FreshRSS

๐Ÿ”’
โ˜ โ˜† โœ‡ The Hacker News

LockBit Ransomware's Darknet Domains Seized in Global Law Enforcement Raid

By Newsroom โ€” February 20th 2024 at 05:25
Update: The U.K. National Crime Agency (NCA) has confirmed the takedown of LockBit infrastructure. Read here for more details.An international law enforcement operation has led to the seizure of multiple darknet domains operated by LockBit, one of the most prolific ransomware groups, marking the latest in a long list of digital takedowns. While the full extent of the effort, codenamed 
โ˜ โ˜† โœ‡ The Hacker News

Anatsa Android Trojan Bypasses Google Play Security, Expands Reach to New Countries

By Newsroom โ€” February 19th 2024 at 10:29
The Android banking trojan known as Anatsa has expanded its focus to include Slovakia, Slovenia, and Czechia as part of a new campaign observed in November 2023. "Some of the droppers in the campaign successfully exploited the accessibility service, despite Google Play's enhanced detection and protection mechanisms," ThreatFabric said in a report shared with The Hacker News.
โ˜ โ˜† โœ‡ The Hacker News

FBI's Most-Wanted Zeus and IcedID Malware Mastermind Pleads Guilty

By Newsroom โ€” February 18th 2024 at 07:12
A Ukrainian national has pleaded guilty in the U.S. to his role in two different malware schemes, Zeus and IcedID, between May 2009 and February 2021. Vyacheslav Igorevich Penchukov (aka Vyacheslav Igoravich Andreev, father, and tank), 37, was arrested by Swiss authorities in October 2022 and extradited to the U.S. last year. He was added to the FBI's most-wanted list in 2012. The U.S.
โ˜ โ˜† โœ‡ The Hacker News

RustDoor macOS Backdoor Targets Cryptocurrency Firms with Fake Job Offers

By Newsroom โ€” February 16th 2024 at 13:27
Multiple companies operating in the cryptocurrency sector are the target of an ongoing malware campaign that involves a newly discovered Apple macOS backdoor codenamed RustDoor. RustDoor was first documented by Bitdefender last week, describing it as a Rust-based malware capable of harvesting and uploading files, as well as gathering information about the infected machines. It's
โ˜ โ˜† โœ‡ The Hacker News

Chinese Hackers Using Deepfakes in Advanced Mobile Banking Malware Attacks

By Newsroom โ€” February 15th 2024 at 09:31
A Chinese-speaking threat actor codenamed GoldFactory has been attributed to the development of highly sophisticated banking trojans, including a previously undocumented iOS malware called GoldPickaxe that's capable of harvesting identity documents, facial recognition data, and intercepting SMS. "The GoldPickaxe family is available for both iOS and Android platforms,"
โ˜ โ˜† โœ‡ The Hacker News

Bumblebee Malware Returns with New Tricks, Targeting U.S. Businesses

By Newsroom โ€” February 14th 2024 at 11:18
The infamous malware loader and initial access broker known as Bumblebee has resurfaced after a four-month absence as part of a new phishing campaign observed in February 2024. Enterprise security firm Proofpoint said the activity targets organizations in the U.S. with voicemail-themed lures containing links to OneDrive URLs. "The URLs led to a Word file with names such as "
โ˜ โ˜† โœ‡ The Hacker News

U.S. Offers $10 Million Bounty for Info Leading to Arrest of Hive Ransomware Leaders

By Newsroom โ€” February 12th 2024 at 04:31
The U.S. Department of State has announced monetary rewards of up to $10 million for information about individuals holding key positions within the Hive ransomware operation. It is also giving away an additional $5 million for specifics that could lead to the arrest and/or conviction of any person "conspiring to participate in or attempting to participate in Hive ransomware activity."
โ˜ โ˜† โœ‡ The Hacker News

U.S. DoJ Dismantles Warzone RAT Infrastructure, Arrests Key Operators

By Newsroom โ€” February 11th 2024 at 10:54
The U.S. Justice Department (DoJ) on Friday announced the seizure of online infrastructure that was used to sell a remote access trojan (RAT) called Warzone RAT. The domains โ€“ www.warzone[.]ws and three others โ€“ were "used to sell computer malware used by cybercriminals to secretly access and steal data from victims' computers," the DoJ said. Alongside the takedown, the
โ˜ โ˜† โœ‡ The Hacker News

Raspberry Robin Malware Upgrades with Discord Spread and New Exploits

By Newsroom โ€” February 9th 2024 at 16:32
The operators of Raspberry Robin are now using two new one-day exploits to achieve local privilege escalation, even as the malware continues to be refined and improved to make it stealthier than before. This means that "Raspberry Robin has access to an exploit seller or its authors develop the exploits themselves in a short period of time," Check Point said in a report this
โ˜ โ˜† โœ‡ The Hacker News

HijackLoader Evolves: Researchers Decode the Latest Evasion Methods

By Newsroom โ€” February 8th 2024 at 10:28
The threat actors behind a loader malware called HijackLoader have added new techniques for defense evasion, as the malware continues to be increasingly used by other threat actors to deliver additional payloads and tooling. "The malware developer used a standard process hollowing technique coupled with an additional trigger that was activated by the parent process writing to a pipe,"
โ˜ โ˜† โœ‡ The Hacker News

Hackers Exploit Job Boards, Stealing Millions of Resumes and Personal Data

By Newsroom โ€” February 6th 2024 at 10:14
Employment agencies and retail companies chiefly located in the Asia-Pacific (APAC) region have been targeted by a previously undocumented threat actor known as ResumeLooters since early 2023 with the goal of stealing sensitive data. Singapore-headquartered Group-IB said the hacking crew's activities are geared towards job search platforms and the theft of resumes, with as many as 65
โ˜ โ˜† โœ‡ The Hacker News

Belarusian National Linked to BTC-e Faces 25 Years for $4 Billion Crypto Money Laundering

By Newsroom โ€” February 5th 2024 at 16:36
A 42-year-old Belarusian and Cypriot national with alleged connections to the now-defunct cryptocurrency exchange BTC-e is facing charges related to money laundering and operating an unlicensed money services business. Aliaksandr Klimenka, who was arrested in Latvia on December 21, 2023, was extradited to the U.S. and is currently being held in custody. If convicted, he faces a maximum penalty
โ˜ โ˜† โœ‡ The Hacker News

AllaKore RAT Malware Targeting Mexican Firms with Financial Fraud Tricks

By Newsroom โ€” January 27th 2024 at 06:55
Mexican financial institutions are under the radar of a new spear-phishing campaign that delivers a modified version of an open-source remote access trojan called AllaKore RAT. The BlackBerry Research and Intelligence Team attributed the activity to an unknown Latin America-based financially motivated threat actor. The campaign has been active since at least 2021. "Lures use Mexican Social
โ˜ โ˜† โœ‡ The Hacker News

Russian TrickBot Mastermind Gets 5-Year Prison Sentence for Cybercrime Spree

By Newsroom โ€” January 26th 2024 at 05:33
40-year-old Russian national Vladimir Dunaev has been sentenced to five years and four months in prison for his role in creating and distributing the TrickBot malware, the U.S. Department of Justice (DoJ) said. The development comes nearly two months after Dunaev pleaded guilty to committing computer fraud and identity theft and conspiracy to commit wire fraud and bank fraud. "
โŒ