Cybercrime

Pierluigi Paganini March 01, 2018
Victims of the GandCrab ransomware can decrypt their files for free using the decryptor

The GandCrab ransomware decryptor has been released by the Romanian Police (IGPR) under the supervision of the General Prosecutor’s Office (DIICOT) and in collaboration with the internet security company Bitdefender and Europol. Bitdefender has teamed up with Europol, the Romanian Police, and the Directorate for Investigating Organized Crime and Terrorism (DIICOT) to release a free […]

Pierluigi Paganini February 28, 2018
Experts warn Memcached DDoS attacks could be soon a dangerous threat

Security experts started observing a dangerous trend in DDoS amplification technique, Memcached DDoS Attacks. Security experts from some security firms have reported that threat actors have started abusing the memcached protocol to power distributed denial-of-service (DDoS) Attacks, so-called memcached DDoS attacks. Memcached is a free and open source, high-performance, distributed memory caching system designed to speed […]

Pierluigi Paganini February 28, 2018
CSE Malware ZLab – Malware Analysis Report: A new variant of Mobef Ransomware

Malware researchers at CSE Cybsec – ZLab have analyzed a new variant of Mobef ransomware, a malware that in the past mainly targeted Italian users. Malware researchers at CSE Cybsec – ZLab have analyzed a new variant of Mobef ransomware, that was involved in past attacks against Italian users. I personally obtained the sample by […]

Pierluigi Paganini February 27, 2018
Recently patched CVE-2018-4878 Adobe Flash Player flaw now exploited by cybercriminals

Security researchers at Morphisec have uncovered a massive hacking campaign that is exploiting the recently patched CVE-2018-4878 Adobe Flash Player vulnerability. Threat actors are exploiting the use-after-free flaw to deliver malware. The CVE-2018-4878 vulnerability was fixed by Adobe on February 6, after security experts discovered it was used by North Korea-linked APT37 group in targeted […]

Pierluigi Paganini February 26, 2018
Data Keeper Ransomware – An unusual and complex Ransom-as-a-Service platform

The Data Keeper Ransomware that infected systems in the wild was generated by a new Ransomware-as-a-Service (RaaS) service that appeared in the underground recently. A few days ago a new Ransomware-as-a-Service (RaaS) service appeared in the underground, now samples of the malware, dubbed Data Keeper Ransomware, generated with the platforms are have already been spotted in […]

Pierluigi Paganini February 25, 2018
Counterfeit Code-Signing certificates even more popular, but still too expensive

Code-signing certificates are precious commodities in the criminal underground, they are used by vxers to sign malware code to evade detection. Other precious commodities in the criminal underground are code-signing certificates, they allow vxers to sign the code for malware to evade detection. Operators of the major black markets in the darknets buy and sell code-signing certificates, but according to […]

Pierluigi Paganini February 25, 2018
Czech President wants Russian hacker Yevgeni Nikulin extradited to Russia instead of US

Czech President Milos Zeman wants the Russian hacker Yevgeni Nikulin to be extradited to Russia instead of the US, he is charged with hacking against social networks and frauds. Yevgeni Nikulin (29) was requested by the US for alleged cyber attacks on social networks and by the Russian authorities that charged him with frauds. According […]

Pierluigi Paganini February 25, 2018
Security Affairs newsletter Round 151 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Once again thank you! ·      COINHOARDER criminal gang made an estimated $50 million with a Bitcoin phishing campaign ·      Germanys defense minister: Cyber security is going to be the main focus of this decade. ·      JenkinsMiner made […]

Pierluigi Paganini February 24, 2018
2,000 Computers at Colorado DOT were infected with the SamSam Ransomware

SamSam Ransomware hit the Colorado DOT, The Department of Transportation Agency Shuts Down 2,000 Computers after the infection. SamSam ransomware made the headlines again, this time it infected over 2,000 computers at the Colorado Department of Transportation (DOT). The DOT has shut down the infected workstations and is currently working with security firm McAfee to restore the ordinary […]

Pierluigi Paganini February 24, 2018
FBI warns of spike in phishing campaigns to gather W-2 information

The FBI is warning of a spike in phishing campaigns aimed to steal W-2 information from payroll personnel during the IRS’s tax filing season. The FBI has observed a significant increase since January of complaints of compromised or spoofed emails involving W-2 information. “Beginning in January 2017, IRS’s Online Fraud Detection & Prevention (OFDP), which monitors for […]