May 13, 2023Ravie Lakshmanan A new phishing-as-a-service (PhaaS or PaaS) platform named Greatness has been leveraged by cybercriminals to target business users of the Microsoft 365 cloud service since at least mid-2022, effectively lowering the bar to entry for phishing attacks. "Greatness, for now, is only focused on Microsoft 365 phishing pages, providing its affiliates … [Read more...] about New Phishing-as-a-Service Platform Lets Cybercriminals Generate Convincing Phishing Pages
cybercriminals
Microsoft Takes Legal Action to Disrupt Cybercriminals’ Illegal Use of Cobalt Strike Tool
Apr 07, 2023Ravie Lakshmanan Microsoft said it teamed up with Fortra and Health Information Sharing and Analysis Center (Health-ISAC) to tackle the abuse of Cobalt Strike by cybercriminals to distribute malware, including ransomware. To that end, the tech giant's Digital Crimes Unit (DCU) revealed that it secured a court order in the U.S. to "remove illegal, legacy copies of … [Read more...] about Microsoft Takes Legal Action to Disrupt Cybercriminals’ Illegal Use of Cobalt Strike Tool
U.K. National Crime Agency Sets Up Fake DDoS-For-Hire Sites to Catch Cybercriminals
Mar 25, 2023Ravie LakshmananCyber Crime / DDoS Attack In what's a case of setting a thief to catch a thief, the U.K. National Crime Agency (NCA) revealed that it has created a network of fake DDoS-for-hire websites to infiltrate the online criminal underground. "All of the NCA-run sites, which have so far been accessed by around several thousand people, have been created to … [Read more...] about U.K. National Crime Agency Sets Up Fake DDoS-For-Hire Sites to Catch Cybercriminals
How cybercriminals tailor attacks for different age groups of gamers
These days, a 12 or 13-year-old kid can become a professional eSports player, while the youngest of them began his career at the ripe old age of… four! The gaming world has become much younger, but all gamers — both children and adults — face multiple cyberthreats. And scammers tailor each of their schemes with a particular age audience in mind. Although children spend less … [Read more...] about How cybercriminals tailor attacks for different age groups of gamers
How cybercriminals hijack Telegram accounts
Telegram users have recently begun encountering various Telegram messenger hijacking schemes. Things usually start off with a message from one of their contacts containing a link to some site. The bait can be an invitation to take part in an online vote or contest, a Telegram Premium gift or trial version, a request to sign a collective petition, or something else. What all … [Read more...] about How cybercriminals hijack Telegram accounts
Eternity Group Hackers Offering New LilithBot Malware as a Service to Cybercriminals
The threat actor behind the malware-as-a-service (MaaS) called Eternity has been linked to new piece of malware called LilithBot. "It has advanced capabilities to be used as a miner, stealer, and a clipper along with its persistence mechanisms," Zscaler ThreatLabz researchers Shatak Jain and Aditya Sharma said in a Wednesday report. "The group has been continuously enhancing … [Read more...] about Eternity Group Hackers Offering New LilithBot Malware as a Service to Cybercriminals
Prynt Stealer Contains a Backdoor to Steal Victims’ Data Stolen by Other Cybercriminals
Researchers discovered a private Telegram channel-based backdoor in the information stealing malware, dubbed Prynt Stealer, which its developer added with the intention of secretly stealing a copy of victims' exfiltrated data when used by other cybercriminals. "While this untrustworthy behavior is nothing new in the world of cybercrime, the victims' data end up in the hands of … [Read more...] about Prynt Stealer Contains a Backdoor to Steal Victims’ Data Stolen by Other Cybercriminals
Cybercriminals Developing BugDrop Malware to Bypass Android Security Features
In a sign that malicious actors continue to find ways to work around Google Play Store security protections, researchers have spotted a previously undocumented Android dropper trojan that's currently in development. "This new malware tries to abuse devices using a novel technique, not seen before in Android malware, to spread the extremely dangerous Xenomorph banking trojan, … [Read more...] about Cybercriminals Developing BugDrop Malware to Bypass Android Security Features
Cybercriminals Abusing Internet-Sharing Services to Monetize Malware Campaigns
Threat actors are capitalizing on the growing popularity of proxyware platforms like Honeygain and Nanowire to monetize their own malware campaigns, once again illustrating how attackers are quick to repurpose and weaponize legitimate platforms to their advantage. "Malware is currently leveraging these platforms to monetize the internet bandwidth of victims, similar to how … [Read more...] about Cybercriminals Abusing Internet-Sharing Services to Monetize Malware Campaigns
16 Cybercriminals Behind Mekotio and Grandoreiro Banking Trojan Arrested in Spain
Spanish law enforcement agencies on Wednesday arrested 16 individuals belonging to a criminal network in connection with operating two banking trojans as part of a social engineering campaign targeting financial institutions in Europe. The arrests were made in Ribeira (A Coruña), Madrid, Parla and Móstoles (Madrid), Seseña (Toledo), Villafranca de los barros (Badajoz), and … [Read more...] about 16 Cybercriminals Behind Mekotio and Grandoreiro Banking Trojan Arrested in Spain