocurrency and probably everybody knows […]

Pierluigi Paganini September 19, 2018
Access to over 3,000 compromised sites sold on Russian black marketplace MagBo

Security experts at Flashpoint discovered the availability of the access to over 3,000 compromised sites sold on Russian black marketplace MagBo A new report published by researchers at Flashpoint revealed the availability on an underground hacking forum for Russian-speaking users of access to over 3,000 breached websites. “Access to approximately 3,000 breached websites has been discovered for […]

Pierluigi Paganini September 19, 2018
Mirai authors avoid the jail by helping US authorities in other investigations

Three men who admitted to being the authors of the Mirai botnet avoided the jail after helping the FBI in other cybercrime investigations. I’m following the evolution of Mirai botnet since MalwareMustDie shared with me the findings of its investigation in August 2016. Now three individuals who admitted to being the authors of the infamous botnet avoided the […]

Pierluigi Paganini September 18, 2018
New XBash malware combines features from ransomware, cryptocurrency miners, botnets, and worms

Palo Alto Network researchers discovered a new malware, tracked as XBash, that combines features from ransomware, cryptocurrency miners, botnets, and worms Security researchers at Palo Alto Networks have discovered a new piece of malware, dubbed XBash piece that is targeting both Linux and Microsoft Windows servers. Xbash was developed using Python, then the authors converted into […]

Pierluigi Paganini September 17, 2018
Greek authorities approved extradition of Russian hacker Alexander Vinnik to Russia

Greek authorities have approved the extradition of Russian Alexander Vinnik to Russia, Supreme Civil and Criminal Court of Greece overruled previous ones. The Greek authorities have approved the extradition of Russian Alexander Vinnik to Russia, the decision has surprised the media because the man was expected to be extradited in the US or France as previously announces. The decision […]

Pierluigi Paganini September 17, 2018
EOSBet Gambling application hacked, crooks stole $200,000 worth of EOS

The gambling application EOSBet was affected by a vulnerability in its smart contract system that has been exploited by attackers to steal $200,000 worth of EOS. The security breach was first reported by the member “thbourlove” of the EOSBet Reddit community that shared the code used to exploit the flaw. After seeing the exploit code, the EOSBet’s official Reddit account […]

Pierluigi Paganini September 16, 2018
Feedify cloud service architecture compromised by MageCart crime gang

MageCart cyber gang compromised the cloud service firm Feedify and stole payment card data from customers of hundreds of e-commerce sites. MageCart crime gang appears very active in this period, payment card data from customers of hundreds of e-commerce websites may have been stolen due to the compromise of the cloud service firm Feedify. Cloud service firm Feedify has […]

Pierluigi Paganini September 10, 2018
Fallout exploit kit appeared in the threat landscape in malvertising campaigns

At the end of August, security experts discovered a new exploit kit called Fallout that is being used to distribute the GandCrab ransomware. At the end of August, the threat analyst nao_sec discovered a new exploit kit called Fallout that is being used to distribute the GandCrab ransomware and other malicious codes, including droppers and potentially unwanted […]