Cybercrime & Digital Threats

We found a malicious app posing as Adobe Zii (a tool used to crack Adobe products) targeting macOS systems to mine cryptocurrency and steal credit card information.

In light of the massive data dump called Collection #1 and with more available for download and exchange in the underground, here are a few reminders for users and enterprises on how to mitigate threats on their personal information and enterprise assets.

We detail how a trojan spyware gathers and steals data disguised as TeamViewer, the popular file-sharing and communication program that also lets IT teams remotely access device of enterprise employees.

A new variant of the ransomware JobCrypter was observed in the wild, sending desktop screenshots of the infected machine to an email address and encrypting files twice.

While underground forums have long been the purview of digital or internet-enabled crimes, recent developments have shown signs of increasing synergy and interaction between traditional criminals and cybercrime actors.

We observed a sudden spike in JavaScript malware in more than 72,000 email samples that sourced and spread at least eight other kinds of malware – such as GandCrab ransomware and coinminers.

We found a wave of MongoLock ransomware attacks that immediately deletes important files upon infection and scans the backup drives for data deletion.

Although the general public thinks of underground forums as a place where scams and suspicious dealings are rampant, the opposite is usually true: the threat actors who inhabit these sites often consider their reputation a major asset.

The modern cybercrime landscape has changed much from around a decade ago, when most criminals either built their own toolsets or hired other developers to create them.