Over the last two weeks, we saw the Clipminer malware gang stole $1.7M by hijacking crypto payments. According to researchers from Symantec, a Broadcom company, Clipminer is based on the KryptoCibule malware. In addition, get the latest insights into ransomware attacks, ransom payments, and the fast-changing cyber insurance healthcare market over the last year.
For more articles, check out our #onpatrol4malware blog.
WinDealer dealing on the side
Source: SecureList by Kaspersky
LuoYu is a lesser-known threat actor that has been active since 2008. It primarily goes after targets located in China, such as foreign diplomatic organizations established in the country, members of the academic community, or companies from the defense, logistics and telecommunications sectors. Read more.
Evasive phishing mixes reverse tunnels and URL shortening services
Source: Bleeping Computer
Security researchers are seeing an uptick in the use of reverse tunnel services along with URL shorteners for large-scale phishing campaigns, making the malicious activity more difficult to stop. Read more.
Conti Targets Critical Firmware
Source: Eclypsium
In late February of this year, an unknown individual began leaking internal information and communications from the notorious Conti ransomware organization. Read more.
Clipminer malware gang stole $1.7M by hijacking crypto payments
Source: Bleeping Computer
Threat analysts have discovered a large operation of a new cryptocurrency mining malware called Clipminer that brought its operators at least $1.7 million from transaction hijacking. Read more.
Evil Corp affiliates are using off-the-shelf ransomware to evade sanctions
Source: CyberScoop
Hackers likely affiliated with the notorious Russian cybercrime group Evil Corp are using off-the-shelf ransomware to evade U.S. sanctions, researchers at security firm Mandiant have found. Read more.
The State of Ransomware in Healthcare 2022
Source: Sophos News
Get the latest insights into ransomware attacks, ransom payments, and the fast-changing cyber insurance healthcare market over the last year. Read more.
Hackers steal WhatsApp accounts using a call forwarding trick
Source: Bleeping Computer
There’s a trick that allows attackers to hijack a victim’s WhatsApp account and gain access to personal messages and contact lists. The method relies on the mobile carriers’ automated service to forwarding calls to a different phone number. WhatsApp’s option is to send a one-time password (OTP) verification code via voice call. Read more.