New Banking Trojan Targeting 100M Pix Payment Platform Accounts
A new Android banking Trojan called PixPirate is targeting more than 100 million Brazilian Pix instant payment accounts. The Pix payment platform was created and is operated by the Brazil Central Bank, and it’s used to make instant mobile payments across Latin America using a variety of banks. Researchers with the Cleafy TIR Team —…
Notorious Finnish Hacker ‘Zeekill’ Busted by French Police
French police arrested a notorious hacker who’s suspected of forming part of an extortion scheme that targeted a Finnish psychotherapy practice and its patients. Aleksanteri Tomminpoika Kivimäki, 25, is the focus of a European arrest warrant issued last October in Finland. He’s been charged with participating in the hack of Vastaamo Psychotherapy Center. The now-defunct…
Scores of Redis Servers Infested by Sophisticated Custom-Built Malware
An unknown threat actor has been quietly mining Monero cryptocurrency on open source Redis servers around the world for years, using a custom-made malware variant that is virtually undetectable by agentless and conventional antivirus tools. Since September 2021, the threat actor has compromised at least 1,200 Redis servers — that thousands of mostly smaller organizations…
Post-Macro World Sees Rise in Microsoft OneNote Documents Delivering Malware
In a continuing sign that threat actors are adapting well to a post-macro world, it has emerged that the use of Microsoft OneNote documents to deliver malware via phishing attacks is on the rise. Some of the notable malware families that are being distributed using this method include AsyncRAT, RedLine Stealer, Agent Tesla, DOUBLEBACK, Quasar…
6 Examples of the Evolution of a Scam Site
Fraudsters are getting more sophisticated about how they set up and make adjustments to brand impersonation scam sites — not just for phishing, but for all kinds of consumer fraud. A recent analysis by security researchers at Allure Security illustrates how brand impersonation sites are born, how they progress, and the evolutionary steps that fraudsters…
Rising ‘Firebrick Ostrich’ BEC Group Launches Industrial-Scale Cyberattacks
Business email compromise (BEC) has become one of the most popular methods of financially motivated hacking. And over the past year, one group in particular has demonstrated just how quick, easy, and lucrative it really is. In a Feb. 1 blog post, Crane Hassold, director of threat intelligence at Abnormal Security, profiled “Firebrick Ostrich” a…
Pro-Russia Killnet group hit Dutch and European hospitals
The Dutch National Cyber Security Centre (NCSC) reported that the websites of several hospital in the Netherlands and Europe were hit by DDoS attacks carried out by pro-Russia hacking group Killnet. The group of hackers launched the offensive against the hospitals in the European countries due to their support for Ukraine. “Hospitals in Europe, including…
Ransomware Hit on ION Group Delays EU Derivatives Trades
Attackers this week locked up the business of London-based ION Cleared Derivatives, a software firm that supports derivatives trading, forcing major European banks to process trades manually and prompting a major futures exchange to delay the settlement of trades for two hours. ION Cleared Derivatives, part of ION Group which offers software designed to automate…
Will Hive Stay Kaput After FBI Busts Infrastructure?
What’s not to love about an international law enforcement operation wreaking disruption on Hive, the ransomware-wielding crime syndicate? But with no suspects in jail, it’s unclear how long this takedown will stick before the bad guys get back their sting. There’s still plenty to celebrate since Hive, one of the world’s most active ransomware groups,…
HHS, AHA Warn of Surge in Russian DDoS Attacks on Hospitals
U.S. government and industry authorities are warning the healthcare sector of a surge in distributed-denial-of-service attacks in recent days against hospitals and other medical entities instigated by Russian nuisance hacking group KillNet. The American Hospital Association on Monday issued an alert for its members based on a warning also issued Monday by the Department of…
